ThreatMetrix Announces the “ThreatMetrix Cybercrime Report: Q1 2015,” Sees Cybercrime Surge on Backs of Breaches

Posted on May 6th, 2015 by Dan Rampe

blog-header

The Report Examines Cybercrime Attacks Detected by the ThreatMetrix® Digital Identity Network, Which Analyzes More Than One Billion Transactions Monthly

San Jose, CA – May 6, 2015 – ThreatMetrix®, the fastest-growing provider of context-based security and advanced fraud prevention solutions, today announced the availability of its “ThreatMetrix® Cybercrime Report: Q1 2015,” which examines cybercrime attacks detected by the ThreatMetrix® Digital Identity Network during Q4 2014 and Q1 2015. These attacks were detected during real-time analysis and interdiction of fraudulent online payments, logins and new account registrations.

During this period, the ThreatMetrix Digital Identity Network analyzed more than six billion transactions, with nearly one-third originating from mobile devices, and protected more than 250 million active user accounts across 3,000 customers and 15,000 websites. Through its analysis of the top customer transactions across industries, the ThreatMetrix Digital Identity Network provides unique insight into legitimate end customers’ “digital identities,” even as they move between applications, devices and networks and highlights some representative key market trends.

The number of attacks on businesses is trending up as crimeware tools gain traction providing tools to fraudsters to automate cybercrime attacks leveraging the customer data made available from breaches. As such, the ThreatMetrix Digital Identity Network is seeing more and more traffic that is cloaked – the masking of an identity. This is especially true for new account creations wherein the fraudsters use stolen identities with these tools to defraud businesses. Mobile fraud also proliferates as more users carry out transactions on their devices, with device spoofing now becoming the most popular attack vector.

Strong Growth in Online and Mobile Commerce Along with Fraud

The report highlights the trends in the 2014 holiday shopping season, which was a period of record online transactions and unprecedented number of attacks. These attacks are directly associated with the growing data breaches over the past year. Impersonation or “spoofing” attacks are now the most common threat and ThreatMetrix identifi­ed more than 11.4 million fraud attempts during peak holiday shopping. The “ThreatMetrix Cybercrime Report: Q1 2015” is the first of its kind to analyze how stolen and compromised identities are used for cybercrime.

Trust is critical for customer loyalty and e-commerce merchants had a spike in account login transactions as customers revisited retailers to view offerings/deals and make purchases. While new account creation rates were lower than other transaction types, they had two times higher instance of fraudulent transactions driven by the availability of stolen identities in the wild from massive breaches. E-commerce transactions broken down consist of the following percentages and risks:

  • One percent of transactions were account creation, with 6.7 percent high risk
  • 80 percent of transactions were account logins, with 2 percent high risk
  • 19 percent of transactions were payments, with 2.6 percent high risk

“In the wake of recent data breaches, customers’ digital debris is floating in the cyber world for fraudsters to compromise, making accurate insight into digital identities of the utmost importance for businesses, especially in the e-commerce industry,” said Vanita Pandey, senior director, strategy and product marketing at ThreatMetrix. “ThreatMetrix data shows an upswing in account takeover and identity spoofing attacks following recent massive data breaches. While guest checkouts previously represented the highest risk, due to the breadth of digital debris at cybercriminals’ fingertips, fraudsters are much more likely to use a stolen username and password combination than to use compromised credit card information, which has a shorter life span. As the volume of e-commerce transactions increase, it gives cybercriminals more places to poke and exploit. Retailers need to leverage a digital identity network to get a comprehensive view of customers to accurately differentiate between trusted and fraudulent transactions.”

Cybercrime Surges Across All Transaction Types in the Financial Services Industry

In addition to e-commerce, the “ThreatMetrix Cybercrime Report: Q1 2015” examines financial services transactions and authentication attempts. While online banking authentication transactions continue to dominate the ­financial services industry, the payment transactions increased during this period driven by the increasing adoption of alternate payment methods and bankcard authentication solutions, and increase in online money gifting during the holiday season. The impact of breaches and consumer credentials in the wild is more evident in the financial services industry, with a substantial increase in fraud rates across all transaction types. Financial services transactions broken down consist of the following percentages and risks:

  • One percent of transactions were account creation, with 2 percent high risk
  • 76 percent of transactions were account logins, with 2.6 percent high risk
  • 23 percent of transactions were payments, with 3.2 percent high risk

“On the backs of major data breaches, we’re seeing a trend in cybercriminals using more sophisticated, automated crimeware tools that are deliberately targeting first generation device identification and authentication solutions used by most financial institutions,” said Pandey. “Fraudsters are shifting from exploiting hardware and software to exploiting people – taking bits and pieces of their digital identities that have been compromised through breaches, and attempting to make transactions disguised as those individuals. As cybercriminals move to exploit financial institutions, those businesses need a more sophisticated view of their users. They need to look at their customers’ behaviors, devices and identities as a whole – the ultimate behavioral biometric.”

