cyan Digital Security: The Security and Risk-Management Experts

Markus Cserna, CTO Banking CIOs today have mastered the security procedures revolving around their internal setups—from IT systems to interfaces and apps. However, when it comes to achieving an end-to-end security posture, they tend to neglect the weakest point in the value chain, the customer. Delivering optimum security requires a shift in focus, back to a customer-centric view, where CIOs can focus around securing the end clients as well. With regulations like Payment Service Directive 2 (PSD2) coming to effect in Europe from September 2019, these requirements will become more imperative, demanding banks to have robust measures in place to take care of the authentication and risk management of their customers. Other countries or regions will follow these European regulations.

By providing the necessary modules for PSD2 compliance— secure authentication and risk management—in combination with endpoint security for the end-customer, cyan assists banks in protecting customers’ devices from threats that can affect the banking or payment experience. “We protect the customers from threats while providing banks with necessary insights into the risk level of their customers to place measures before damages occur,” says Markus Cserna, the CTO of cyan. The company’s security modules help in proactively mitigating vulnerabilities. cyan also delivers a risk module that bolsters the authentication levels to ensure that fraud is eliminated through face detection or fingerprint capabilities in addition to the classical PIN mechanisms.

"We protect the customer from threat and provide banks with the necessary insights into the risk level of their customers to place measures before damages occur"

A Definitive Journey

cyan’s journey started with its B2B business back in 2006 in Austria, when the company introduced firewall systems to secure workspace and corporate networks. Within a few months of inception, cyan was able to get many clients on board, including the Austrian foreign ministry. The ministry associated with cyan to employ the B2B software across all the Austrian embassies to protect their crucial data. Ever since cyan’s focus grew from B2B to B2B2C to reach a wider audience through acquiring telecom companies with millions of end customers. “We reworked the software stack, redesigned the interfaces, improved the performance and made it suitable for mobile and fixed broadband networks”, mentions Cserna. In 2013, the firm engaged with T-Mobile Austria (now Magenta Telekom), the premier mobile communications company that employed cyan’s software and intellectual property into their core network.

From that point, cyan evolved from being a developer and distributor of B2B firewall/content filter systems for enterprises to a global player offering B2B2C security products to mobile and fixed broadband network providers. Today, cyan is uniquely positioned as a one-stop-shop solution provider for MNOs, MVNOs, banks and insurances—and also governments, enabling them to serve their end consumers better. The company offers security modules wherein a software development kit (SDK) is embedded into the end-users’ mobile banking/insurance application.


We’re driving products from our security research, and the trends that we have realized in worldwide data centres


cyan connects these users through the installed business systems in the data centres of banks or insurance groups to keep their devices safe.

Delivering Seamless Risk Modules

Based on a state-of-art technology consisting of 23 complex algorithms and several patents, cyan’s products evaluate billions of data items to identify threats and reliably calculating risks while fulfilling the requirements set out by PSD2. “We’re driving products from our security research, and the trends that we have realized through worldwide data centres that are constantly checking the web, and automatically detecting threats like phishing or identity theft in more than 20 different methods—all of this 24/7, 365 days a year without interruption,” mentions Cserna. “This is the basis of all our products that are being used by millions worldwide, and have been supported by partners like Deutsche Telekom/T-Mobile, Orange/France Telecom or AON.”

Cserna mentions a case where cyan played a monumental role in mitigating a peak in cyber-attacks in the Chilean market. One of the market’s biggest mobile network operators took the first step by approaching their customers with an email that has simple tips and tricks aimed at increasing public awareness. This operator was on the lookout for a solution that will support their efforts in protecting the clients proactively from cyber-threats. They found success through cyan’s Clean Pipe DNS Solution, which can identify dangerous content, block illegal information, and capture user behaviour—directly on the network. This allowed the mobile operator to offer their customers a secure and efficient mobile network, which is characterized by more privacy and faster Internet browsing experience, without the need for customers to download any software and perform device configuration. Another positive effect of introducing this security layer into the network was the associated data traffic reduction that was achieved by blocking harmful and illegal content. This reduction improved the operator’s business case and freed up network capacity.

