What FI’s
need

Comodo Solution

How it works

Advantages

Alternative Technology Approaches

Competitive Technology Providers

Limits

FI can authenticate identity of User and User can authenticate the bank

Comodo TF (Two Factor) Solution: 

1) Server application and PKI service to automatically issue/ manage Client  Certificates for User authentication 

plus

2) Comodo Content Verification Certificates (CVC) so User can authenticate FI site identity

Digital Client Certificates:
- An FI can authenticate User since PC is secured to act like a “smart card”.

CVCs are digital certificates that protect content so User can irrefutably verify site ID:
- Key content such as log-in box are protected via CVCs
- Protected content will display a green border OUTSIDE the browser

Digital Client Certificates:
- “Plug ‘n authenticate” - requires no banking application integration

- Prevents Man-in-the-Middle attacks

- Customers continue current behavior
- Can be deployed within days
- Very cost efficient
- Highly configurable
- Easy to deploy and support

CVC:
- Impervious to Man-in-the-Middle attacks
- Phishing and pharming sites exposed immediately

Security cookies on User’s PC 

- Tricipher
- Site Key (Passmark) 
- eSphinx (Cyota)

- Subject to Man-in-the-Middle attacks
- Highly vulnerable  since Users can (and do) delete cookies

IP analysis 

- Tricipher
- Site Key (Passmark)
- eSphinx (Cyota)
- Cavian

- Users potentially need to add extra authentication steps each time IP address changes
- Increased customer care issues to manage locked out accounts

Image recognition

- Site Key (Passmark)
- eSphinx
- Cavian

- Subject to Man-in-the-Middle attacks

Matrix (e.g. Grid cards)

- Private label solutions from service providers
- EnTrust

- Requires significant changes to User experience
- Difficult to support
- Difficult to configure and customize

Tokens

- RSA
- ActivIdentity

- Expensive
- Difficult to support
- Most suitable for very complex financial interactions

ID assurance for email communications to clients

Comodo Email Certificates

Email certificates provide a digital signature and encryption to email communications which authenticates email origins,. 

Enabling customers to identify legitimate bank communications

None.
PKI is a proven, highly secure platform for issuance of digital certificates.

- Web Trust Accredited Certification Authorities (CA’s)

Software vendors who are not CA's can not provide PKI certificates because only CA's have trusted roots in browsers

To ensure malware can not interfere with online transactions between FI’s  and customers

Comodo S.E.E.:
Secured Executional Environment

S.E.E. uses a sophisticated firewall to prevent any other Internet connection being made thus rendering malware (such as Trojans) ineffective.

This renders malware (e.g. Trojans and key logging attacks) ineffective

None.
No other vendor offers this solution since it requires authentication capabilities beyond the expertise of software vendors.   

None.

Not applicable