SOURCE: StrikeForce Technologies

June 21, 2006 13:24 ET

Covelight Systems and StrikeForce Partner to Offer Risk-Based Authentication for Web Applications

Joint Offering Allows Financial Institutions to Achieve FFIEC Compliance to Eliminate Fraud in the Online Channel While Keeping End Users Satisfied

EDISON, NJ -- (MARKET WIRE) -- June 21, 2006 -- StrikeForce Technologies (OTCBB: SKFT), a leader in solutions that prevent identity theft, and Covelight Systems, an innovator of solutions for passive, real-time identity-based monitoring of Web applications to detect fraud and identity theft, today announced a strategic partnership that will deliver a comprehensive risk-based authentication solution to financial institutions by securing their Web applications without slowing down transactions for the end-user by only requiring multiple authentication when necessary during their online experience.

The integrated solution consists of the StrikeForce ProtectID™ and the Covelight Percept™ Web application fraud management system, which together provides a complete, easy-to-deploy solution that meets the FFIEC Guidance for online banking protection and delivers proven security to combat online threats to customer data. Combining authentication technology from StrikeForce and passive, real-time monitoring outside of the data stream from Covelight, financial institutions will be able to provide secure online banking experiences for their customers without degrading their transaction experience. With Covelight Percept™ in place, users will only have to go through additional authentication processes when Covelight Percept™ detects unusual or risky behavior. Benefits to financial institutions include:

--  Easy-to-deploy and maintain
--  Strong authentication with multiple layers and multi-factors
--  Device flexibility for financial institutions and their customers
--  Network-based fraud management not reliant on server logs or agents
--  Right-sized authentication based on real-time assessment of online
    user risk -- from the first click through final transaction
--  A fraud investigation platform, including a complete session audit
    trail attributed to the individual application users
StrikeForce Technologies' ProtectID™ multi-factor authentication platform offers third-party technology providers and banks the flexibility to select from numerous authentication methods, including cell phones, PDAs, soft and hard tokens, smartcards, and biometric devices. In the most common implementation, users answer an "Out-Of-Band" phone call and enter a PIN on the keypad of the phone to verify their identity and authorize each transaction. As an alternative or back up, StrikeForce can e-mail one-time passwords, or turn a PDA, blackberry, or computer into a one-time password generator, eliminating the need to carry or purchase new technology. By bundling multiple authentication methods together, ProtectID™ permits choice by consumers, reinforcing bank security policy while providing the type of redundancy banks expect of their operational systems.

"In response to the FFIEC Guidance, financial institutions are seeking to implement a simple, layered, user authentication experience," said StrikeForce CEO Mark Kay. "Through the integration with Percept™, banks will be able to easily tie the user authentication to user behavior and dynamic events, providing the real-time solution that put consumers in control of their accounts and transactions while mitigating attacks and fraud."

Beginning with the initial access, through login and during the entire session, Percept™ monitors each user and their online patterns, and automatically builds behavioral profiles allowing real-time detection of suspicious or high-risk activity. In addition, Percept™ maintains detailed session and transaction logs and offers an incident investigation console to facilitate fraud case management and on-demand session audits.

The Covelight Percept™ Web application fraud management system incorporates network-based monitoring, multi-dimensional fraud detection and scoring to evaluate each user's session risk in real-time. If at any time during the user's session the Percept™ risk score exceeds a threshold, ProtectID™ will invoke the appropriate method of authentication.

"Covelight Percept™ is a proven fraud management solution that has been successfully deployed in leading financial institutions since 2004," said Covelight CEO Spencer Snedecor. "By integrating Percept™ with ProtectID™, we are delivering a complete risk-based authentication solution for protecting their sensitive online customer base."

About StrikeForce Technologies

StrikeForce Technologies, a leader in solutions that prevent identity theft, is a company that can protect customers, partners and employees -- in real-time against identity fraud at almost every access point. Its total protection solution strengthens companies' defenses against the biggest points of fraud -- when accounts are opened, when they're accessed, when they're changed, and each time there's a new transaction. StrikeForce Technologies is trading on the OTC bulletin board (SKFT) and the company is headquartered in Edison, N.J., and can be reached at or (866) 787-4542.

About Covelight Systems

Covelight Systems is the field-proven leader in passive, real-time identity-based monitoring of Web applications to protect confidential data from online fraud and identity theft. Covelight's products, including Percept™ and FraudProbe™, provide real-time visibility into critical Web applications, detect suspicious behavior, provide continuous identity-based auditing for compliance, and forensic data for incident investigation. Only Covelight delivers solutions to detect the external and internal threats to confidential information and identity data accessed through Web applications, including account takeover fraud, insider identity theft, phishing activity and session hijacking. For more information, go to or call at (919) 677-9680.

Contact Information