What is Metacert and how does it stop Phishing Attacks?
MetaCert is a cloud and blockchain-based anti-phishing and anti-malware bot that can be used by customers of slack and other messaging apps that support team communication and collaboration, as well as integrated by a startup/company/blockchain/Dapp as a security solution to protect its crypto-based ecosystems against phishing and malware.
In addition to protecting against malware and anti-phishing, the protocol can be used to protect users against fraud, to protect the brand against bad publicity, enhance child safety online, as well as to ensure news credibility.
For instance, the ICO space is notorious for phishing. Prospective ICO investors have been tricked many times over by websites that look identical to that of a real ICO, but are really fronts for groups looking to steal as much crypto as they can. That's one of the areas MetaCert targets their service in the crypto industry.
In other words, MetaCert is a threat intelligence system for URIs (web links to documents, images, downloadable files, services, electronic mailboxes, and other resources).
Because most suspicious URIs are exchanged via emails, social media, and messaging apps such as Slack, etc., MetaCert functions by integrating with these apps and platforms and continually monitoring exchanged messages to check any shared links against its internal threat intelligence system, which is comprised of billions of categorized links. In doing so, the system is looking to classify whether or not particular links in messages and emails are threats or not. It then alerts admins and users to take necessary actions like avoiding said URLs, not logging into certain websites, avoiding downloading certain documents, avoiding installing affected software and banning/blocking the original sender of the affected message.
With all of this, it should be understood that the system does not read messages, but it does monitor them to identify and analyze the links within.
Originally a company that developed cyber threat intelligence systems for other companies and groups in order to secure users of messaging services against malicious attacks, Metacert is shifting their threat intelligence system to the blockchain in order to decentralize their overall system.
The MetaCert API can be used on a variety of applications including popular team collaboration enhancers like Slack and HipChat, porn-blocking apps, app and API platforms such as those that allow developers to build applications (e.g. AppMakr), and by developers who are developing apps for their companies or for other reasons. Developers can integrate it via plugins or custom code etc. MetaCert can also be integrated by teams on their messaging channels on Slack, Facebook, and other messaging platforms/apps.
Cloud-based protection
With the continued popularity of cloud-based applications that do not require users to install, run and update native apps on their machines and which are more cost-effective compared to software that is run locally from customers’ machines, cybersecurity threats are getting worse overall.
MetaCert protects cloud-based applications such as Slack against attack since traditional hardware and software security applications installed on the client's machine will not offer security for those types of apps whose data is moved to cloud. It also seeks to address the continued phishing problems inside of messaging apps such as slack, with latest attacks going online every other hour of the day leaving teams and communities exposed to external hacks, insider threat, sand regulatory non-compliance risks.
Phishing protection
Phishing attacks involve an attacker sharing links to websites that appear genuine but are not. The phishing link and website are almost similar to the original in order to deceive the user and to make them fail to suspect anything but the intention is to divert the user to a separate site to steal their data or info or assets such as crypto once they are logged in.
Once the user who receives the phishing link (perhaps via email or message on Slack or Facebook Messager) and clicks on the link, they can log into a fraudulent website thinking they are logging into their own account. They may then share their personal information with the hacker, who has the site designed to record their input.
For instance, if a user logs into a fake/phishing MyEtherWallet link and website, they can have their wallets later emptied after the login. These phishing websites are not easy to detect without careful scrutiny because they are created to be very identical to the original website. Further, malware can be downloaded and installed onto their mobile devices or computers when the user clicks on those links, and the malware can then continually monitor their personal activity and transmit data. Phishing and malware have been used to steal private keys after which crypto is stolen, even within seconds.
Phishing attacks are notorious in token launches and ICOs because these involve users sending money as ICO contributions to addresses. For ICOs and token launches, the bot is able to monitor messages and links to identify potential threats. It will warn admins about events such as when a phishing email is sent to a member of the community through the Slack reminder system.
For Slack, MetaCert will continually monitor both new and existing channels. Once a potential threat is identified, the software will then send alerts to both admins and users on the team/group before they can become victims. Further, it indexes all web links into categories and archives all links and files. It will tell the user the threat category (Malware & Phishing, Pornography, etc) of a certain suspected link in order to help the user decide whether to proceed with opening the link or not.
Companies of any size can integrate the solution to protect their customers, employees or other kinds of users regardless of the device that the customer is using or their location.
