Fraudulent emails may still reach users, but even if they respond and visit a fake login site, they still cannot self disclose their authentication credentials.

The SafeLogin solution is built around a 'triangulation' communications protocol, which separates 'identity' data from 'validation' data as it flow between the parties in the transaction. Data separation makes a man-in the-middle attack much harder than in conventional authentication systems. Additionally, the combination of SafeLogin Keypad Personalization and Triangulation technologies ensures that the user's password only exists in digital form inside the financial institution's firewall.

Each user is presented with a highly personalized login environment in which to enter their password. The look-and-feel is customised to the user's preferences so they can be sure that the service is real, not fake. Furthermore, the password entry mechanism is so customised to the user that it prevents the possibility of users entering their password data on anything other than their own personalized keypad.

There is a growing realisation that simple username-password sign-in protocols are insufficient against fraud. The Federal Financial Institutions Examination Council (FFIEC) has made it mandatory for US financial institutions to use 'Strong Authentication' for their online customers. Tricerion's SafeEnterprise platform offers a high security, easy-to-install, low-cost, highly usable solution for institutions wishing to comply with FFIEC requirements. Similar regulatory initiatives are in process in other countries.

Because without it your users are at risk of from falling prey to online fraud, e.g. to a phishing attack. This strikes directly at their confidence, not just in your brand, but also in the security of e-commerce in general. For this reason governments and regulators are increasingly moving towards making strong authentication mandatory for certain kinds of web service, and/or making service providers bear the costs of online fraud.

The problem is big and getting bigger. Sections of the media and some industry analysts have cited alarmingly high online fraud estimates, but these have to be treated with caution; the tendency is to group all online fraud together and then quote that number when talking about any of the specific sub-areas of fraud, such as phishing. What is clear is that the problem is growing, both in scale and complexity. For example, phishing was almost unheard of at the end of 2003. Five years on there can hardly be an email user on the planet who does not receive frequent phishing emails, and the number of different phishing scams reported per month has risen to more than 30,000 (source: Anti-Phishing Working Group, Q1 2008). Financial institutions are at risk from direct financial losses and perhaps more seriously from indirect losses associated with damage to brand reputation and customer attrition from online services.

Tricerion is the smartest available antidote to Phishing, the fastest growing area of online fraud, where the user is duped into visiting a fake site (e.g. one looking just like their real online bank) where they are lured into disclosing their security credentials. Tricerion also embodies state-of-the-art protection against a comprehensive range of other frauds including pharming, man-in-the-middle, shoulder surfing, keystroke logging, screen capture, and packet sniffing.