• Our Solutions
• Customers
• Partners
• News & Events
• Blog
  • Latest Blog Posts
  • About the Authors
  • Subscribe to Blog via Email
• Company
• Resource Center

August 5, 2010

The Dirt on Clean Fraud

CyberSource just released an excellent white paper titled Improving Automated Screening to Overcome Increasingly Sophisticated Fraud that’s stuffed full of valuable advice and insights by Paul Brock, one of their top fraud management consultants.  You may think “clean fraud” sounds like an oxymoron but it fits as a description of fraudsters getting better (cleaner) at applying more complete and accurate personal data from stolen identities/credit cards to commit fraud. Brock’s knowledge and experience are well-worth reading in this white paper—he’s on the front lines of fighting online fraud, helping customers take and keep control over fraud 24 x 7.

You can request a copy of the CyberSource white paper here.

Brock’s premise is that because fraudsters have gotten smarter about using more and better personal data and strategies (“clean” fraud) to make it appear as though they are legitimate customers, organizations need to adopt more and better fraud prevention tools and strategies to control fraud.  He points to ThreatMetrix’s Fraud Network, “combined with cross-merchant transaction histories” as providing an effective strategy for detecting “clean” fraud.

Here are just some of the valuable points that Brock discusses in this paper:

• Next-generation device identification solutions, those that offer “both browser fingerprint and packet signature inspection,” deliver a new and rich source of information about the computer/device, it’s internet connection and it’s behavior that go beyond the “ just the apparent identities involved in the transaction”
• Device identification technology opens a new avenue of correlation that can be used in fraud screening: you have an additional element that can be examined with regard to velocity, and for detecting identity morphing.
• Device fingerprinting must go beyond the surface of identifying the transacting device, to identify whether additional suspicious activities might be at work. In the process of collecting the device identification attributes, your implementation of device fingerprinting should also interrogate the device about how it is being used and how it may be under the control of another device.

There’s a ton of great information in the white paper, get a copy and learn how to stay ahead of clean fraud.

- Tom

Posted by Tom Grubb Categories: Botnets. Credit Card Transactions. Device Identification. Identity Theft. Online Credit Card Transactions. Online Fraud Trends. Payments Management

Leave a Comment

Click here to cancel reply.

Name (required)

Mail (will not be published) (required)

Website

• < Previous Article
• Next Article >

• Translator

  

• Share Our Posts

• Subscribe

  Subscribe Via Email
  Subscribe to our RSS Feed
  Follow us on Twitter

• Top Posts

  • Facebook’s 800 Pound Gorilla Threatens Success: Now ThreatMetrix Expert Lays Bare Facebook Mobile, Malware and Privacy Issues
  • Not Another Word: European Commission Law Requires Explicit Consent
  • The Other Side of Facebook’s IPO
  • Hackers Don’t Have to Worry About Police at the Door as Much as a Hellfire Missile Down the Chimney
  • Robbing the Cradle…Literally – Child Identity Theft Rising

• Additional Resources

  	Ponemon Study: Consumer Attitudes on Privacy & Fraud Prevention
  	Executive Primer: Using Device ID for Fraud Prevention
  	Technical White Paper: Device Intelligence In-depth