In both the e-commerce and financial services industries, businesses must prepare for the growth of new in-store technologies such as Europay-MasterCard-Visa (EMV) and Apple Pay with the wide adoption of the Apple Watch and other connected devices (IoT). As these technologies cut down point-of-sale fraud, the attacks will move to the online channel. Global shared intelligence will be crucial as businesses prepare for the 2015 holiday season.

Media Industry Continues to See Highest Percentage of High-Risk Transactions

The analysis of transactions from the media industry, consisting of social media, content streaming and online dating websites, show a strong growth in payment transactions through media organizations while the overall fraud levels continue to be higher than other industries. Illegal access to content outside of approved geographies, combined with spamming and fraudulent bot-driven account creation, represent the key drivers of fraudulent transactions in the media space. Broken down, media consist of the following percentages and risks:

  • 22 percent of transactions were account creation, with 3.8 percent high risk
  • 26 percent of transactions were account logins, with 6.2 percent high risk
  • 52 percent of transactions were payments, with 4 percent high risk

“From a fraudster’s perspective, social media is the gas station of the connected world,” said Pandey. “It provides a quick and easy way to assess the validity of a stolen credit card or credentials. The media industry has the highest incidence rate of high-risk transactions due to the low authentication threshold – often only consisting of a username and password combination. These identities are easily compromised, especially following a significant number of data breaches, as many people use the same login credentials across websites.”

Mobile Represents One-Third of All Activity in The ThreatMetrix Digital Identity Network

Mobile usage represents nearly one-third of all activity on the ThreatMetrix Digital Identity Network and continues to grow as more and more consumers use their mobile phone, tablets and connected devices (such as the Apple Watch) to access content, make purchases, conduct banking transactions and pay bills.

ThreatMetrix analyzes mobile transactions from more than 200 countries and territories across the globe with consumers from emerging economies conducting a much higher percentage of transactions from mobile devices. The report found that the growth in mobile brought more mobile attacks, with spoofi­ng being most prevalent. However, the attack volumes are still lower than desktop as mobile devices are not conducive to massive fraud attacks.

“While desktop fraud still dominates, as mobile usage continues to grow, especially in emerging markets, the channel will eventually see new, sophisticated criminals targeting mobile transactions,” said Pandey. “With businesses focused on lowering consumer friction on mobile, fraudsters are increasingly targeting mobile platforms and devices to spoof identities. Businesses need to be prepared for an uptick in spoofing attacks as mobile continues to grow.”

Device Spoofing Remains Top Attack Vector

Leveraging activity across industries, mobile and desktop, the report also identified the top attacks by transaction type and found spoofing, such as IP address, geolocation, identity and device spoofing to be the most common attack types across all transaction attempts. Device spoo­fing remains the top attack vector, with more than six percent of transactions. As crimeware tools gain traction, the ThreatMetrix Digital Identity Network is seeing more and more traffic that is cloaked, especially for new account creation wherein the fraudsters use stolen identities along with these tools to defraud businesses.

Cybercrime continues to be a well-funded, organized business with sophisticated technology and strong knowledge sharing across organized crime rings, nation states, and decentralized cyber gangs. Recent massive data breaches have resulted in an increase in attacks targeted towards businesses across all regions and industries. Cybercriminals continue to share information as well as develop tools that will help bypass the fi­rst generation fraud prevention solutions. The only effective solution for businesses is to share information about fraud trends across their customer bases to stop cybercriminals in their tracks. ThreatMetrix delivers advanced fraud protection, frictionless authentication, and customer protection through a real-time collective response using intelligence gathered from billions of transactions in the ThreatMetrix Digital Identity Network.

