RSA Positioned in Leaders Quadrant for Web Fraud Detection by Top Analyst Firm

The RSA Identity Protection and Verification Suite and EMC's Security Division Recognized for "Completeness of Vision" and "Ability to Execute"

BEDFORD, Mass., Feb. 18 -- RSA, The Security Division of EMC (NYSE:EMC) today announced that it is positioned within the Leaders quadrant in the February 2009 Gartner report by Avivah Litan entitled, "Magic Quadrant for Web Fraud Detection." According to Gartner, this positioning is based on RSA's completeness of vision and ability to execute, and in relation to the RSA Identity Verification and Protection Suite.

Gartner defines the Web Fraud Detection market as "composed of vendors that provide software products or services that help an organization detect and prevent fraud that occurs over the Web by:

  --  Running background server-based processes, transparent to users that
      verify user identities based on where they are or what device they are
      using, and/or examine which types of information retrievals,
      navigations and transactions they are executing.
  --  Comparing this information with a profile of what is expected of the
      user or against more generic rules as to what constitutes "normal"
      behavior.
  --  Stopping the transaction if actual behavior is too out of range with
      what's expected and taking the appropriate follow-up action. This can
      range from asking users to reauthenticate themselves -- often using
      another factor, such as a cell phone, or as is more commonly done, by
      answering one or more private questions that only the legitimate user
      can presumably answer correctly. The action taken -- whether it's
      simply user authentication or transaction verification -- should
      depend on how out of range a user's behavior is with the established
      norm."

"We believe that our placement within the Web Fraud Detection Leaders quadrant reflects our success in protecting against the continuous advancements in online fraud and identity impersonation, as well as our ability to deliver value to our customers that reduces related losses," said Tom Corn, Vice President of Product Marketing at RSA. "In my opinion, this report also validates the fact that RSA's knowledgeable team is well-positioned worldwide to continue to deliver innovative solutions that protect organizations across multiple industries, and currently secure more than 225 million people's identities, credentials, and assets."

About the RSA Identity Protection and Verification Suite

The RSA Identity Protection and Verification Suite offers one of the most complete and innovative portfolios of strong authentication and anti-fraud technologies, and is engineered to protect organizations and their online users against the latest external threats. It is a complete Software-as-a-Service (SaaS) portfolio that is designed to increase activity in online and remote transactions, inspire user confidence, and reduce fraud losses and related costs. The RSA Identity Protection and Verification Suite leverages RSA's expertise in fraud analysis, fraud forensics, and fraud modeling, and it includes the following components:

  --  RSA(R) Adaptive Authentication, a risk-based authentication and fraud
      detection platform used by more than 8,000 organizations in ten
      countries, authenticating over 225 million users through risk
      indicators powered by the RSA(R) Risk Engine, such as device
      identification, geo-location, behavioral profiling, and RSA
      eFraudNetwork(SM) matching.
  --  RSA FraudAction(SM), a 24x7 service that protects more than 300
      organizations against phishing, Trojan, and other online attacks. It
      is powered by the RSA Anti-Fraud Command Center (AFCC) and its team of
      fraud analysts who have shut down over 125,000 illegal websites in 140
      countries to date, reducing the lifetime of phishing attacks from
      approximately 115 hours to five hours.
  --  RSA(R) Identity Verification, a knowledge-based authentication system
      that assures and confirms user identities in real-time by presenting a
      series of top-of-mind questions utilizing relevant facts obtained from
      dozens of public and commercial record databases  It is used by more
      than 140 organizations in the financial, telecommunications,
      insurance, and healthcare industries.
  --  RSA(R) Transaction Monitoring, an online fraud detection and
      management system that detects, flags, and investigates high-risk
      activities. Its RSA Risk Engine evaluates each online activity in
      real-time and generates a unique risk score that reduces fraud.
  --  RSA(R) Adaptive Authentication for eCommerce, a secure framework for
      cardholder protection and fraud management. It has authenticated over
      20 billion transactions via a range of authentication and card
      security products, including Verified by Visa(R), MasterCard
      SecureCode(TM) and JCB J/Secure(TM).
  --  The RSA(R) eFraudNetwork(SM) cross-institution, cross-platform, online
      fraud network community, dedicated to sharing and disseminating
      information on fraudulent activity.


  About the Gartner Web Fraud Detection Magic Quadrant

The Gartner Web Fraud Detection Magic Quadrant is copyrighted February 2009 by Gartner, Inc. and is reused with permission. The Magic Quadrant is a graphical representation of a marketplace at and for a specific time period. It depicts Gartner's analysis of how certain vendors measure against criteria for that marketplace, as defined by Gartner. Gartner does not endorse any vendor, product or service depicted in the Magic Quadrant, and does not advise technology users to select only those vendors placed in the "Leaders" quadrant. The Magic Quadrant is intended solely as a research tool, and is not meant to be a specific guide to action. Gartner disclaims all warranties, express or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

About RSA

RSA, The Security Division of EMC, is the premier provider of security solutions for business acceleration, helping the world's leading organizations succeed by solving their most complex and sensitive security challenges. RSA's information-centric approach to security guards the integrity and confidentiality of information throughout its lifecycle - no matter where it moves, who accesses it or how it is used.

RSA offers industry-leading solutions in identity assurance & access control, data loss prevention, encryption & key management, compliance & security information management and fraud protection. These solutions bring trust to millions of user identities, the transactions that they perform, and the data that is generated. For more information, please visit www.RSA.com and www.EMC.com.

RSA is a registered trademark of RSA Security, Inc. in the U.S. and/or other countries, and FraudAction and eFraudNetwork are registered service marks of RSA Security Inc. in the U.S. and/or other countries. EMC is a registered trademark of EMC Corporation. All other trade names and trademarks are the property of their respective holders.