Pure Experience and Expertise

Having served numerous banking clients over the years, what differentiates cyan is its security research network comprising more than 200 security centres worldwide that enables security professionals to analyze the network using 23 different methods constantly. These methods can be as simple as keywords or text analysis and as complex as image recognition, automated web sandboxing or highly sophisticated artificial intelligence (AI) algorithms. The research network helps in creating a database which acts as the basis and framework for all of cyan’s products. Cserna takes pride in this unique and patented research network which will fulfil the upcoming 2.1 trillion metadata requests to deliver the best-in-time security. “On top of this, every four hours/ six times per day, an automatic update is pushed directly towards our partners.
During an active threat campaign, we trigger these updates immediately to keep the customers safe. Compared to our competitors in this field, we make sure that without even an activity triggered by the users, the clients profit from the latest phishing, threat, and malware definitions,” says Cserna.

Toward a Brighter Future

As a white-labelled, fully integrated security solution provider, cyan enables its clients to provide security products to their customer base. “Our security solution profits from its uniqueness of being implemented within some of the largest MNOs. This means we’re directly in the data stream, and our database entries are always up-to-date,” adds Cserna. The operator solutions are network-integrated, scalable, device and OS independent that can be used by end customers without any installation, activations, settings, or maintenance. The same applies to customers of banks.

Since its establishment, cyan has been working with strong partners such as AON Group. The common goal of this partnership is to combine cyan’s technologically advanced solutions with AON’s first-class consulting services. Frank von Seth, the Chief Commercial Officer of AON Switzerland and Austria explains how this will bring ‘optimal protection,’ “Our years of experience, especially in the realm of cyber-attacks show that rapid detection and immediate action is the best protection.” Recently, cyan also acquired I-New, an internationally recognized specialist for BSS/OSS platforms, to support clients along the value chain. This has already allowed cyan to set up support centres across New Zealand, Columbia, and the U.S. “The future is bright, and with an acquisition last year, we’ve also opened up Latin America as a target market. For the days ahead, the clear focus will stay around protecting end consumers—the weakest chain in the security ecosystem—and to provide easy-to-use security solutions for the mass market,” concludes Cserna.

Background on Markus Cserna

Markus (Cserna) was one of the founders of cyan in 2006 and took the role of CTO and Chief Developer. He was responsible for the development of the technology behind cyan Secure Web, the B2B product that started it all. Before that period, he was acting in different technology roles in CSM Computer Software Manufaktur, SurfControl, Kapsch and Dimoco.

In the year 2011, when the company transformed its business into the mobile world, Markus became the CTO and Managing Director of cyan Digital Security GmbH. At this time, Markus was responsible to build up the development, operations and research teams behind the successful security solution for Mobile Network Operators. Later in 2014, with the establishment of cyan Research & Development sro, Markus became CEO in the Czech affiliate, responsible for building the research & analysis team in Brno, further preparing the company for global growth and rollouts.

With the establishment of cyan AG and the IPO in 2018, Markus has been appointed as the CTO in cyan AG and is today responsible for the complete technology divisions in cyan and its affiliates. His area of responsibility covers the strategic orientation of the technology segment, including the project and product management, software development, quality assurance, integration, worldwide operations, and security research.

Markus brings more than 20 years of experience the IT Security industry with a strong focus on Web Technology, Software Development and Operations.

Company
cyan Digital Security

Headquarters
Wien, Wien

Management
Markus Cserna, CTO

Description
cyan provides easy-to-use mobile security solutions to its direct banking customers. The solutions are network-integrated, scalable, device and OS independent and can be used by end customers without any installation, activations, settings or maintenance. The company’s different products are based on a globally unique technology consisting of 23 complex algorithms and several patents that can filter and analyse data according to a wide variety of criteria. Every day cyan’s systems evaluate billions of data items. This creates a solid, always up-to-date basis for identifying dangers and reliably calculating risks

Cyan Digital Security