To learn more, download the “ThreatMetrix Cybercrime Report: Q1 2015” eBook

ThreatMetrix Resources

About ThreatMetrix

ThreatMetrix builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions leveraging a global shared digital identity network and real-time customer driven-analytics platform.  These solutions help customers differentiate between trusted users and potential fraud resulting in reduced friction, incremental revenue and lower fraud and operational costs.

ThreatMetrix secures customers against account takeover, payment fraud, fraudulent account registrations resulting from malware, and data breaches. Underpinning the solution is the ThreatMetrix® Digital Identity Network, which analyzes more than one billion monthly transactions and protects more than 250 million active user accounts across 3,000 customers and 15,000 websites and mobile applications. ThreatMetrix is deployed by industry leaders across financial services, e-commerce, payments, social networks, government and insurance.

For more information, visit www.threatmetrix.com or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.

© 2015 ThreatMetrix. All rights reserved. ThreatMetrix, TrustDefender ID, TrustDefender Cloud, TrustDefender Mobile, TrustDefender Client, the TrustDefender Cybercrime Protection Platform, ThreatMetrix Labs, and the ThreatMetrix logo are trademarks or registered trademarks of ThreatMetrix in the United States and other countries. All other brand, service or product names are trademarks or registered trademarks of their respective companies or owners.

Media Contacts

Dan Rampe
ThreatMetrix
Tel: 408-200-5716
Email: drampe@threatmetrix.com

Beth Kempton
Walker Sands Communications
Tel: 312-241-1178
Email: beth.kempton@walkersands.com

 

White House Selling. Silicon Valley Buying?

Posted on May 1st, 2015 by Dan Rampe

Snowden

Defense Secretary Tours Valley Looking for Buy-in on New Computer Military Strategy and Rebuilding Trust Post-Snowden Revelations

To borrow a basketball analogy — and what better time than during the NBA playoffs — the White House has been doing a full-court press to impress the Valley’s movers and shakers in both business and academia. In their article on nytimes.com, David E. Sanger and Nicole Perlroth examine the White House’s efforts to form a new military cyberstrategy and rebuild trust that’s been shaken by Snowden’s NSA disclosures.

Investing in start-ups and looking for talent

[Defense Secretary] Ashton B. Carter, toured Silicon Valley…to announce a new military strategy for computer conflict, starting the latest Pentagon effort to invest in promising start-ups and to meet with engineers whose talent he declared the Pentagon desperately needed in fending off the nation’s adversaries.

Whom do you trust?

Mr. Carter immediately acknowledged, though, the need to rebuild trust with Silicon Valley, whose mainstays — like Apple, Google and Facebook…have spent two years demonstrating to customers around the world that they are rolling out encryption technologies to defeat surveillance. That, of course, includes blocking the National Security Agency, a critical member of the military-intelligence community.

“I think that people and companies need to be convinced that everything we do in the cyber domain is lawful and appropriate and necessary,” Mr. Carter told students and faculty at Stanford.

Ask not what your country can do for you

He urged the next generation of software pioneers and entrepreneurs to take a break from developing killer apps and consider a tour of service fending off Chinese, Russian and North Korean hackers, even as he acknowledged that the documents leaked by Edward J. Snowden, the former intelligence contractor, “showed there was a difference in view between what we were doing and what people perceived us as doing.”

Doubters

[Jeh Johnson], the secretary of Homeland Security, and a group of other government officials ran into a buzz saw of skepticism at the world’s largest conference of computer security professionals….Those officials argued for some kind of technical compromise to allow greater security of electronic communications while enabling the F.B.I. and intelligence agencies to decode the emails and track the web activities of suspected terrorists or criminals. Yet many among the computer security professionals at the conference argued that no such compromise was possible, saying that such a system would give Russians and Chinese a pathway in, too, and that Washington might abuse such a portal.

No compromise. No access

Not long after Mr. Johnson declared that “encryption is making it harder for your government to find criminal activity and potential terrorist activity,” large numbers of entrepreneurs and engineers crammed into the first of several seminars, called “Post-Snowden Cryptography.” There, they took notes as the world’s best code makers mocked the Obama administration’s drive for a “technical compromise” that would ensure the government some continued access.

