A Comparison of Green Armor's Identity Cues and Earlier Anti-Phishing Offerings
Green Armor Solutions’ flagship product, Identity Cues, represents the dawn of a new user-friendly proactive approach to combating phishing, pharming, and online fraud. Its patent-pending technology targets the root cause of the phishing problem – the ease with which the online user experience of a legitimate business can be duplicated and with which users can be deceived. It offers several significant advantages over previous-generation anti-phishing offerings.
The following are some of the benefits that the Green Armor solution offers users, administrators, and implementers of anti-phishing technology when compared with other techniques for combating phishing:
Type of anti-phishing technology: Transaction Analysis
|
Green Armor's Identity Cues
|
Other Technologies |
Proactive - Blocks phishing before it succeeds
|
Reactive - Attempts to identify transactions executed by criminals after phishing has occurred
|
Effective against both the pilfering of information and financial fraud achieved via phishing |
May be unable to stop pilfering of information via phishing, and may not catch all phishing-related transactional fraud
|
Effective against "low and slow" phishing attacks (in which criminals phish a user and then make relatively-inconspicuous, small fraudulent financial transactions)
|
"Low and slow" attacks may not be detectable |
Type of anti-phishing technology: Secret Images & Answers
|
Green Armor's Identity Cues |
Other Technologies |
Maintains simple user experience
|
Users may be inconvenienced, as several additional steps are necessary in order to login to an online system
|
Does not require conscious "work" by users |
Additional demands may be made upon users as in addition to their usual login name and password, users may need to establish and remember several secret question-and-answer pairs and a secret image
|
Secure |
Criminals and hackers may be able to easily determine what the secret image is for any particular user (or group of users) by knowing (or guessing) the user's username/s. This could lead to the criminal successfully executing a"targeted phishing" attack against that user (or group of users).
Criminals and hackers may be able to determine what user login names are valid for online banking systems and other computers.
Users may choose the same secret images or question-and-answer pairs for multiple web sites. A security breach at one site could lead to a security breach at others. |
User experience is always the same, regardless of what computer the user uses for access |
User experience may vary based on the device used for access. This may confuse some users |
No significant ongoing maintenance |
Ongoing maintenance of secret-question-and-answer databases and of secret-images databases |
Type of anti-phishing technology: Email Filtering/Authenticated Email |
Green Armor's Identity Cues |
Other Technologies |
Effective against pharming
|
Does not protect against pharming
|
Effective against instant-messaging initiated phishing |
Does not protect against instant-messaging initiated phishing |
Effective against blog-initiated phishing |
Does not protect against blog-initated phishing |
Effective against personalized phishing attacks (in which criminals target specific individuals) |
In some cases, does not protect against personalized phishing attacks. |
Does not require end users to install software on any computers |
May require users to install software on computers that they use for accessing the Internet |
Provides protection when user accesses a site from any browser |
In order to be protected, user may have to use a specific computer when accessing the Internet |
Type of anti-phishing technology: Anti-phishing software installed on end-users' computers |
Green Armor's Identity Cues |
Other Technologies |
Protects against pharming |
Often does not protect against pharming |
Works with all sites |
May not work with some sites |
User can use any computer to access the Internet and will be protected |
Users are protected only when they access the Internet from the specific computers on which the anti-phishing software is installed. |
Simple installation onto server/s in corporate data center |
May require the installation and management of software on numerous remote computers not otherwise under organizational management |
|