TCF Financial Corp. is planning to use anti-fraud software from RSA Security Inc. to protect its online banking site.
RSA, a Bedford, Mass., unit of EMC Corp., said in April that the Atlanta banking technology vendor S1 Corp. would offer RSA's security products to its customers. And TCF, a Wayzata, Minn., financial holding company and longtime S1 customer, said Wednesday that it would install RSA's Adaptive Authentication software.
The Adaptive Authentication product combines several modules; TCF plans to use its invisible risk-scoring system and the graphical site-to-user authentication system. The graphical system is the same software behind Bank of America Corp.'s SiteKey security feature, which displays to users a preselected graphic and phrase to prove the site is authentic, rather than a fake site created by phishers.
The risk-scoring software evaluates users' behavior and network settings to determine whether their activity is legitimate or fraudulent. If the system suspects the user is a fraudster, it can prompt the site to ask them challenge questions or initiate a phone call from a customer service representative for further authentication. This system can also pool observations among RSA clients to flag criminal attacks against several companies at once.
RSA created its Adaptive Authentication software by merging the software of two companies it bought within the past 12 months. The risk-scoring tool comes from Cyota Inc., which it bought in December, and the graphical site authentication comes from PassMark Security Inc., which it bought in April.
