An integrated app protection platform for agile fraud prevention

Financial institutions and online service providers are engaging customers via a widening array of channels as part of their digital transformation strategies. Today, it is commonplace for services to be offered and transacted via different end points such as the browser and mobile devices.

However, even as more critical services move online or to the cloud, fraud and the increasingly complex ways that cybercriminals carry them out remains the key issue for banks and consumers, according to Lim Chin Keng (pictured above), director of Security Solutions for APAC at F5 Networks.    

For example, account takeover is increasingly becoming a pervasive online fraud. “The fraudster or cyber criminal obtains the victim’s password and other personal identifiable information (PII) to carry out an unauthorised login to an account and perform transactions without the victim’s knowledge,” says Lim. “Financial malware or trojan that may have been unknowingly installed or embedded on the user’s device can easily steal a victim’s login credentials. This is also known as a man-in-the-middle (MITM) attack.”

While attackers often target individuals via the client end point, which is seen as the weakest link, through MITM attacks, they may blend in network and application attacks when targetting banks. This distracts banks’ security operations into focusing on tackling more visible attacks, while a more stealthy attack simultaneously works on a high-value fraudulent transaction.

“The one stealthy fraudulent transaction attack on the application or the end point will be lost in the tens of thousands of log entries,” says Lim.

These blended attacks simultaneously targetting the end point, network and application underline the need for an integrated application protection platform that ensures the security operations team is not blindsided with smoke screen network attacks like DDoS and to remain agile in the protection of their online and mobile banking services.

More than having visibility into the end points, the network and the application, it is important for security teams to co-related these three components in a multi-vector blended attack, Lim points out.

For this reason, F5 Network’s fraud protection solutions, WebSafe and MobileSafe, help banks protect browser and mobile device users from advanced MITM cyber threats, as part of its larger BIG-IP family of application intelligence applications.

Multi-vector protection

While the F5 fraud protection solutions secure the end point browser and mobile application use in real-time, F5’s BIG-IP Access Policy Manager (APM) provides granular application access control using end point context, F5’ Hybrid DDoS solution secures the network, F5’s SSL Inspection solution protects the SSL protocol traversing the network, and F5’s Web Application Firewall (WAF) solution protects the application. 

“Because of the integration, F5’s application protection platform provides better visibility and protection from multi-vector blended attacks,” Lim adds.

F5’s unified approach also extends to supporting authentication and authorization for web applications with the BIG-IP APM. “By consolidating web application access management and authentication services, organizations can realize a more cohesive, integrated identity and access management infrastructure that remains flexible while also maintaining a highly-positive security posture,” Lim explains.

To secure customer information and credentials and prevent identity theft and account takeovers, F5’s fraud protection services protect passwords and other personally identifiable information (PII) fields with encryption. Real-time and round-the-clock protection from fraud threats come from Websafe and Mobilesafe’s use of the same 24×7 security operations center (SOC) as F5’s Silverline DDoS and WAF cloud-based services .

“F5 SOC constantly monitors the fraud threat landscape, and analyzes risks and threats that threaten online services,” says Lim. “The F5 Threat Intelligence Research team provides real time-threat landscape oversight by monitoring end-point malware threats, network DDOS threats and application threats through globally deployed honey pots.”