Boiling Springs Savings Bank: Financial Institution introduces SVT technology that authenticates web content to protect critical customer information in online banking transactions.
Background: Boiling Springs Savings Bank, named after the famed Boiling Springs in the Rutherford, New Jersey area, manages assets over $1 billion. This local bank has been serving their community since 1939, with roots in banking since the 1870s. Boiling Springs Savings Bank has grown today to be one of the area’s largest savings banks by leveraging their key strength – providing customers with a comfortable, friendly feeling banking experience.
Business Challenge: Inability for customers to verify authentic Bank website from fraudulent or phishing sites. Banking online is now one of the benefits a bank can offer. But both the bank and their customers are well aware that banking online is fraught with some identity theft problems.
- 24% of consumers refuse to conduct business online due to fear of online fraud
- 20% of consumers don’t open e-mail from financial institutions
- 65% of consumers now include security protections as an influence in their choice of bank.
Fraudsters are sophisticated and can often bypass passwords or engineer other attacks – such as phishing or pharming attacks. For example, in phishing attacks, legitimate looking e-mails direct people to a legitimate looking fraud site to harvest confidential customer information.
This is a particularly difficult threat for the bank to protect their customers from because there are no means to verify web content. It is very hard for a customer to tell a fake site from the real thing.
The Solution: Giving consumers the ability to verify web content. To ensure customer confidence in banking online, Boiling Springs Savings Bank invested in a leading technological innovation from Comodo. This technology, called SVT (See, Verify, Trust), enables customers to tell the real Boiling Springs Savings Bank site from a fraudulent site pretending to be Boiling Springs Savings Bank.
How does this technology work?
The heart of the SVT technology is a new type of digital certificate called the Content Verification Certificate. As an X509 compliant certificate type (just like SSL certificates), CVCs are created, distributed, and revoked using proven PKI (Public Key Infrastructure) methods to provide the highest level of security for web page content.
First, Boiling Springs Savings Bank determined that it wanted to protect all its logos, log-in boxes and rate pages. Then, CVCs were applied to the content they wanted to protect. These effectively bind digitally protected content to a specific URL or IP address.
Then, any consumer can initiate the verification process by using the reader download called Verification Engine (VE) provided free by Comodo. Once the customer has installed the reader, they just have to mouse over the logo and a green border around the screen pops up, proving that the site has been authenticated as legitimate. If no green highlight comes up, the customer knows he or she is on a phishing or pharming site
With this CVC protection solution, Boiling Springs Savings Bank was able to:
- To provide highly graphic indicators to customers that they are on the legitimate Boiling Springs Savings Bank Web site
- Reduce the risk to the bank that they would have to honor rates that may have been fraudulently manipulated by a hacker
- Protect their customers from giving away their sensitive information to fraud sites
- Improve Boiling Springs Savings Bank brand perception as a leader in customer-care and security
- Maintain confidence and trust among consumers thus increasing online etransactional revenue
- Reduce operational costs associated with online fraud
- Be empowered to control their logo and digital content thus eliminating unlawful merchants trading on their brand equity