Which is more important: detecting a fraudster or authenticating a customer? Detecting fraud gets top billing in the news most of the time, but four years ago (an eternity in tech years) ComputerWorld’s Jay Cline put customer authentication front and center in an article titled “How to Build Privacy Into Customer Authentication.” Yesterday one of [...]
I recently learned why identical twins have different fingerprints. In answering a reader’s question a NYT writer explained that the likely reason is “related to the minute differences in the mechanical forces each developing fetus experiences…as its cells proliferate.” In other words the uniqueness of human fingerprints stems from the physical forces that surround the [...]
If you were an online fraudster, which would you target: banks, etailers, payment gateways, online dating sites—or domain registrars? It turns out that more than a few target domain registrars. And there’s more to it than simply testing stolen credit cards to see if they work. The numbers tell the story when you [...]
If someone told me a few years ago that people would pay real money for goods that aren’t real—virtual goods that only exist in digital form—I would have joked that I had a virtual Brooklyn Bridge to sell them. Well the laugh’s on me if the buzz at the Virtual Goods Conference in San [...]
We asked Ponemon Institute to research consumer’s perception of device identification for a good and simple reason: our customers wanted to know.
In one example with Ebates, ThreatMetrix was able to prove that a single fraudster was responsible for creating 23 different accounts using fake email addresses and spoofed IP addresses based on a common device fingerprint.
Trust is the bedrock on which online dating services are built. If members start to feel unsafe in the dating pool then they’ll opt out or try a different service. Online dating services understand this dynamic and some go to great lengths to try and keep the criminal element out.
With so many more potential targets to find and monitor, why not wait to strike when the moment is right and the payoff is huge? That’s exactly what the sophisticated fraudsters do: they wait because they know time is on their side.
Had device identification technology been in place when the fraudsters in this story first attempted to login to the bank with stolen credentials, ThreatMetrix would have identified the computer(s) and might have turned them away based on information gleaned from their machine/session including…
And besides the spoofing issue, using IP address for authentication is not very convenient for the mobile worker on a laptop who frequently logs in to a SaaS application while on the road.
Subscribe Via Email
Subscribe to our RSS Feed
Follow us on Twitter
© 2009 ThreatMetrix. All Rights Reserved.