In addition to protecting platforms and apps/dapps against phishing, malware, potentially harmful bots and sharing of workplace-disallowed content such as adult content, MetaCert offers compliance monitoring and management for internal HR policies and offers user activity monitoring and website usage statistics about websites being shared across the customer's platform/service.
So far, it has been used to protect over a billion messages and to analyze over 16 million links by small to large enterprises that include InSigna, Currenex, AppDirect, Sngular, BlackHawk, VSP, Telindus, XPOLogistics, Sage, IBM, NTTSecurity, TransAmerica among others.
Messaging channels on different messaging platforms
The MetaCert security bot is integrated with customers’ messaging channels via the cloud and therefore does not require any special hardware. It takes less than 60 seconds to integrate it into a group/company channel on messaging apps such as Slack, Skype, Facebook messenger and on iPhone mail.
Once integrated on the channel, it will send the user a DM with directions on how to test the service. The user can also send a DM to the bot to test working for each of the categories including Malware & Phishing alerts, Pornography alert, etc.
MetaCert will delete the message after detecting a malicious URL, whether that URL is in a public channel, a private channel or is in a direct message (DM). It also sends usage stats and information to administrators of the channels so that they can ban bad actors before they do harm, or so they can educate their users about how to use the software. The company is working with Crypto companies in order to identify and classify phishing sites to offer additional and continued protection.
It delivers security alerts to customers about security events, but that's not all: it performs unlimited URL scanning to determine potential threats, blocks shortened spam URLs, provides warnings about visited pornography site/content, and warnings about fake news.
For all using the protocol to monitor URI on messaging apps/platforms/channels, the customer is able to select which type of communication they can monitor and protect. That means they can, from their personal control panel, choose which categories to enable and disable such as Malware and Phishing, Pornography, Fake News, etc. If a company does not want to monitor links to Fake News, they disable that. There is no limit to the number of alerts it can deliver or links it can monitor.
On Slack, once installed/integrated, MetaCert monitors all links in messages and activities of Slackbot, which is being used by spammers through Slackbot reminder feature to send email notifications to users with links to phishing sites. MetaCert bot will monitor direct messages on a single channel as well as messages across public and private channels in order to pick and analyze links in them
The software provides some features that can be accessed via the Slack Premium Plan as well as others that cannot. For instance, Slack Premium Plan does not provide any insights to Private Channels but MetaCert bot will. First, all Private Channels get listed on the user's personal dashboard. If a member from a public channel creates a Private Channel that is using the protocol, the bot will also monitor messages and links/URLs shared on the newly created Private Channel and inform MetaCert admins once a potential attack is instigated via the Private Channel.
For email users on iPhone, MetaCert brings Extended Validation security feature and once integrated, inserts visual indicators into every email in order to offer security insights and protection and to educate users about email phishing. This allows users to stay protected from phishing attacks launched via emails sent to the users, for instance by the inclusion of phishing links in an email. It will flag suspicious links.
Like for the case of messaging apps, the bot will scan and monitor messages and identify links and then rate these against its intelligence system. It then offers additional metrics for each email and each link in the email, for instance, indicating whether each of the links in the email is verified by the MetaCert bot, unverified, or whether they are outright phishing links. Thus, the user is able to visit or refuse to visit those links given the additional information about the link security tag and risk profile.
Today, while traditional emails will pass through multiple security and anti-spam filters, many emails are not blocked or categorized as spam or flagged as insecure even when still containing dangerous links. Plus currently, email providers do not offer any in-depth indicators of trust for emails and links in them. Additionally, some phishing attacks are hidden in redirects, which makes it hard for a user to successfully avoid phishing by way of manually inspecting each and every link they intend to click on: that is, a user can still fall victim of phishing as a result of multiple redirects even after scrutinizing the links manually before visiting them because a suspicious link might be injected via redirects even if the original link was OK.
iPhone users are also able to use a mobile secure private browser that improves on a variety of security issues: there is no website tracking, no personalized ads, offers passcode protection for favorite websites, and on which history and cookies will be deleted automatically when the user closes the browser. It also allows users to control access of any kind of content they wish to inside any browser on their mobile devices such as blocking pornography content. In this case, it will also check URLs for content before blocking or allowing as per customer's setup. Browser protection features also work for Android users.
