TripleBlind announced
SecuriKey, a software product for financial services that
delivers a strong, uniform security layer across all computing environments,
including cloud, on-premise, and mobile devices. The solution protects
enterprises and their customers from account takeover (ATO) and fraud.
SecuriKey is the first security product from TripleBlind-one of the first
companies to deliver true secure multiparty computation (SMPC)-to protect
companies and their customers by empowering financial institutions to "bind" a
device to a user and implement a zero-trust approach to transaction security.
The financial services
industry stores, protects, and transacts one of the most valuable assets for
customers - money. Hackers, the modern day bank robbers, consistently
attempt to breach security protocols and protections implemented by financial
institutions. Consequently, usernames and passwords are regularly compromised
and found on the dark web. With the banking industry's rapid enablement of
mobile banking, attack surfaces have become more difficult to manage, resulting
in serious challenges mitigating account takeover risks. SecuriKey ensures that
an individual is using a recognized device to access their financial accounts,
by combining device authenticators with a secret/token share. Each share is
just one piece of a full key, and these pieces are distributed across multiple
devices to eliminate single point of attack vulnerabilities.
SecuriKey is built with
the following components:
- Threat Protection - TripleBlind's
Virtual Hardware Security Module (vHSM) technology implements a zero-trust
approach to transaction security, providing assurances of honest use and
reducing chances for malice.
- Seamless Integration - SecuriKey works
across a broad range of devices and ecosystems, including cloud and
on-prem servers, mobile devices, and personal computers, without requiring
any specialized hardware.
- Compliance Maintenance
- Regulatory
compliance is a top priority in the financial services industry, which is
why SecuriKey meets all relevant security and compliance requirements,
including GDPR, and SOX.
"In an era where data
breaches and cybersecurity attacks are on the rise, financial institutions face
unprecedented challenges to protect customer data. Recognizing this critical
need, we developed SecuriKey as an added layer of defense for financial institutions
and their customers," said Riddhiman Das, TripleBlind's co-founder and CEO.
"SecuriKey seamlessly integrates with existing apps, making it unnoticeable to
customers yet offering a layer of security that makes financial apps nearly
impenetrable without having biometric information and physically holding a
device."
TripleBlind SecuriKey
couples well with TripleBlind's existing product offerings, TripleBlind Privacy
Suite. The Privacy Suite includes Privacy Network, Privacy Fortress, and
Privacy Builder, all products which are built with financial institutions in
mind.
- Privacy Network creates the ability
to collaborate across organizations as part of a single, compliant network
that ensures sensitive data remains private.
- Privacy Fortress allows collaboration
for organizations and invited partners to work together. Fortress provides
a military-grade solution that protects data in-use and is compliant with
all global privacy regulations.
- Privacy Builder enables organizations
to build new products, platforms, and more on top of TripleBlind's proven
data privacy technology. Builder accelerates speed-to-market without
compromising sensitive information or intellectual property.
The TripleBlind Privacy
Suite is powered by the underlying technology developed by TripleBlind to
de-identify data in real-time. This process happens behind the organization's
firewall, meaning it is always protected and remains unidentifiable at all
times. TripleBlind's products are compliant with HIPAA, GDPR, and additional international
data privacy and data residency standards.