- News & Events
September 26, 2013
Each month, the ThreatMetrix™ Global Trust Intelligence Network (The Network) screens more than 500 million site visitors, across more than 1,900 customers and 9,000 websites and uses predictive analytics to differentiate between legitimate and fraudulent behavior, personas and devices.
From May 1 through July 31, 2013, The Network found the average online bank account was accessed by unique devices (personal computers, work computers, smartphones, tablets, etc.) an average of 2.4 times. Every other industry — e-commerce, enterprise, insurance, social networks, government and healthcare — was only accessed by unique devices an average of 1.79 times. That puts banking way out in front of any other industry when it comes to being accessed by multiple unique devices.
ThreatMetrix data from July 2013 shows that 55 percent of bank accounts are accessed by one device, 26 percent are accessed by two devices, 11 percent are accessed by three devices, and 4 percent are accessed by four devices. While there is a significant drop-off after four devices, the data shows a very small percentage of accounts being accessed by as many as twenty devices in a one-month period, which raises some red flags.
“Online bank accounts are likely accessed by several unique devices because consumers often check their balances or process transactions several times per week, or as often as several times per day,” said Peter Liske, vice president of product management, ThreatMetrix. “However, accessing highly sensitive banking information across multiple devices poses a severe fraud and malware risk to both consumers and financial service providers – more so than for other industries.”
All Industries Combined Show Lower Number of Unique Devices than Banking
Data from July 2013 shows 68 percent of accounts across industries other than banking are accessed by only one device each month, 19 percent are accessed by two devices and 7 percent are accessed by three devices. After three devices, the data shows a significant drop off.
“While it isn’t uncommon for some consumers to access online accounts from multiple devices, any business operating online must have a collective device and persona screening process in place to determine suspicious activity,” said Liske. “The risk of a malware-infected device transacting with a site goes up when visitors use a number of devices. Preventative screening enables online banks, retailers and other businesses to authenticate returning users and their associated devices so they can have a seamless experience while ensuring suspicious account logins require additional screening processes.”
How Businesses Can Accurately Determine Unique Devices
Most online businesses determine the number of devices accessing accounts using cookies, which are highly inaccurate. That’s because, in addition to private browsing modes where no information is saved, experienced tech users know how to delete cookies. When cookies are cleared and a user revisits a site, his/her device is counted as a fresh device.
Rather than cookies, ThreatMetrix utilizes SmartID™, which identifies unique visitors who have wiped their cookies, used private browsing and changed IP addresses. Smart ID delivers a vastly more accurate account of the number of unique devices visiting a site and enables customers to better measure which devices and activities are suspicious and require further screening.
“Looking at unique devices and persona behavior by cookies has become more and more problematic in the cybersecurity industry. ThreatMetrix technology enables businesses across industries to better protect their authentic customers by not relying strictly on cookies,” said Liske. “Rather, the enhanced functionality of ThreatMetrix Smart ID improves the capability to authenticate returning visitors, especially those trying to elude identification or wipe their cookies.”
With data compiled by The Network, but without capturing personally identifiable information, account logins from May 1 through July 31, 2013 were reviewed to determine the number of unique device identifiers associated with the encrypted value of an account. The unique device number was determined by counting the number of unique device fingerprints (SmartID) per login. Organizations were placed into different broad categories for comparison, i.e., banking, retail, etc.
ThreatMetrix is the fastest-growing provider of integrated web fraud and cybersecurity solutions. The TrustDefender™ Cybercrime Protection Platform helps companies prevent unauthorized access to web and mobile applications, protect sensitive data, and secure transactions against account takeover, payment fraud, identity spoofing, malware, and data breaches. ThreatMetrix protects more than 1,900 customers and 9,000 websites across a variety of industries, including financial services, enterprise, e-commerce, payments, social networks, government, and insurance. For more information, visit www.threatmetrix.com or call 1-408-200-5755.
To join in the cybersecurity conversation, follow us on Twitter @ThreatMetrix.
Posted by Dan Rampe
Tags: Account Takeover, Account Takeover Fraud, Bank Fraud, Botnets, CNP fraud, Cookieless Device Identification, Cookies, Credit Card Fraud, Cyber attacks, Device Detection, Device Fingerprint, Device Fingerprinting, Device ID, Device Identification, Fraud Prevention, Hacking, Identity Spoofing, Identity theft, Malware, Malware Protection, Man-in-the-Browser Detection, MitB, Mobile fraud, Online Fraud, Phishing, PII, ThreatMetrix Cybercrime Defender Platform, ThreatMetrix Cybercrime Index, ThreatMetrix Global Trust Intelligence Network, TrustDefender Cybercrime Protection Platform, Web Fraud