Security and convenience: a perfect relationship?

Reluctance toward strong authentication methods often results from the fear they are inconvenient and cumbersome. But that fear is not always justified – because security and convenience can go hand in hand, writes Tomasz Grabowski, product manager, Comarch

By Comarch Experts | 30 March 2020

In 2016, the global fraud detection market was valued by Allied Marked Research at $13.6bn.

Fast forward to today: according to Fortune Business Insight, the global market for anti-fraud solutions will grow from $19.3bn in 2018 to $110bn in 2026. The growth is exponential, and the banking, financial services, insurance and manufacturing sectors are expected to be most vulnerable to fraud.

One may try to mitigate some of the risks related to the vulnerabilities of the IT environment by transferring them to a cloud service provider – be it software exploit, SQL injection, or cross-site scripting. But in most cases, it is the organisation itself that is obliged to prevent unauthorised access to business and personal data or intellectual property.

Whenever an employee or customer of a company uses application resources, a solution must be provided that protects against theft of login data. 2FA might be such a solution.

It’s just that frequent use of 2FA can be troublesome, because it requires, if not an additional device, then at least a mobile app, which must be run every time. Luckily, as Gartner points out, Online Fraud Detection (OFD) class solutions come to the rescue here.

Running in the background

Such a solution - Cyber Threat Protection (CTP) - is also offered by Comarch.

Numerous conversations with our clients have shown that there are many business scenarios in which a high level of both security and usability is required. That is why we have proposed an app which, working in the background, analyzes user behavior based on the device the user logs in from, the data type they enter, or the way it’s entered. All this activity is verified and reported to the business client on an ongoing basis.

Cyber Threat Protection is an advanced solution, designed to protect the identity of the end user and to verify their credibility (continuous authentication). Its great advantage is versatility, allowing it to function on both desktop and mobile devices. In the first case, it uses JavaScript, in the second – an SDK library integrated with a domain-specific native app. The solution offers several functional modules, including Device reputation, Behavioral biometrics, and more.

Viable relationship

For a person using a banking or loyalty system, or an online trading platform, the CTP solution is seamless because it does not require installing anything on the end device. It also works transparently, without the need for any interaction.

For system owners, Cyber Threat Protection comes in handy to continuously monitor user behavior, and reduce the risk of funds, products, intellectual property or other valuable data being stolen.

Yes, security and high usability are a perfect relationship, but again – yes, you can build one. Nobody says it's easy, but our experience shows that a thoughtful solution, built based on both business and end-user feedback, is key.

Most common vulnerabilities used to carry out cyber-attacks in 2019, which can be tackled by OFDs (Forrester).

Tomasz Grabowski, product manager, Comarch

Become a bobsguide member to access the following

1. Unrestricted access to bobsguide
2. Send a proposal request
3. Insights delivered daily to your inbox
4. Career development