Security Art

RoboFraud is a patent pending server-side technology that exposes and defeats Man-in-the-Browser threat without compromising the User Experience and without the need to download or install any software!

RoboFraud solves Online Frauds and Cybercrime as a result of Man-in-the-Browser attack.

RoboFraud is based on unique server-side technology for which a provisional patent was filed in July 2011. The product solves online fraud and cybercrime problems, specifically at financial institutions, by proactively exposing and defeating Man-in-the-Browser threats without compromising the user experience and without requiring users to download or install any software. The application works by remotely discovering Trojans (including zero day Trojans) through the use of self tests, and completely eliminates MITB Trojans using automatic scripts and HTML injection.

The Man-in-the-Browser attack uses the same approach as Man-in-the-Middle attacks, but in this case a Trojan is used to intercept and manipulate calls on the fly between the main application's executable (i.e., the browser) and its security mechanisms or libraries. The attack allows the attacker to manipulate transactions of online banking systems, even when other authentication factors are in use and even in presence of SSL channels. This type of sophisticated attack makes it nearly impossible for the victim to notice it is happening because all expected controls and security mechanisms work normally and there is no change in the user’s experience while accessing a web application such as an internet banking account.

RoboFraud's proactive features are unique in that they actually mitigate the attack while it is happening, and do not just go into effect after the attack has happened like most fraud detection software.
In addition, the software is installed on the backend servers between the consumer and the financial institutions and does not need to be installed on the consumer's computer, as do most standard security applications such as anti-virus packages. Finally, it is notable in that it works not only on browsers but also on mobile applications, tablets and legacy browsers.