Everybody’s going to want a key

Ronald Rivest, one of the inventors of a commonly used encryption algorithm, took on the arguments by Mr. Johnson and other senior officials, including John P. Carlin, the head of the Justice Department’s national security division, that the best minds in Silicon Valley could find a way to ensure legal government access while still assuring users that communications and data stored in their iPhones and the cloud are safe. “There are lots of problems with these ideas,” Mr. Rivest said. “We live in a global information system now, and it’s not going to be just the U.S. government that wants a key. It’s going to be the U.K., it’s going to be Germany, it’s going to be Israel, it’s going to be China, it’s going to be Iran, etc.”

Trust us. We want you to make money

One of Mr. Johnson’s deputies, Phyllis Schneck [revealed] the government’s plans for real-time monitoring and blocking of malware flowing through the Internet, urging private industry to help. “We want you to make money,” said Ms. Schneck, a former chief technology officer at McAfee Inc….. Many in the crowd, though, said they worried whether the government would turn any malware-monitoring system to other uses.

Technology outpacing agreements

Mr. Obama’s cybercoordinator, Michael Daniel, who has been trying to preside over the unwieldy administration debate over encryption rules, was meeting executives in private and calling in public for “cybernorms of behavior” that could constrain the kind of hackers who attacked American corporations, the White House, the State Department and the Pentagon. But he acknowledged that this was an area where the grindingly slow wheels of diplomacy were being outpaced by technological development.

Banks, Silicon Valley giants and security companies on front lines of cyberwar

Mr. Carter, in his Stanford talk, noted that past wars were fought state to state. But in computer conflict, he said, the most sophisticated threats and weapons are seen by banks, security firms and Silicon Valley companies like Apple, Google, Yahoo, Twitter and Facebook that serve as conduits for the world’s communications. That is data Washington most needs.

The Snowden aftereffect

Yet nearly two years after the Snowden revelations, many companies are as reluctant as ever to give the government any information unless they are compelled to do so, particularly as they try to convince foreign customers in global markets that they are doing everything they can to keep Washington at a distance.

The President seeks balance

Mr. Obama, on a trip to Stanford in February, had expressed sympathy with those who were striving to protect privacy, even while saying it had to be balanced against the concerns of the F.B.I. and other agencies that fear “going dark” because of new encryption technologies. (Apple says that with its new iPhone operating system, it has no way to decode data in phones, even if given a court order.) Mr. Obama’s aides say decisions about how to resolve these differences are still months away.

Split-key. Court order

With so much more data at stake, and attacks so frequent, cryptographers say the need for encryption is greater than ever. One proposal, by Adm. Michael S. Rogers, the head of the National Security Agency, is to develop a split-key system in which companies hold half and the government, or some outside agent, holds the other half of the key to unlock encrypted communications. The two would be put together only with approval of a court. But many computer security experts reject that idea, saying it would leave too much room for theft and would motivate other governments to require the same.

ThreatMetrix builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions leveraging a global shared digital identity network and real time customer driven analytics platform.  These solutions help customers differentiate between trusted users and potential fraud resulting in reduced friction, incremental revenue and lower fraud and operational costs.

ThreatMetrix secures customers against account takeover, payment fraud, fraudulent account registrations resulting from malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes over one billion monthly transactions and protects more than 250 million active user accounts across 3,000 customers and 15,000 websites and mobile applications. ThreatMetrix is deployed by industry leaders across financial services, e-commerce, payments, social networks, government and insurance.

For more information, visit www.threatmetrix.com or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.

TIGTA Gives IRS an F

Posted on April 23rd, 2015 by Dan Rampe

Tax

TIGTA (Treasury Inspector General for Tax Administration) Gives the IRS Poor Marks for Handling ID Theft Victims

A recently released Treasury Inspector General for Tax Administration report says the IRS tells an ID theft victim that his/her case will be resolved in 180 days. While that’s what the IRS claims, the TIGTA report says it actually takes the IRS 278 days. Imagine what a victim of ID theft goes through having to wait those additional 98 days.

In his piece on theblaze.com, Fred Lucas describes what the TIGTA found while doing its audit, a follow-up to one done in 2013. The following has been excerpted from his article and edited to fit our format. You may find the full story by clicking on this link.

You will get an answer, but it may not be the right one

Based on a sampling of 100 identity theft tax accounts, the inspector general [projected] that 25,565 cases out of 267,692 were resolved incorrectly, or almost [1 in 10.]

