Newsletter Q1 2024
IBM Trusteer Pinpoint
Detection enhancements
To improve the detection capabilities of Pinpoint, we made the following improvements and enhancements:
- Improved the timing association of behavioral biometrics keystrokes collections to the collection page. This increases the accuracy of the collection within the browsing session, which helps to improve detection efficacy.
- Enhanced our social engineering detection by using new machine-learning models that are based on keystroke and mouse movement collections and extra models that are based on transactional data supplied by customers.
- Enhanced the mobile device risk calculation by including extra risky application types that are installed on the device in the calculation, such as crypto applications.
Pinpoint policy performance
We made a number of changes to Pinpoint in this quarter to improve several Pinpoint performance aspects:
- Implemented a cache for frequently used policy rules.
- Reduced the start-up time for Pinpoint server instances when Pinpoint is under heavy load.
- Added detection capabilities for customers that use both the Pinpoint API and the Pinpoint API fallback method to reduce duplicate policy runs.
Pinpoint API
- Accessing the Pinpoint API
We updated the Pinpoint API JWT deployment guidelines, including clarification of the token renewal process. These changes are recommended for all customers that use or are planning to use tokens to access Pinpoint API. For more information, see Accessing the Pinpoint API.
- Pinpoint API Response enhancements
We enhanced Pinpoint Assure and updated the insights that are returned in the Pinpoint API. The fields
risky_device
andrisky_connection
are now available to Pinpoint Assure customers and can be used for custom risk calculations. See Device Intelligence Parameters and Network Intelligence Parameters.
Security
To improve web traffic security, we added the X-Content-Type-Options header to all responses with
a value of nosniff
. For more information, see X-Content-Type-Options
Web and mobile malware detection
Our web and mobile researchers detected and released notifications for the following new malware campaigns that attack several different regions:
- Fakext - "Campaign Alert of New Web Malware Fakext Targets Customers in LATAM", see New Fakext malware targets Latin American banks
- PixPirate - PixPirate: The Brazilian financial malware you can't see
- ReBot - "New Campaign Alert of Malware ReBot Targets Customers Worldwide"
IBM Trusteer Mobile SDK
Mobile SDK supported platform and versions
- Mobile SDK 5.6 and above are supported.
From 1 September 2024, Mobile SDK 5.6 and all its minor versions will become unsupported.
For more information, see Support Lifecycle.
- Supported platforms (in supported Mobile SDK versions)
- iOS - supports iOS 14 and later
- Android - supports Android 8 and later
- Supported iOS development environments: Xcode 14.1 or later (aligned with Apple)
- Supported Android development environments: Android Studio 3.1.1 or later
IBM Trustboard
- TMA sunset - IBM Trusteer completed the sunset of the Trusteer Management Application (TMA) worldwide. During Q1 2024, we have continued to the migrate the TMA functions to Trustboard.
- Table settings - We added new functionality to the tables that are used in Trustboard to provide extra capabilities to users that customize tables; for example, changing column order and sorting. With this change, the settings for each table in Trustboard are now independent from each other.
- Session Status - We added several new features to the Session Status page:
- A tab to provide troubleshooting information in cases where there were problems with the submitted CSID.
- You can search for sessions that were older than 48 hours by providing the PUID.
- Added transaction data to the displayed Pinpoint API information.
- Export to CSV - When you export the session or alert data, you can select in the Preferences menu whether to export all columns or only visible columns that appear in the table.
- New device attributes - We added 4 new attributes to the session information that you see
throughout Trustboard.
- Mobile channel: SDK version, Call in progress, and Device language
- Online channel: Client language
- Server-side settings - To help customers that work in environments that do not allow Trustboard to save settings on the client, we have updated the infrastructure to use server-side settings for Trustboard.
IBM Trusteer Rapport
Rapport version 2304 released for Windows 11, version 23H1 and Windows 10, version 22H2.