Some of the latest cyber attacks seek to steal information using man-in-the-browser (MITB) attacks. These represent a dangerous trend because they circumvent even the strongest authentication techniques by hijacking the session after the user has authenticated a bank or other site.
Threat intelligence start up buguroo is looking to combat this with its new online fraud detection solution that can detect hijacked sessions in real time and stop them before any money leaves the bank.
The company's new bugFraud Defense technology is entirely host- and cloud-based and doesn't require any action, such as installing software or an agent, by an end-user client in order to be protected. The buguroo software is transparent to the user, requires minimal resources and doesn't degrade the user experience or performance.
"Any online fraud detection solution that still relies on signatures or requires users to take action is based on a failed model," says Pablo de la Riva Ferrezuelo, CTO and founder of buguroo. "Industry research shows that 'opt-in' models that require installing client-side software at best get low single digit percentage participation. Study after study shows users expect their service providers to protect them, and they are not willing to help. Period. That's what we do".
The solution is implemented at web server level for both development and security teams. It then requires only a lightweight modification in regular server content to link online sessions to the cloud-based fraud detection engine.
Available immediately in the US, Europe and Latin America, buguroo bugFraud Defense can be bought as a standalone product or as part of bugThreats, the company's comprehensive threat intelligence platform, also announced today. The company is targeting those sectors most commonly attacked by cyber criminals, banking, social networking and e-commerce. More information is available on the buguroo website.
Photo credit: Lichtmeister / Shutterstock