Comodo announced major expansion of the Comodo Mutual Authentication (MA) initiative to help consumers re-establish trust in online financial interactions through an innovative new PKI based mutual authentication verification solution.
Comodo announcement comes as its new technology, SVT (See. Verify. Trust) is being deployed globally at financial institutions and credit unions largely in response to an escalation of attacks against regional banks and credit unions. According to SC Magazine, (June 9, 2006) recent attacks on regional banks in the United States accounted for 33 percent of all phishing attacks last month, with credit unions taking up 29 percent of all attacks. Non-American banks were 26 percent of all banking brands attacked by phishing in May, whereas national U.S. banks only accounted for 11 percent of phishing attacks.
This increase in fraud attacks against the regional financial institution sector is directly related to the flood of low assurance SSL certificates which do not validate business legitimacy but rather rely only on automated domain validation processes. As a result, fraudsters can easily procure the important gold padlock trust symbol to provide a veneer of legitimacy to their fraud site. The impact of these low assurance certificates is that the cost of phishing, pharming and online fraud is growing at an alarming 37% rate (a rate that is faster than online sales growth) according IDG, (September 2005). Particularly hard hit are smaller financial institutions like banks and credit unions as they are the new “soft target” or favorite of fraudsters.
In response to this growing need to protect consumers with a cost effective and easily deployed mutual authentication solution, Comodo launched its Mutual Authentication Solution. Based on PKI, recognized as one of the most secure environments by the FFIEC, Comodo MA solution uniquely provides a Best Practices approach to be fully compliant with FFIEC guidelines. This solution has been proven to be one of the fastest and lowest cost solutions on the market today with most Comodo customers becoming fully compliant within 4 weeks or less. This solution enables both consumer authentication of bank site before sensitive information is compromised and allows banks to verify consumer identity. By contrast, all two factor solutions do allow bank to authenticate the identity of the User – but do nothing to enable consumer authentication of the site identity that is outside the browser environment and thus “un spoofed.” With non browser based verification, consumers are protected against mimics sites designed to steal information.