Scout for SAFEMLS Access Intelligence Every day, thousands of online accounts are compromised by account sharing: the deliberate sharing of account credentials to fraudulently enable more people to use an account than are authorized to do so. An unauthorized trader defrauded an international financial institution of $7.2 billion by using other employees' passwords to gain entry to the bank's system. A Ponemon Institute study found that 67 percent of employees believe their organizations outlaw password sharing, but 46 percent of them do it anyway creating fraud and compliance risks. On-line subscription services such as MLS organizations frequently show that up to 20% of accounts are shared which is a form of piracy and revenue leakage. Account sharing represents a very real risk to businesses and online information services. However, companies have had significant limitations on the ability to gather the information needed to effectively detect and stop account sharing – until now. Scout for SAFEMLS is a SaaS (software as a service) solution to monitor and report on account sharing by users of on-line systems and the usage pattern of each individual in the account. Powered with this information, a company can make remediation decisions regarding authentication in order to protect their system. Key Features Account Sharing Dashboard System-wide sharing summary Percentage breakdown of shared accounts and estimate of total excess users Sharing demographics including the frequency, population, and pervasiveness Alerts to notify administrators of changes Account Details Usage history for an account Summary of devices and logins for the account Summary of current sharing Forensic access data about each individual using the account Device Details Access history for a device Summary of accounts accessed and number of sessions Summary of signature information including operating system, browser information, and systems settings Forensic access data about sessions including locations, time of day, and networks used Login Details Session summary Detailed data of device and network used for the session Detailed information about content and transactions within the session (optional feature) Demographics Report System-wide demographics Summary of sharing, locations, operating systems, browsers, cookie settings, and more Web Integrations Simple to deploy web control Embeddable web page control Integration with SAML-enabled portals and applications Available web service for integration into custom solutions Authentication Services Multi-layered authentication and mitigation Username and Password Keystroke Dynamics Device Tags SMS delivered one-time-passwords SMTP delivered one-time-passwords Challenge-Response Questions Policy Management Services Robust, risk-based policy management Factor Selection: Select the factors to be utilized on a policy by policy basis Workflow Definition: Easily the define the order in which factors are assessed and mitigation factors required Assignment: Associate policies to users and groups based on business and security requirements Workflow Services Integrated capabilities for managing authentication process Enrollment: Guides the user in establishing keystroke dynamics template, challenge-response questions, and device tags Verification: Captures and checks multiple factors to verify identity Mitigation: Provides user login assistance according to established policy if the primary factor cannot be verified Password Reset: Accommodates password reset according to security policies of the organization Centralized Management and Reporting Tools Secure, browser-based console Server configuration and operations User and group enrollment status, logon history and access trends Peer status User and group failed login detail for case management Back to Intelligence-driven Authentication