BRD security staff evaluated the need to offer security protections to the customer endpoint, the weak link in banking security.
The bank deployed advanced fraud prevention solutions from IBM that help detect, block and remediate malware, and detect phishing threats on infected customer endpoints.
Improved detection and protectionagainst malware and phishing threats
Reduced riskand increased customer satisfaction
Faster remediationand time saved
Business challenge story
Addressing the weak link in online banking security
Several years ago, Mihai Andries, Chief Information Security Officer for BRD, sought to proactively expand security protections to the customer endpoint, the weak link in banking security. While the bank had not experienced fraud losses through its online banking channel, Andries and his team believed that it was worth proactively addressing this increasingly at-risk area.
“From the hacker’s point of view, the client endpoint is more susceptible to attack than the bank’s infrastructure,” says Andries. “There are significant browser and operating system vulnerabilities that can be exploited by criminals to intercept traffic, inject fake pages and steal credentials. We wanted to offer our clients an efficient solution that could rapidly detect malware and phishing attacks, and remove any infections.”
Focusing on the root cause of fraud—malware and phishing attacks
BRD evaluated several solutions before selecting an advanced fraud protection solution from IBM. “We chose Trusteer software based on our comparative analysis, analyst reports and recommendations from colleagues at Groupe Société Générale,” says Andries.
Today, IBM® Security Trusteer Rapport® software is offered as a free download to all of the company’s business customers. The software helps protect users against phishing and malware attacks—including financial zero-day malware—and helps prevent the tampering of online banking transactions to create a safer online banking experience.
In cases where customers have not yet downloaded Trusteer Rapport software, the bank uses IBM Security Trusteer Pinpoint Malware Detection Advanced Edition software to help security staff automatically and accurately detect when malware-infected devices are accessing the bank’s website.
“We recommend Trusteer Rapport to our business banking customers to protect against potential fraud and we complement it with Trusteer Pinpoint Malware Detection so that we can deliver protections to all our business customers,” says Remus Oprea, Operational Security Coordinator, BRD.
Protecting against emerging threats
Improved detection and protection against malware and phishing threats, along with faster remediation, is helping security staff to reduce risk while increasing customer satisfaction. For example, in mid-2014, when Dyre, an advanced financial trojan that targeted banks worldwide, appeared, Trusteer Rapport software was able to block threats.
“Customers who had downloaded Rapport were protected from Dyre malware early on,” says Andries. “We were able to inform our executives of this fact and demonstrate how we could protect customers against this new threat as it emerged.”
Additionally, Trusteer software has helped reduce the time required to track, investigate and report on threats—time that can now be redirected to other activities, including customer education programs.
About BRD-Groupe Société Générale
BRD-Groupe Société Générale (BRD) is the second largest bank in Romania based on assets and is the leading bank in the Romanian syndicated loans market. BRD serves 2.2 million customers and operates a network of approximately 870 branches.
- Trusteer Pinpoint
- Trusteer Rapport