back to the main page
Oracle Unleashes Powerful New Weapon Against Online Fraud
Oracle has announced its newest Identity Management offering, Oracle Adaptive Access Manager 10g, a Web-based turnkey system that combats identity theft and fraud through strong multifactor authentication security and proactive real-time fraud prevention. It is available now through the
Oracle Technology Network.
“Oracle has launched this product at a time when fraudsters are becoming bolder and more sophisticated,” says Thomas Varghese, vice president of product management at Oracle. “A simple login and password are often not enough to secure vital data.”
More Threats Mean Stronger Security
Varghese explains that threats from phishing, pharming, trojans, key logging, and proxy attacks, as well as the growing regulations governing online data privacy, are forcing more organizations to deploy stronger, multifactor authentication methods. Authentication factors typically include items that a user carries, such as security tokens or credit cards, or user attributes such as fingerprints or retinal scans.
“Customers often rely on distributing tokens to secure logins to their enterprise site,” says Varghese. “But for a large enterprise it’s an expensive logistical nightmare; they’ve got people in a wide geographic area, people leaving the company, people losing tokens, etc.,” he says. “The whole provisioning process is a pain and costs up to $40 per user or more.” Biometric measures add another level of security, he says, but come with their own costs and limitations. “Using a patent-pending, software-only approach, Oracle Adaptive Access Manager provides the same strength of security without these pains.”
Premium Protection Anywhere, Anytime
Oracle Adaptive Access Manager consists of two primary components—Adaptive Risk Manager and Adaptive Strong Authenticator—that together let organizations and end users invoke authentication processes from any browser, over any network (public, private, Wi-kiosk), and through any user touchpoint (online, ATM, handheld devices) to protect information at the time of session initiation or during in-session transactions.
Oracle Adaptive Risk Manager verifies a host of factors used to confirm identity—from the computer or mobile device used to log in, to a user’s location and behavioral profiles, to highly sophisticated fraud models that are built into the software.
“We essentially fingerprint the user’s computer using location and behavioral profiles,” says Varghese. “So, for example, if you log in from your home computer every day, I know it’s you because it’s your computer. But if your login comes in from Siberia, a place you’ve never logged in from, we know it’s not you.”
Oracle Adaptive Risk Manager creates a risk score for your logins, device, location, and transactions, says Varghese, and then alerts your organization in real time to potential fraud.
Oracle Strong Authenticator includes a suite of highly secure virtual authentication devices for entering sensitive password and PIN data online. It provides the user with a unique personalized interface that foils the types of attacks that can be used to steal login information, such as phishing, key logging, and pharming, even when a user is protected by tokens, smart cards, or other authentication processes. “With Oracle Strong Authenticator, everything is in encoded form. It secures the login process anywhere you are, even if you are logging in from an airport kiosk or an untrusted network,” says Varghese.
Oracle Adaptive Access Manager supports Oracle and third-party applications and is part of Oracle’s portfolio of best-in-class identity and access management products that allow customers to streamline compliance requirements.
Next Steps
|
