Thomson Reuters is a global provider of technology, information, data and to professionals across the financial and risk, legal, tax and accounting, and media markets. The company needed a way to boost the security of their flagship enterprise financial information and messaging app, Eikon Mobile, while still ensuring a high-quality end-user experience.
When Eikon Mobile’s usage metrics began to sprout, many of Eikon’s major banking enterprise clients asked for an additional layer of security to protect sensitive data and access from malicious malware and hacks. Additional constraints arising from fiduciary and regulatory compliance further diluted adoption rates. Thomson Reuters needed a security solution that would strengthen the Eikon Mobile application without constricting the fluidity of performance, which could damage end-user experience.
The Challenge
Samsung Solution
Samsung collaborated with the Eikon Mobile development team to create and launch a separate Samsung Knox-enabled application (KEA) version of the Eikon Mobile platform. Knox is a security framework that shields the application and its data in an encrypted container/sandbox that blocks access from other applications and unauthorized users without compromising functionality. The Knox sandbox helped expedite the installation, development, testing and rollout of the KEA-Eikon Mobile platform by containing all the modifications within the framework. Knox integration effectively isolates the application, communication and data in its own invisible and impenetrable container with simultaneous data-at-rest encryption and authentication — without constraining performance.
The download volume has generated an impressive 10-15 percent growth rate.
Results
Enterprise banking clients are delighted with the added flexibility of customizable MDM solutions that comply with internal policies, and Thomson Reuters saw a steady 10-15 percent annualized growth rate in users. The success of the KEA-Eikon Mobile rollout has convinced Thomson Reuters to expand the scope of Knox integration by developing KEA versions of their flagship legal and accounting applications. By forging a cost-effective and invisible extra layer of security without impacting end-user experience, enterprise FSI clients have engaged the Eikon development team for future task-specific apps. Thomson Reuters has adopted the Samsung Knox framework as an integral piece of the foundation for future product offerings.
Thomson Reuters provides technology, data, news and information to financial services clients, has around 45,000 employees and operates in over 100 countries. The Financial and Risk Management division’s flagship product, Eikon, is a subscription-based platform delivering timely and exclusive financial news, research, global financial markets data, customizable tools and real-time analytics to hundreds of thousands of financial services professionals worldwide. To address the growing mobility needs of clients, Thomson Reuters launched a mobile version of the popular platform in 2013. The Eikon Mobile application enables FSI professionals to access and stay connected to real-time, market-moving events and financial data anytime, anywhere through their mobile device. The integrated messaging feature has transformed into a network platform where users regularly communicate with clients, prospects, peers and counter parties around the world instantly. In fact, the Eikon Messenger network has grown into the world’s largest open directory of vetted financial professionals with over 300,000 users spanning 120 countries and 28,000 organizations.
The Challenge:
Boost Security While Maintaining High-Quality End-User Experience
The alarming rise of hacks on mobile devices has put FSI organizations on edge. Thomson Reuters wanted to provide an optional best-in-class mobile security solution for the Eikon Mobile platform to allay concerns by major enterprise financial services clients handling highly sensitive customer data. According to Tech Republic, Kaspersky Lab registered 40 million attacks by malicious mobile software in 2016. Trojans became the top malware threat as malware and ransomware installation packages tripled to 8.5 million from 2015 to 2016. Anti-virus developer ESET reported Android ransomware attacks grew by 50 percent, also in 2016. Bankers, wealth managers, traders and portfolio managers are routinely entrusted with handling confidential data while maintaining regulatory and fiduciary compliance under close public scrutiny. Reputational and financial ramifications are magnified from security and data breaches. FSI employees may not always implement the strictest security precautions with their personal mobile devices, which can inadvertently put the company’s sensitive data at risk.
Confidence is the binding thread of global financial markets: confidence in the liquidity of assets, enforcement of regulations, the accuracy of news and data, the integrity of the transacting counter parties and the stability of the technology platforms that enable the mechanics of the markets to function fluidly. Strengthening Eikon Mobile security would help boost confidence with the major enterprise banking clients and open up new opportunities for future collaborations and development. Confidence restores the innovation process by removing the roadblock of security concerns. Most importantly, it strengthens trust and ensures loyalty, especially when the vendor helps to relieve stress and ease some of the burden on the client’s IT department by proactively integrating the additional security framework.
Thomson Reuters carefully balanced the integration of additional security while ensuring a high-quality end-user experience both in terms of access and performance. Successful integration would serve to grow the channel moving forward for existing and new clients.
The early success of Knox integration has helped revitalize Thomson Reuters’ innovation process by restoring confidence and facilitating collaboration with major enterprise clients.
The Solution:
Knox-Enabled App Provides Military-Grade Security
Thomson Reuters’ Eikon developers turned to Samsung to deliver a solution that would meet their enhanced security needs for the mobile version of Eikon, and encourage further engagement with their largest banking institutional clients. Eikon mobile development manager, Alan Carino, spearheaded the collaboration with Samsung’s Enterprise Alliance Program (SEAP) and Samsung Business Services (SBS). They developed a KEA version of the Eikon Mobile app that is fortified with a military-grade, NSA-approved and FIDO-compliant encrypted enterprise mobile security framework.