Integration of MetaCert for standalone apps and platforms: The MetaCert API
For those who want to integrate MetaCert API into their standalone apps/platforms/dApps etc, the whole process can be done in less than an hour, according to the company's website. When integrated, it provides a light layer of security on the app/platform and will thus help protect your app and its users against 10 billion plus URLs on its intelligence phishing, malware, and adult content protection system. The database categorizes these links into 60 different categories including Phishing & Malware, Pornography, Gambling, and Violence.
The API contains a few lines of code and the app owner will need to write only a few lines of code in order for their app to know how to handle classified URLs. The MetaCert team can also help anyone to write the parsing code if necessary. Those who integrate the security bot get 150 validations every month.
It can also be embedded in the Android firmware to update the device's settings for OEMs.
According to the company's website, over 50% of the apps built on the AppMkr Platform are subscribed to at least one MetaCert Security Service, and over 80% are subscribed to both.
The company is also collaborating with Appery.io, a platform used to build and deploy cloud-based cross-device applications in an environment with integrated back-end services and a rich catalog of API plug-ins. Appery.io has built a plugin which developers can quickly add into any new or existing app to check the reputation of any web links sent via the developer's app for instance against categories such as ‘Malware & Phishing’, ‘Pornography’ and ‘File Sharing’. File Sharing was added for the purpose of testing to allow developers to test the API without having to call URLs that are not safe for work.
The API is also used in bCRM, a CRM and marketing solution that helps a business to measure and improve on user engagement; is used on TrustServ web crawler and URL classification system, and is used on unfurlr.com to check shortened URLs against over 2000 shortening services.
Thus said, the MetaCert API can be used in a variety of ways; it can be integrated via a plugin that developers can use to build their own applications, integrated through API call method from the backend before opening or indexing of URLs, asking the MetaCert API whether a URL is safe to use before displaying it in a chat window, and choosing which URLs to embed based on their safety, as retrieved from MetaCert API.
The company currently provides various software development kits including an Android SDK, an Objective-C SDK, a PHP SDK and a Ruby SDK that can be used to build integrations.
Decentralization
The decentralized cyber threat intelligence system will be an ecosystem comprising of different participants including submitters, validators, purchasers, and end users. Submitters will submit information about URIs including classification of a domain, ownership of a domain, and its contact information, and wait for validation. An example of submitters is resource owners who pay token to require the verification of their digital assets.
Validators will review the URI submissions before they are added to the protocol. They are awarded "validators" if their repeated reviews are at a high level of accuracy and success.
Purchasers are those willing to pay to access the protocol for the entire, multiple categories or a single classification and for integration into their products and services for instance the developers building their own apps for end users and thus integrating the API or plugins, while end users are those that benefit from using the products or services created by purchasers and integrated with the protocol.
The ecosystem is backed by META token. Submitters and validators have to stake an amount of the token to claim submissions and validations of a URI. They can also earn revenue by contributing precise identity, submission or validation to the URIs. The revenues will depend on their own directed efforts and the community’s demand for those efforts.
The validators and submitters can spend the earned tokens to pay for security products and services that incorporate the Protocol. If the submitter or validator has intentions to subvert the integrity of the ecosystem and the community disagrees with them, the staked token is lost or decreases. The decisions are logged to the ledger for review and identification of bad actors.
The decentralized ecosystem will offer real-time protection and this protection will also be backed by community verification because of participation of various categories of users as described above.
The blockchain-based platform is built on Ethereum blockchain along with the use of Node.js and Python.
Decentralizing and crowd-sourcing of the platform on the blockchain will allow anyone to submit and validate URLs, apps, bots, etc. It consists of the end-user participant system ChainKit which provides an interface for parties to submit, validate and dispute URI classifications; a decentralized blockchain registry to record all ledger transactions relating to URIs and which utilizes smart contracts for the management of required entry conditions, digital ledgers, and Token mechanics; and a synchronization system called HyperChain which links blockchain registry and the ChainKit to help eliminate latency issues with write transactions.
Pricing
The pricing for Slack customers depends on the size of the team involved, but to start with, customers can try the solution for free for seven days, after which they can pay $10 per month for a team of up to 10 users, $15 - $1000+ per month for growing teams of between 15 - 4000 or more users, and $25 - $175 per month for cryptocurrency communities of between 100 and 10,000 users or more.