Graphic Airlock Secure Acces Hub

Fraud prevention

Good technology versus bad intentions

The Secure Access Hub stops fraudulent actions before they even reach an application or service. Security alerts of suspicious sessions are triggered in a timely manner and valuable technical information is stored for detailed analysis.

Effective fraud prevention

User interaction attributes such as IP address, browser, malware detection and monitor resolution are recorded and checked by the Web Application Firewall (WAF). All these attributes are monitored in so-called ‘client and session fingerprinting’ to identify manipulation attempts within a session or to detect session hijacking.

An additional option to prevent fraud on the WAF is dynamic whitelisting or Dynamic Value Endorsement (DyVE). Typical use cases include online banking transactions: Airlock uses DyVE to ensure that payment orders can only be charged to accounts that have previously been presented for selection by the banking server.

The effectiveness of fraud prevention measures increases considerably when combined with risk-based authentication.  



Additional protection with IBM® Security Trusteer® Pinpoint

Integrating IBM®’s Security Trusteer® Pinpoint into the Secure Access Hub provides additional boost in fraud prevention. The Pinpoint solution identifies banking trojans by their behaviour and generates biometric user profiles. If the behaviour of a session deviates from that expected from the known user the emergency brakes are triggered.

With the Airlock Pinpoint add-on, Pinpoint can be quickly and easily integrated into Airlock with no need to change back-end services. The combination of IBM Pinpoint and Airlock’s on-board features delivers a comprehensive and centralised approach to fraud management.

Machine learning with Detect-F

If an attacker succeeds in feeding fraudulent transactions, despite all security measures, the Detect-F fraud detection solution needs to be deployed. This machine-learning-based solution is used in conjunction with the Secure Access Hub. Detect-F factors in business-specific payment information, such as recipient, payment metadata, amounts, frequencies and other variables. This ensures that technical indicators and business specific information are integrated using state-of-the-art methods to identify attempted fraud, reliably and automatically.

Highlights of fraud prevention

  • Client fingerprinting
  • Dynamic whitelisting (DyVE)
  • Risk-based authentication
  • Strong authentication
  • IBM® Security Trusteer® Pinpoint integration
  • Detect-F
  • Machine learning

Ready for excellent IT security?

Contact us now.
Ergon Informatik AG+41 44 268 87 00

Information for you

-Our whitepaper-

IT-security solutions

Digitalisation is presenting businesses with new challenges which go far beyond information technology. This primarily relates to an aspect which is becoming increasingly important: IT security.

Read our whitepaper to find out how IT-Security will become the pioneer of degitalization.

Request free of charge

Accelerate digitisation

To stay technically viable in this digital transformation, you must increasingly switch to hybrid cloud environments. This requires new security approaches as well as coordinated identity and access management.

Find out more in our whitepaper in collaboration with Deloitte, eperi and SHE.

Request free of charge

OWASP Top 10 for API Security

OWASP has created a new Top10 list for API Security. The top 10 listed reflect a broad consensus on what the most important API security issues are at the moment.

In our whitepaper you will learn how our Airlock API addresses the OWASP Top 10.

Request free of charge