Better maybe, but not what the IRS tells the public

In 2013, about 2.9 million tax identity theft incidents happened, an increase from 1.8 million in 2012, the Chicago Tribune reported. The average for resolving a case in 2013 [was] down from the average of 312 days in fiscal year 2012, but it [was] still well over what the IRS [instructed] employees to tell taxpayers who were victims of fraud.

“IRS guidance in FY 2013 instructed employees to inform taxpayers who [inquired] about the status of their identity theft case that cases are resolved within 180 days,” the IG report says.

IRS case processing data said resolutions took between 228 and 298 days

“[The IRS’s] own case processing data did not support the 180-day resolution time period. In fact, IRS data showed case resolutions were taking between 228 to 298 days.”

Misleading stakeholders

“When the IRS provides misleading identity theft case resolution time periods, it creates a false portrayal of improvement to stakeholders and makes it more difficult for the IRS to gage and improve its own operations.”

No change in procedure needed

“The IRS disagreed with the recommendation to develop processes and procedures to calculate the average time it takes to fully resolve taxpayer accounts.”

Victims deserve better

“While the IRS is making some progress in assisting victims of identity theft, those who have been affected by this devastating crime deserve better.”

ThreatMetrix builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions leveraging a global shared digital identity network and real time customer driven analytics platform.  These solutions help customers differentiate between trusted users and potential fraud resulting in reduced friction, incremental revenue and lower fraud and operational costs.

ThreatMetrix secures customers against account takeover, payment fraud, fraudulent account registrations resulting from malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes over one billion monthly transactions and protects more than 250 million active user accounts across 3,000 customers and 15,000 websites and mobile applications. ThreatMetrix is deployed by industry leaders across financial services, e-commerce, payments, social networks, government and insurance.

For more information, visit www.threatmetrix.com or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.

 

 

 

 

 

ThreatMetrix Wins Best Anti-Malware Product and Hot Company in Multi-Factor Authentication at 2015 Cyber Defense Magazine Awards

Posted on April 22nd, 2015 by Dan Rampe

awards

Top Context-Based Security and Fraud Prevention Leader Recognized for Continuous Efforts to Safeguard Online Identities using Global Shared Intelligence

San Jose, CA – April 22, 2015 – ThreatMetrix®, the fastest-growing provider of context-based security and advanced fraud prevention solutions, today announces it has won in two categories in the 2015 Cyber Defense Magazine Awards, including Best Anti-Malware Product and Hot Company in Multi-Factor Authentication.

The Cyber Defense Magazine Awards recognize leading companies in the cybersecurity space that strive to curate cutting-edge knowledge on cybercrime and create advanced solutions to solve the online security issues facing businesses today. The awards were announced during the RSA Conference 2015, held this week in San Francisco.

In conjunction with the conference, ThreatMetrix announced the ThreatMetrix Digital Identity Network, the world’s largest digital identity network, leveraging global shared intelligence to safeguard online customer identities. This offering creates an anonymized digital identity of consumers based on device, persona and behavior from every transaction, account creation and account login.

“The landscape of fraud is changing as cybercriminals’ networks grow in breadth and sophistication, capitalizing on the digital debris of data breach fallouts,” said Bert Rankin, chief marketing officer at ThreatMetrix. “Our team continuously enhances our solutions to stay one step ahead of cybercriminals by providing businesses with an anonymized view of their customers based on devices, personas and behaviors. Being recognized by Cyber Defense Magazine as a leader in both anti-malware and multi-factor authentication is a ringing endorsement for ThreatMetrix.”

The Best Anti-Malware award recognizes ThreatMetrix for its success offering high-level malware detection for businesses through the TrustDefender™ Cybercrime Protection Platform which combines comprehensive data collection, behavioral analytics and the ThreatMetrix Digital Identity Network into a powerful, risk-based security and fraud prevention solution. This solution uses integrated malware and device identification, enabling ThreatMetrix customers to proceed with legitimate transactions while screening out fraudsters and criminal activity without added user friction.

The Hot Company in Multi-Factor Authentication award identifies ThreatMetrix as a leader in offering multi-factor authentication (MFA) solutions for financial institutions to provide frictionless customer logins, decrease operational costs and improve cybercrime detection. In contrast to the design of many legacy MFA solutions, ThreatMetrix can easily support financial institution authentication requirements and provide trusted customers access without excessive step-up authentication. ThreatMetrix delivers this by leveraging the ThreatMetrix Digital Identity Network, providing real-time risk analysis based on billions of Web and mobile transactions.

