Japan Post Bank Teams with RSA to Provide Real time Protection Against Online Fraud and Phishing Attacks

BEDFORD, Mass. - March 12, 2009 -

RSA, The Security Division of EMC (NYSE: EMC), announced that Japan Post Bank, one of Japan’s largest banks, has implemented the RSA® FraudAction^SM service as an effective countermeasure to protect its customers and assets from online crime and phishing attacks.

Tokyo-based Japan Post Bank, one of the world’s largest banks in terms of total assets, provides comprehensive financial services to its customers through a network of post offices deployed throughout Japan. Its “Yuucho Direct” Internet banking service offers customers convenient access to their accounts for balance inquiries, fund transfers and bill pay without visiting a Japan Post Bank branch or post office. Japan Post Bank selected RSA FraudAction because of its innovative approach to preventing online attacks and the service was quickly deployed in June 2008 without any modifications to the bank’s existing systems. Since the implementation of RSA FraudAction, Japan Post Bank has been able to successfully detect and quickly shut down phishing attacks and protect its customers’ personal information and financial assets.

“The number of phishing attacks in Japan and elsewhere has rapidly increased and crimeware, attack techniques and fraud supply chains have become more sophisticated. In response, when online fraudsters target our customers, our fraud analysts can act rapidly and reduce the active lifetime of an online attack from 115 hours to an average of five hours. This quick response decreases the number of users who may have been guided to fraudulent websites designed to steal personal information,” said Osamu Yamano, President of RSA Japan.

RSA FraudAction is a service available from the RSA Identity Protection and Verification Suite and is designed to detect, track and shut down phishing, pharming and Trojan attacks perpetrated by online fraudsters. RSA FraudAction has been adopted by approximately 320 companies worldwide due to its effectiveness as a countermeasure against online fraud and it has shut down more than 130,000 illicit web sites across 140 countries to date. Its fraud analysts operate from the RSA® Anti-Fraud Command Center and work 24x7 to shut down websites hosting online attacks, deploy countermeasures, and conduct extensive forensic work to help catch fraudsters and prevent future threats – reducing the average lifetime of an online attack from approximately 115 hours to five hours. The RSA Anti-Fraud Command Center has established direct, open channels with over 9,000 Internet Service Providers (ISPs) around the world, as well as dozens of CERTs and law enforcement agencies. It also provides multi-lingual translation support in nearly 200 languages to further enhance its ability to fight online crime on a global scale. To learn more, visit the RSA FraudAction website.

About the RSA Identity Protection and Verification Suite

The RSA Identity Protection and Verification Suite offers one of the most complete and innovative portfolios of strong authentication and anti-fraud technologies, and is engineered to protect organizations and their online users against the latest external threats. It is a complete Software-as-a-Service (SaaS) portfolio that is designed to increase activity in online and remote transactions, inspire user confidence, and reduce fraud losses and related costs. The RSA Identity Protection and Verification Suite leverages RSA’s expertise in fraud analysis, fraud forensics, and fraud modeling, and it includes the following components:

• RSA® Adaptive Authentication, a risk-based authentication and fraud detection platform used by more than 8,000 organizations in ten countries, authenticating over 225 million users through risk indicators powered by the RSA® Risk Engine, such as device identification, geo-location, behavioral profiling, and RSA eFraudNetwork matching.
• RSA FraudAction, a 24x7 service that protects approximately 320 organizations against phishing, Trojan, and other online attacks. It is powered by the RSA Anti-Fraud Command Center and its team of fraud analysts who have shut down over 130,000 illegal websites in 140 countries to date, reducing the lifetime of phishing attacks from approximately 115 hours to five hours.
• RSA® Identity Verification, a knowledge-based authentication system that assures and confirms user identities in real-time by presenting a series of top-of-mind questions utilizing relevant facts obtained from dozens of public and commercial record databases It is used by more than 140 organizations in the financial, telecommunications, insurance, and healthcare industries.
• RSA® Transaction Monitoring, an online fraud detection and management system that detects, flags, and investigates high-risk activities. Its RSA Risk Engine evaluates each online activity in real-time and generates a unique risk score that reduces fraud.
• RSA® Adaptive Authentication for eCommerce, a secure framework for cardholder protection and fraud management. It has authenticated over 20 billion transactions via a range of authentication and card security products, including Verified by Visa®, MasterCard SecureCode™ and JCB J/Secure™.
• The RSA eFraudNetwork cross-institution, cross-platform, online fraud network community dedicated to sharing and disseminating information on fraudulent activity.