BankVault Enterprise – Securing Customer Portals and Web Applications
Securing Customers Accessing Your Web Apps
When Security is Vital
BankVault solves the biggest security issue that enterprises, financial institutions, and cloud platforms are grappling with – how to lock down external customer devices on their network perimeter over which they have no control.
BankVault eliminates the attack surface of customer endpoint devices.
BankVault Enterprise Suite has two principal technologies, implemented separately or in combination.
BankVault Invisible Keyboard
This new Patent pending technology fortifies security without 2FA.
It is easily implemented on any website portal, with only a few lines of code.The solution is deployed in minutes and scales to any size organisation.
An illusion of a keyboard is created on the user’s smartphone and a unique QR code synchronizes this with the web session. No password character ever exists in the operating system of the phone or PC, so passwords can never be intercepted by keyloggers.
Password fields can be set to mandatory or left optional.
- Implemented as a simple Cloud Service.
- Implemented as an On-Premise virtual appliance.
It works in harmony with established security measures like 2FA, but the dynamics of security raise sharply when passwords can never be intercepted and reused.
BankVault Graphical Proxy
(OSI Layer 8)
Complete immunity from Man-in-the-Browser attacks.
- Implemented as a simple Cloud Service
- Implemented as an On-Premise virtual appliance
Organizations own the browser and keyboard which customers access remotely, and thus have total control over the customer’s security.
The Pain of a Cyber Heist
When customers are defrauded through an endpoint cyber-attack the consequences can be catastrophic. The delay while the investigation takes place cripples cash flow, which can destroy businesses and reputations.
Financial institutions have no control over their customer’s cybersecurity. When a cyberheist occurs at what point should the institution be compensating (rewarding) the lackadaisical security practices of their customer.
When cyber heists occur it’s extremely costly for every party involved.
Seamlessly Secure Customer Endpoints
BankVault pioneered the new category of “Remote Isolation / Browsing” cyber technology. Inverting this model has created a new technology that secures remote external users accessing specific web portal. We call this “Inverted Remote Isolation”
Organisations have complete end-to-end control over the security of their customer’s environment while accessing the web portal, regardless of whether the customer device is compromised.
Customer transactions can be guaranteed, allowing the organization to differentiate itself, and drive customer growth.
How It Works
The enterprise suite technologies can be implemented individually or in combination.
When the user opens the login portal, they scan the QR code with the BankVault App on their phone and enter their password. (If mandated, the password field won’t accept input from the local keyboard). A new virtual machine is generated and a new browser launched connecting with the web application. An image is streamed to the users browser making the remote browser appears to run natively in the users local device.
No HTML or code executes on the local device so there is no attack vector for a Man-in-the-Browser. The users password is entered via a completely separate channel to the local device thus bypassing any potential keyloggers. The technology does not actually create any password characters in the mobile phone so there’s nothing in the devices operating system that can be intercepted. Multiple devices can be synchronized and work in parallel where a multi-signature custodial transaction is involved. Thus no device is ever used for entering the complete details.
- The BankVault keyboard itself is an illusion and so is not susceptible to interception.
- When web portals are accessed via mobile phones, a different form of a remote invisible keyboard is displayed as an image from the remote BankVault. This is also immune to the browser and keyboard interception technology used by endpoint hackers.
The BankVault Enterprise Suite can be either hosted inside an organization’s own network or hosted externally with cloud providers such as AWS or Azure. Each user session gives the organization complete end-to-end control over the remote customer’s security while accessing their web portal, regardless of whether the customer’s environment is compromised.
Financial institutions with monitoring technology to detect fraud can implement this within their BankVault instance.
The bottom line is that institutions can guarantee the security of each user because their web-portal literally sidesteps the customer device completely.
Build confidence by guaranteeing
Drive Business Growth
By differentiating your organisation at the top end of the market. Open a blue ocean strategy.
Integration in minutes with several lines of code behind the login button.
Delivered seamlessly to protect customers using compromised devices.
Secure your customer’s and staff from malware on their devices