In the Press


How does PhishCops® work?



Headline News: PhishCops® in the Press



Headline News: PhishCops® in the Press
The following is a collection of recent news stories regarding the PhishCops® Multi-factor Authentication process.


Credit Union Journal Study: PhishCops® is Most Supportable Authentication
"Credit unions that implemented virtual tokens (i.e. PhishCops) experienced the smallest increase in support costs (less than 1%), and it was the only method that reported no decrease in online member activity."

"authentication methods that required the most effort by members, such as installing software toolbars, configuring browser certificates, or registering questions and secret images, were reported to be the most difficult to support and contributed to the greatest loss of online member activity. Those methods that involved the least effort by members, such as virtual tokens (i.e. PhishCops) rated the best."

Download the actual study here.



Multi-Factor Fallout: The Plusses And Minuses Of "Security By The Regs"
"We assumed everyone knew that challenge-response systems do not meet the regulatory definition of MFA," Willis explained. "By rejecting true MFA in favor of these less costly approaches, financial institutions have, instead, actually made the situation much worse. Through the widespread use of challenge-response, consumers are being conditioned to disclose their confidential personal information, such as maiden names and high-school names, on a scale never before seen. "It doesn't take a rocket scientist to understand why this is unpopular with consumers," Willis continued, adding that he's seeing "unusually high" interest in PhishCops from organizations that are currently depending on C-R."

"The C-R paradigm will be short-lived, agreed Rick Rhoads, senior vice president, eServices, at the $13.5-billion State Employees CU (SECU) in Raleigh, N.C..."



Company Predicts Its Anti-Phishing Solution Will 'Dominate'
Unlike most existing Internet banking security tools-which are wearing thin under today's man-in-the middle attacks and invisible malware- PhishCops doesn't rely on "mother's-maiden-name" challenge questions or familiar images, according to $314-million First Florida CU and $197-million Envision CU, which recently launched PhishCops. "Originally, we had signed with another vendor that used challenge questions as an authentication factor," said Tim Brown, chief technology officer at First Florida in Jacksonville, Fla., which went live with PhishCops in April. "But then we realized we didn't want to force our members to give out any personal information that could be phished in the future," Brown said."

"PhishCops stands up against current threats, said Shea Lambert, director of IT for United Solutions Company, the Tallahassee, Fla.-based CUSO that provides PhishCops. "Other products can't protect your members from man-in-the-middle attacks and hostile proxies," asserted Lambert. "PhishCops can. Even with a stolen account number and password, a thief can't get into an account."

"Giant management and technology consultancy BearingPoint, Inc., of McLean, Va., recently told Credit Union Journal it would switch to PhishCops."



Vulnerability of Passmark Sitekey at Bank of America Reported
"PhishCops(tm) product represents the next-generation in online security, replacing vulnerable logins and passwords, expensive hardware tokens, difficult-to-manage software, and vulnerable “challenge-question” approaches, with an unbreakable, government-approved, mathematic multi-factor authentication approach."



Bank of America and Passmark SiteKey: Trouble in Paradise?
"There is one multi-factor authentication solution that does not solicit personal information from customers, that uses government-approved authentication algorithms instead of vulnerable images and shared secrets, and which does not require “tinkering” to keep it one step ahead of phishers. PhishCops by Sestus Data Company..."



FDIC Warns: Banking Customers may Resist Authentication Methods that Solicit Personal Information
"PhishCops is a new approach but it appears to be gaining momentum quickly. The company reports that since its formal introduction to the market in March of this year, they have been contacted by over 350 organizations for additional information or to begin implementation."



Dramatic Breakthrough in Out-of-Band Authentication
"On May 22, 2006, Sestus Data Company announced the release of its long awaited PhishCops SAFE(tm) out-of-band authentication solution. PhishCops SAFE(tm) is the world’s first SMS Authentication Facilitation Engine capable of solving the problem of altered transactions....PhishCops SAFE(tm) is built on the patent-pending PhishCops(tm) technology and represents a drastic paradigm shift in out-of-band authentication. It is destined to radically change the dynamics of the war against online identity theft."



2-Factor Authentication: Will Financial Institutions Really be More Secure?
"Even more encouraging for business owners is the fact that, in a recent survey of competitive solutions reported on Yahoo News, PhishCops was rated #1 among two-factor authentication solutions, offering the lowest total cost of ownership with the fastest implementation time and minimal support requirements."


The Cost of Implementing Multi-Factor Authentication
"PhishCops by Sestus Data Company offers the lowest total cost of ownership with the fastest implementation time and minimal support requirements. ..Incidentally, PhishCops also appears to be the only vendor using government-approved authentication methods."

Financial Institutions Confused About FFIEC Regulations
PhishCops® authentication methods also appear to be stronger than those used by most hardware-based token vendors. The National Institute of Standards and Technology, a government standards body, has recently called for all regulatory agencies and commercial security firms to migrate their technologies away from the aging SHA-1 OATH standard used by most hardware-based token vendors, to the newer SHA-256 standard (which is used by PhishCops®) by 2010."

FFIEC & Tokens: Hardware Tokens Do Not Mitigate Phishing
"PhishCops® by Sestus Data Company satisfies both of the FFIEC’s recommendations using a "virtual", or hardware-free two-factor token processor, with invulnerable website authentication, in a single integrated solution... PhishCops® was designed from its inception in accordance with FDIC and FFIEC regulatory requirements and the U.S. government recently named PhishCops® a semi-finalist for the 2005 Homeland Security Award."

Phishing, Account Hijacking Myths Exposed
In fact, of all the anti-phishing solutions recently announced in the press, the only one that actually employs an approved strong authentication method to authenticate the website itself is PhishCops by Sestus Data Company. PhishCops uses algorithms approved by the U.S. Dept of Commerce for use in authenticating sensitive data and applies these algorithms to proactively authenticate websites using a 100% web-based approach. It does not rely on any database of ‘blacklisted’ phishing websites, filtering rules, additional login process layers, or on potentially fraudulent ‘whois’ or IP records."

Anti-Phishing Solution Protects Against Pharming
"Simply put, PhishCops is capable of authenticating Webpages in such a way that cannot be replicated by phishers..."

Anti-Phishing Solution Named as 2005 Homeland Security Award Semi-Finalist
“Sestus Data Company was notified that its anti-phishing solution, the PhishCops Website Authentication Process, has been selected as a semifinalist for the 2005 Homeland Security Award in Washington D.C.


Home   |   Sitemap   |   Contact Us   |   Print this Page   |   Search 
© 2008 Sestus Data Company   All Rights Reserved. PhishCops® is Patent Pending.

Toll Free Tel. (800) 788-1927
California (San Francisco) Tel. (415) 963-4124    |   New York (Manhattan) Tel. (718) 841-7350