Posted on December 1st, 2010 by Tom Grubb
The Wall Street Journal shines the spot light on device fingerprinting in a fresh series of articles that probe the difference between tracking devices to prevent fraud vs. tracking them to help advertisers target specific people. The core technology to pursue these very different goals is essentially the same, but the context and dynamics set them worlds apart for online businesses and consumers.
In “Are Anti-Fraud Tools Good for Ads” the writer asks “what happens to the anti-fraud business if device fingerprinting…comes under the microscope? ThreatMetrix CEO Reed Taussig points out “If things done with respect to capturing fraudsters were made illegal [or were blocked by Web browsers], it would essentially make it impossible to shop over the Internet.”
Here are the links to the WSJ articles:
In my latest column in SecurityWeek, I said the demise of the cookie to fight fraud doesn’t do away with the need to identify a device—only the method. While online advertisers pursue an ever more persistent way to push back the line on consumer’s ability to control their privacy, software developers will continue to invent new and better ways to identify your device that don’t rely on cookies or PII to help organizations fight the “good fight” against fraud. You can read the whole article here: http://www.securityweek.com/customer-or-fraudster-tossed-your-cookies-lately
- Tom
Tags: Wall Street Journal, WSJ
Posted in Device Fingerprint, Online Fraud Trends | No Comments »
Posted on July 22nd, 2010 by Tom Grubb
Scammers threaten to make casual gaming not-so-casual. Virtual goods—the currency of trade for social games are coveted by cybercriminals for their hard cash value. According to a new article in the Wall Street Journal titled Fraudsters Like Virtual Goods, “merchants that sell digital goods lost 1.9% of all revenue to fraud in 2009, compared with a 1.1% fraud rate for companies that sell physical goods online,” based on data from CyberSource Corp. (a ThreatMetrix partner). The WSJ points out “at first glance it’s hard to imagine fraudsters’ interest in items like computerized swords for a fantasy game. But these goods are often easier to obtain.”
Digital goods purchases are different than physical goods purchases. The WSJ reports that PayPal transacted more than $2 billion in digital goods transactions, with a PayPal spokesperson describing the category as having “a higher degree of nefarious activity.”
These transactions are unique in that they cater to the gamer’s desire for instant gratification and low tolerance for hassle getting online. That means fraud prevention measures must be transparent to the gamer and effective at detecting/preventing fraud. Because gamers are especially sensitive to any delay, and because digital fulfillment is typically instantaneous fraud detection must occur instantly—and not simply an accept or reject call, but supporting data that gives the fraud analysts the full context of the transaction (for example, the true IP address and geolocation if the gamer is using a hidden proxy).
Taking the pulse of attendees and exhibitors here at Casual Connect 2010 in Seattle this week, it’s clear that scammers have become a big concern for many from payment facilitators to household name gaming companies. Much more this year than last, they are very aware of the kinds of games the scammers play to rob them of revenue. This fast growing segment of the industry appears ready to do more to blunt the scammers.
- Tom
Tags: casual game fraud, cybersource, virtual goods fraud, WSJ
Posted in Uncategorized | No Comments »
