Legitim i

1. Legitimi Your Digital DNA Technologies for the Prevention of Cyber Fraud and Identity Theft

2. Legitimi Synertech's Legitimi technology is the industry's latest and most advanced online security innovation. Legitimi delivers extremely reliable two-factor authentication that even exceeds FFIEC requirements for online banking, the most demanding of criteria for cyber security technologies.  Legitimi is simply the most user-friendly, yet highest level of cyber security attainable, and at a fraction of the costs associated with two-factor authentication.

3. Clients of Legitimi’s core technology, Automatos* * OurAutomatos IT Software and Management Services Clients

4. How Does Cyber Fraud Affect Your Business? • Identity theft is America’s fastest growing crime - In 2004, 9.9 million Americans were victims of identity theft - Consumers suffered a $5 billion economic loss • Online fraud will cost eCommerce over $2.6 billion in 2005 • Skyrocketing international fraud restricts global expansion for many businesses

5. How Vulnerable is Your Business? • Online banking is vulnerable - Nearly 2 million consumers were victims of online banking fraud in 2004 - 55 million people will bank online in 2005 • Phishing Attacks (email scamming) - In 2004, 2 million people were victims of stolen IDs and personal information resulting in devastating losses - Cyber fraud costs U.S. Banks almost $2 Billion in 2004

6. Example of a Phishing Email Requesting Personal Information Regions Bank: Special Announce [Tue, 01 Mar 2005 10:51:07 0300] REGIONS AND UNION PLANTERS [custservice_ref_776710@regions.com] TO: yourname@yahoo.com ______________________________________________________________ THIS NOTICE IS TAKEN DIRECTLY FROM THE REGIONS WEBSITE: Regions does not contact customers via e-mail to verify or request security information. However, some customers -- and non-customers -- have received fraudulent or what is now called either "spoofing" or "phishing" e-mails that have illegally used the Regions name, logo, Web site design and/or graphics. The purpose of these fraudulent e-mails is to get you to divulge personal information in order to commit identity theft or to take money from your accounts. In most cases, these fraudulent e-mails either request the recipient to send personal information back to the sender via e-mail; in other cases,they include a link to a Web site, which will then request the visitor to enter their private information AS NOTED IN THE EXAMPLE ON THE NEXT SLIDE.

7. Example of a Fraudulent Site Requesting Personal Information This site looks very official, but it is fraudulent. The link provided on the phishing email produced this site. As noted on the previous slide, banks do NOT contact customers to obtain or re-verify information. Anyone that enters information on this site will be a victim of identity theft. Most of these sites are very sophisticated and include all the proper logos, disclaimers, etc. as in the example above.

8. How Does Corporate Fraud Impact Your Company? • Insider attack is the most serious and financially damaging cyber security threat to corporate America • In 2004, Fortune 1000 companies sustained losses of over $70 billion from theft of their proprietary information • In 2003, theft of proprietary information was the leading cause of dollar loss in the CSI/FBI Computer Crime Survey (3 times the losses associated with viruses and worms)

9. Regulatory Non-ComplianceCan Be Costly • Since 1996, new regulations and laws have been enacted to address personal data privacy and security issues • California’s SB 1386 • Sarbanes-Oxley Act • Gramm-Leach-Bliley Act (GLBA) • Health Insurance Portability and Accountability Act (HIPAA) • These emerging legislative standards are forcing companies to incorporate security solutions designed for the protection of critical assets What are the solutions?

10. Current Technologies Commonly used measures to control cyber fraud and identity theft: • Install secure environment to prevent hacking • Require the use of User IDs and passwords • Employ 2-factor/strong authentication tools • Install secure communication channels • Install costly access controls • Limit access based on geography What if you could substantially increase your level of security?

11. Legitimi Your Ultimate Solution • Strong, transparent user authentication technology that associates a specific computing device to your customer/user • Automatically creates an encrypted Digital DNA key which is required to grant access into your environment • Leverages current IT investments by easily integrating with the majority of currently used technologies • Patent pending technology: developed by Automatos, Inc. and funded by Intel Capital along with two Brazilian banks, Banco Pactual & Garantia Particpacoes (GP) • Proven method to manage and prevent unauthorized access • Requires no physical deployments to end-users • Easy to install and costs a fraction of other technologies BUILDS customer confidence and security, REDUCES recurring fraud losses, PREVENTS identity theft and PROTECTS critical IT assets!

