JC-WebClient & Secure Bank

2019: Announcement of JC-WebClient & Secure Bank

On December 18, 2019 companies Aladdin R. D"." also Group-IB announced a release of the joint solution "JC-WebClient & Secure Bank" created for identification of the threats invisible for traditional antifraud- systems.

As it was reported, the main objectives of the solution are minimization of doubtful transactions in systems remote banking (RBS) and also the help financial to the organizations in observance of requirements and recommendations CENTRAL BANK about counteraction to plunders of money.

"JC-WebClient & Secure Bank" consists from applications for strict authentications and strengthened qualified electronic signature JC-WebClient from Aladdin R.D. and Group-IB Secure Bank - the systems of pro-active prevention of online fraud on all devices of the user from which it performs communications of page bank.

Unlike classical the solutions antifraud, Secure Bank reveals and stops suspicious activity in the mobile banking application or the system of Internet banking long before fraud implementation, revealing attempts to use the stolen credentials or to reproduce actions of the legitimate user. Secure Bank "sees" any deviations from typical transaction at the expense of the analysis of technical parameters of the device ("digital fingerprint") and behavior of the user allowing to create the "digital portrait" of the legitimate client of bank considering such parameters as movements by a mouse, a print speed, phone provision in a hand, effort and a spot of clicking a touchscreen, characteristics of "svayp" and many other things.

The JC-WebClient application is installed on the PC of the user and collects data on the device while Group-IB Secure Bank works at the party of bank and identifies devices of clients of bank in online and mobile channels, analyzes behavior of users and reveals existence of web injections, the malware and unauthorized access on smartphones, tablets, the PC, allowing to prevent attempts of online fraud taking into account the acquired information from JC-WebClient.

At user login of RBS JC-WebClient initiates loading of the module Group-IB Secure Bank which collects data on the device from which access, about behavior of the user and also indicators of a compromise and data from JC-WebClient is provided. All this goes to a server framework of Group-IB Secure Bank for real-time analysis and formation of a verdict about security of the device and typicality of the performed operation.

"JC-WebClient & Secure Bank" allows to include a verdict in the payment document at the time of commission of the signature that the antifraud system of bank gives the chance to make the decision on accomplishment of the payment order on the basis of the additional information on indicators of the fraudulent activity which is contained in the structure of UKEP of the payment document. Also the solution allows to conduct evidential base on each transaction which can be used in investigation of incidents and permission of conflict situations, so to reduce risks both for users of RBS, and for banks.

The solution helps banks to correspond 167-FZ of June 27, 2018 ("About making changes in separate legal acts of the Russian Federation regarding counteraction to plunder of money"), to the methodical recommendations of the Bank of Russia of July 21, 2017 No. 18-MP ("About approaches to management of credit institutions of risk of legalization (washing) of income gained in the criminal way and terrorism financings", to subparagraph 2-3) and the standard of the Bank of Russia of service station of BR IBBS-1.3-2016 ("Information security support of the organizations of a banking system of the Russian Federation", subparagraph 6.3.1 partially).