The implementation process was straightforward with virtually seamless API integration. Carino was pleasantly surprised by the flexibility of the platform and the ease of integration compared to the “limitations and borders” of alternative solutions. The initial integration process took half a day, and then required time for further testing. The Knox platform empowers Eikon’s enterprise clients to implement their own MDM for the “full breadth of security” if they choose.
The KEA provides military-grade security for individual apps by placing them in an invisible isolated container environment that automatically encrypts data-at-rest. Client certificates are protected by TrustZone-based Integrity Management Architecture (TIMA) and stored in the hardware’s TrustZone. This encapsulation prevents any communication or data access from apps outside the container. “I see this as a great partnership from the development side,” says Carino.
The Technology:
Samsung Knox
Knox Enabled Apps
Defense grade, container solution that secures apps without devices management or compromising user experience
Galaxy S8
Samsung Galaxy S8
Break traditional mobile boundaries to help accomplish more with intuitive connectivity, defense-grade security and multi-factor authentication.
The Result:
Premium Security Facilitates User Growth
Thomson Reuters successfully rolled out the KEA version of the Eikon Mobile app, including Eikon Messenger, in the first quarter of 2016. Enterprise FSI clients have expressed enthusiasm and growing adoption of the fortified platform, as evidenced by improving month-over-month usage metrics generating a 10-15 percent user growth rate. The company plans to release a KEA version of Eikon Mobile with every other non-KEA version release. “Creating a solution with a partner that has the reach, scale and capability of Samsung, and that complies with the FIDO standard, rapidly becoming the dominant standard, gives us a good basis of what offerings make the most sense for our joint customers,” says Ron Kozoman, head of mobile business unit management at Thomson Reuters. “Maybe there is a proprietary trading type of app, or maybe an app we can produce together that would allow a wealth manager to do something fairly special and be able to hold on to some fairly sensitive customer data with great confidence knowing that because of Knox security and because of biometric authentication, it’s not going to fall into the wrong hands.”
Here are some other benefits Thomson Reuters gained by protecting their mobile apps by Knox:
1. Provides Flexible MDM Customization for Eikon Enterprise Clients
While Knox has built-in MDM, major financial institutions are integrating their own MDM. Carino anticipates spikes in growth as banks get their MDM worked out. Many large banking clients have expressed interest in moving forward with distribution of Knox-enabled Samsung Galaxy devices to employees, as the rollout has bolstered awareness and confidence in the security of KEA.
2. Delivers Protection for Both the Organization and End User
Thomson Reuters Eikon clients are mobile financial professionals who need constant and remote accessibility to information. Having a 2-in-1 device is a major efficiency booster. To alleviate carrying multiple connected devices, FSI professionals prefer a BYOD policy. Security breaches are a deal breaker when using enterprise business apps on a personal smartphone. The biggest dilemma stems from the susceptibility for intrusion and malware access of sensitive data. When users download an app, it usually asks for permissions to access private data on the phone, including location, contacts and messages before installing the app. This has the potential to open up a Pandora’s box of trouble. For this reason, many financial institutions require a separate enterprise-enabled device strictly for business use, which adds to the already cumbrous nature of physically carrying, syncing and charging multiple devices on the road. Knox allows for the complete separation of personal and business apps and data through invisible, isolated and encrypted containerization, protecting communication, apps and data simultaneously.
3. Improves Enterprise BYOD Flexibility and Enables Expedited Testing Capabilities
Containerization, also known as sandboxing, prevents personal apps from accessing data from other apps. If a vulnerable app is hacked, it prevents the spillover effect from accessing other data or software on the device, containing the breach. Sandbox also ensures that the rigors of testing aren’t transferred from enterprise to customers and don’t negatively impact the end-user experience — allowing for something that can take months for testing, customization and integration to be done in a fraction of the time.
4. Integrates Knox Security as Part of the Foundation Moving Forward
The successful feedback from KEA Eikon users has convinced Thomson Reuters to expand the scope of development and launch of new client-centric applications. The rapid rate of innovation from modern FinTechs has raised the bar in terms of relevant application development. Reducing application and data security concerns by integrating Knox as part of the foundation opens the door to collaboration with clients for the future development of customized applications. The Knox sandbox streamlines the installation and testing process, resulting in quicker product rollouts. As a result, Thomson Reuters has expanded Knox integration across different product lines. They will soon be launching the KEA versions of their flagship legal and accounting mobile applications in 2017. The recent acquisition of the REDI electronic communications network (ECN) gives Thomson Reuters an entry into the lucrative securities trading arena where the Knox-enabled security framework will be crucial in protecting mobile trading and transaction data.
The early success of Knox integration has helped revitalize Thomson Reuters’ innovation process by restoring confidence and facilitating collaboration with major enterprise clients. Kozoman says, “The Eikon Knox app is one piece of the foundation we’ve been putting down for future offerings. You have the apps themselves with the Knox security layer as an important start to add and build trust and awareness within our population of users.”
Stay in tune with the latest digital financial services trends by checking out our complete line of finance technology solutions.