12. How It Works • Each digital DNA is sent to • the server for authentication • and stored in the database • This digital DNA is encrypted • and arranged in a unique • pattern for each device • Legitimicreates a unique digital “fingerprint” ID (digital DNA) which captures and inventories a set of hardware such as: • Network Adapters • CPU • Mother Board • RAM • Hard Drives • Video Card • BIOS

13. 2 Legitimi Client 1 Consumer/ User PC 3 Legitimi Authentication Server 4 Legitimi Digital DNA database (Secure Services) TheLegitimiProcess • Customer/user accesses your company’s e-Commerce or e-Banking Web Page or network and his web browser connects to the Legitimi Client • Legitimi Client creates the digital DNA of the device and sends it to the Legitimi Authentication Server • Server compares it against the DNA associated with user ID stored on the database • If a matching DNA is located, a positive authentication is returned, otherwise authentication fails and the user is denied access

14. Illustration: Consumer Initiated Transactions - eCommerce Application Joe accesses your company online and authenticates his computer – PC “1” Transaction approved PC 1 Joe Jane steals Joe’s ID and password and attempts to access his account with your company Transaction denied. Digital DNA does not match Joe’s. PC “2” stored as fraudulent PC 2 Hacker Jane Transaction denied. Joe reported his computer stolen. Sam can’t answer additional questions. PC “1” stored as fraudulent Sam steals Joe’s computer at the airport and attempts to access Joe’s account with your company PC 1 Fraudster Sam Joe accesses your company online and authenticates his new computer – PC “3” Transaction approved PC 3 Joe

15. Illustration:Enterprise Application Carol 2 Legitimi Authentication Server denied access Pete granted access 1 EXTRANET Carol 3 Legitimi digital DNA database (Secure Services) granted access granted access Jim 1Employees access your network and the web browser connects to the Legitimi Client - Jim is granted access and can access all levels of information - Carol is granted access and can access H.R. and payroll only - Pete is granted access from a company issued laptop, and while he is traveling, can access sales and product information only - Carol is denied access from her untrusted home laptop 2 Legitimi Client creates the digital DNA of the device and sends it to the Legitimi Authentication Server 3 Server compares it against the DNA associated with user ID stored in the data base (secure services server) and determines who is authorized to access

16. Consumer Features in an eCommerce Application • Your customers can add more devices anytime by simply logging onto your network and validating a new device • Your customers can expand or block access to their group of authenticated devices by simply expanding or closing the access into their group • Once your customer closes his trusted group of devices, no other devices will be allowed into the group • Only the original trusted device can re-open and close the group of trusted devices Customers can manage their accounts from anywhere in the world

17. Ease of Implementation No IT staff or additional hardware is necessary to implement The software is cached on the customer’s computer No customer data is collected while it creates the encrypted digital DNA Ease of Use User friendly, accessible from anywhere in the world Changes in hardware components or reinstallation of operating system does not necessarily change the digital DNA Multi-user computers can associate the digital DNA with more than one bank account or credit card number for ecommerce Customers for ecommerce may access the administration interface to include or delete authorized devices Economical and Scalable Cost only a fraction compared to other available technologies Unique Features ofLegitimi

18. Technology Descriptions Hard Tokens: Hard tokens are physical objects the user possesses such as a key, smart card or other devices especially designed for the safekeeping and use of private key data Soft Tokens: Software that emulates hard tokens (software kernel incorporated in the device) Biometrics: The identification of a user based on a physical characteristic, such as a fingerprint, iris, face, voice or hand-writing (signature) Digital Certificates: A digital certificate is an electronic “identification card" that establishes your credentials when conducting business or other transactions SIM Cards / USB Tokens: Uses a combination of physical device plus a digital certificate is loaded on the device. Cons:Very expensive. Distribution problems. High administrative overhead. Cons: Expensive. Less secure. Cons: Requires very expensive hardware and supporting components. Difficult to implement and manage. Cons: Distribution and maintenance of certificates are difficult. Not user friendly. Cons: Expensive with high administration.

19. Examples of Strong Authentication End-User Devices Physical Strong Authentication devices must be physically available with the user and/or installed on the machine when the end user wishes to authenticate. Smart Cards and USB tokens are both inserted into computers so that their digital certification can be read and used as part of the authentication process. These cost normally between $5 and $20 per card / token. Fingerprint readers identify the user by the users fingerprint, although they are normally deployed as a finger print replacement not bringing strong authentication. These normally cost $15 - $30 per reader. KEYFOB Token with 4 year 6 digit entry changing every 60 seconds. Very expensive, this normally cost $20 - $40 per Fob.

20. Technology Comparisons * Biometric technology reader examples: fingerprints, retina, palm, and hand-writing recognition, etc.

21. Ideal Applications Legitimi is ideally suited for the following industries: • eCommerce • Banking • Finance • Enterprise • Medical • Insurance • Stock Brokerage • Government • Telecommunications • Entertainment • Law Enforcement The most advanced cyber fraud and identity theft prevention technology

22. Legitimi - Your Digital DNA • Build customer confidence and security • Reduce recurring fraud losses • Prevent identity theft, account takeovers, and application fraud • Reduce fines and penalties imposed by associations and agencies • Increase revenue and operational efficiency • Protect critical IT assets • Rapid return on investment • Create a competitive advantage Put a stop to cyber fraud! InstallLegitimitoday!

23. Ask about our NO-RISK deployment…we simply deliver the highest level of cyber security at the lowest cost…or you don’t pay. Legitimi Your Digital DNA Technologies for the Prevention of Cyber Fraud and Identity Theft