• Categories

  Select Category Account Compromise  (37) Adknowledge  (1) Advanced Persistent Threats  (1) Analyst  (1) Analysts and Research  (12) Anonymous  (8) Anonymous Attacks  (13) bank fraud  (30) Bank of America fraud  (1) BART  (1) Botnets  (28) Brian Krebs  (2) Carberp  (1) Carberp banking Trojan  (1) Chinese cyber attacks  (5) Citibank hacking  (1) Citigroup account hacking  (3) Cloud computing  (18) Comerica Bank  (2) Comerica Bank Fraud  (3) ComodoHacker  (1) Conflicker worm  (1) Cookie wiping  (15) Cookieless Device Identification  (82) Credit Card Fraud  (27) Credit Card Transactions  (53) Cyber Attacks  (42) Cyber Monday  (4) Cyber warfare  (23) cybercriminals  (19) cybersecurity  (15) Cyworld account hacking  (1) Dark Market  (3) Dasient  (2) Data Breaches  (2) Data Privacy Day  (2) Dating fraud  (9) Device Detection  (100) Device Fingerprint  (120) Device ID  (116) Device Identification  (139) Electronic Crimes Task Force  (1) Electronic Frontier Foundation  (1) Epsilon Account Hacking  (1) Epsilon Data Breach  (6) European privacy  (1) European privacy laws  (1) Events  (12) Facebook  (9) Facebook account hacking  (2) Facebook IPO  (1) FFIEC  (8) FFIEC Banking Guidelines  (11) FTC on stolen child identities  (1) Gaming Fraud  (3) Google  (1) Government Fraud  (22) Hackers  (23) Hacking  (27) Humor  (1) IAPP  (1) Identity Theft  (56) IMF Cyberattack  (1) IP Address Cloaking  (1) IRS Fraud  (2) Kerry-McCain Commercial Privacy Bill of Rights  (2) Killer apps  (1) Krebs  (1) KrebsonSecurity  (1) Law and Enforcement  (17) Lulz Security Attacks  (11) LulzSec  (5) Malware  (14) malware prevention  (8) malware protection  (10) man-in-the-browser attack  (10) Micropayments  (4) microtransactions  (2) MitB  (9) mobile payments  (14) monetization platform  (1) mules  (1) mules in fraud  (1) National Cybersecurity Awareness Month  (4) Nato Fraud  (6) New Account Registration  (25) New York cyber attack  (1) NSA  (2) online banking  (46) Online Credit Card Transactions  (53) Online Fraud  (104) Online Fraud Trends  (69) Patco Construction Lawsuit  (2) Patco online banking fraud  (1) Payments Management  (11) PBS account hacking  (1) PC Fingerprint  (69) Pentagon  (11) personally identifiable information  (65) PII  (65) Ponemon Institute  (10) PrECISE  (1) Privacy  (14) Proxies  (8) Ramnit malware  (1) Red Herring Global 100  (1) RSA  (4) RSA Fraud  (7) RSA hacking of SecurID  (1) Russian cyber attacks  (6) San Francisco City College Hacking  (1) Sega account hacking  (6) Sega fraud  (6) Social Media Fraud  (9) Social Networks  (17) Social Security Fraud  (8) Sony  (6) Sony PlayStation  (10) Sony Playstation hacking  (1) SOPA  (1) South Africa’s Postbank Hacking  (1) State of Texas Stolen Social Security Numbers  (1) Statfor Global Intelligence Service hacking  (1) Stolen identities  (14) Stop Online Piracy Act  (1) Stuxnet  (2) Super Rewards  (1) ThreatMetrix  (68) ThreatMetrix Cybercrime Defender Platform  (10) ThreatMetrix Fraud Facts  (29) ThreatMetrix User Conference  (11) Toshiba Fraud  (3) Trojans  (1) TrustDefender Client  (11) TrustDefender Cloud  (11) TrustDefender ID  (11) TrustDefender Labs  (1) Twitter  (2) U.S. Department of Homeland Security  (1) Uncategorized  (68) Virtual currency  (2) virtual goods  (1) Web Application Security  (2) Wordpress.com Hacking  (1) Worldpress.com Hacking  (1) Zappos  (1) Zappos hacking  (1) Zeus Trojan  (7)

• Blog Archives

  Select Month February 2012  (3) January 2012  (11) December 2011  (9) November 2011  (10) October 2011  (12) September 2011  (5) August 2011  (12) July 2011  (5) June 2011  (15) May 2011  (4) April 2011  (3) March 2011  (5) February 2011  (2) December 2010  (2) November 2010  (2) October 2010  (3) September 2010  (1) August 2010  (3) July 2010  (3) June 2010  (3) May 2010  (4) April 2010  (4) March 2010  (3) February 2010  (4) January 2010  (1) December 2009  (1) November 2009  (3) October 2009  (4) September 2009  (4) August 2009  (2) July 2009  (3) June 2009  (5) May 2009  (6) April 2009  (1) February 2009  (5) January 2009  (6)

• Other Resources

  • Banking Analytics Blog
  • CalvinAyre Blog
  • Dark Reading
  • eCommerce Tactics
  • eWeek Security Watch Blog
  • Inside Social Games
  • Javelin Strategy
  • Online Dating Post
  • Online Personals Watch
  • Payment News
  • Scam Detectives Blog
  • Shop.org
  • Social Networking Watch
  • The Fraud Blog
  • Virtual Goods

Become Our Customer | Contact Support | Schedule a Demo
© 2012 Threatmetrix All Rights Reserved. Privacy Policy | Site Map | Terms of Service