Since 2005, Compubahn has wisely leveraged its strong expertise in security, vulnerability analysis and fraud detection in the public sector and applied it in the financial sector. Compubahn’s offerings in the financial sector are:
Vulnerability Analysis
With the wide prevalence and ever growing threat of fraud, identity theft, phishing attacks, and new schemes by hackers to defraud customers, most financial institutions are finding it difficult to assess, quantify and prioritize the security risks for their online banking. Compubahn’s team of world class security experts from industry and academia has developed a Technical Vulnerability Assessment Framework, comprised of a combination of tools, methodologies and services that offers sound vulnerability assessments for small and mid-size banks so that these institutions can better understand the threats, quantify the risks from the threats, and safeguard themselves from those threats.
Compubahn conducts thorough Internet banking and financial transaction security analysis using its Vulnerability Assessment Framework.. Compubahn will conduct a detailed, confidential security vulnerability analysis of the institution’s web sites to identify gaps in the design from a security perspective that could potentially be exploited by attackers. Studies show that 72 percent of online banking web sites reveal vulnerabilities. Compubahn will recommend solutions for these vulnerabilities allowing the bank improve the security of its web sites. Major vulnerabilities addressed during this analysis include:
Assess design and layout of website (Security Perspective)
Customer login and processing
Transmission of sensitive information over insecure channels
Potential for customer confusion (prone to Phishing attacks)
Analyze the customer communication (Security Perspective)
Transmission of sensitive information (Password, PIN and Social Security Number)
Identify transaction related vulnerabilities
Bank-customer interaction
Perception of customers and differentiate from spoofed sites
Automated tools
Ongoing security monitoring, hackers sites and port scans
Application security