To learn more about ThreatMetrix’s unique anti-malware and multi-factor authentication services, visit ThreatMetrix this week in Booth #4235, located in the North Hall at RSA Conference 2015

ThreatMetrix Resources

About Cyber Defense Magazine

Cyber Defense Magazine is the premier source of IT Security information. We are managed and published by and for ethical, honest, passionate information security professionals. Our mission is to share cutting edge knowledge, real world stories and awards on the best ideas, products and services in the information technology industry. We deliver electronic magazines every month online for free and limited print editions exclusively for the RSA Conferences and our paid subscribers. Learn more about us at http://www.cyberdefensemagazine.com.

About ThreatMetrix

ThreatMetrix builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions leveraging a global shared digital identity network and real-time customer-driven analytics platform. These solutions help customers differentiate between trusted users and potential fraud resulting in reduced friction, incremental revenue and lower fraud and operational costs.

ThreatMetrix secures customers against account takeover, payment fraud, fraudulent account registrations resulting from malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes more than one billion monthly transactions and protects more than 250 million active user accounts across 3,000 customers and 15,000 websites and mobile applications. ThreatMetrix is deployed by industry leaders across financial services, e-commerce, payments, social networks, government and insurance.

For more information, visit www.threatmetrix.com or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.

© 2015 ThreatMetrix. All rights reserved. ThreatMetrix, TrustDefender ID, TrustDefender Cloud, TrustDefender Mobile, TrustDefender Client, the TrustDefender Cybercrime Protection Platform, ThreatMetrix Labs, and the ThreatMetrix logo are trademarks or registered trademarks of ThreatMetrix in the United States and other countries. All other brand, service or product names are trademarks or registered trademarks of their respective companies or owners.

Media Contacts

Dan Rampe
ThreatMetrix
Tel: 408-200-5716
Email: drampe@threatmetrix.com

Beth Kempton
Walker Sands Communications
Tel: 312-241-1178
Email: beth.kempton@walkersands.com

 

ThreatMetrix Financial Institution Authentication Strategies for Stopping Malware and Compromised IDs

Posted on April 9th, 2015 by Dan Rampe

 

Standard-Header-AF

ThreatMetrix Outlines a New Approach in Line with FFIEC’s Joint Statements on Authenticating Customers and Employees

The Federal Financial Institutions Examination Council (FFIEC) has released joint statements dealing with stolen identities and malware that, combined, represent a threat not only to business, but to the entire financial system.

Alisdair Faulkner, ThreatMetrix chief products officer, on a new approach to authentication

“We’re not even halfway through the year and we’ve already seen data breaches of two major healthcare providers, Anthem and Premera, compromise the information of more than 90 million people. As the prevalence of personal data being breached continues to grow, financial institutions need a new approach to authentication and digital identity assessment.”

A summary of key FFIEC joint statements

  • Compromised Credentials – Whether an employee or administrator (and this is especially true for customers), banks can no longer trust the static identity of a user login or transaction. Even if a bank’s internal systems can’t be compromised, a bank’s customers and employees can be.
  • Destructive Malware – Banks have to continuously evaluate the health and risk of devices being used to access data or perform transactions. The same holds true for an employee accessing services remotely from his or her tablet, or for a sanctioned locked-down PC.
  • Shared Intelligence – To defeat malware and compromised credential threats, financial institutions have to look beyond their firewalls and share actionable threat intelligence about unauthorized account access attempts and attack patterns.

Faulkner notes that digital identities power the underworld

“Forget Bitcoin, our digital identities are the cybercurrency that powers the underworld. Unlike credit cards that can be replaced, stolen identities and compromised devices are the gift that keeps on giving – pieces of a user’s digital identity can be used over and over again, with each attack increasing in sophistication on a daily basis. Combining stolen identities, compromised devices and newer device spoofing tools like Anti Detect and Fraud Fox, hackers can routinely bypass first generation authentication technologies still installed at banks. Financial institutions need new ways of assessing digital identities by leveraging global shared intelligence to detect when personal information and devices are being used illegitimately. When one financial institution’s network is breached, every financial institution becomes the target of the digital debris.”

The ThreatMetrix Global Trust Intelligence Network (The Network) offers features to help financial institutions protect themselves from compromised credentials and malware

  • Persona ID – Persona ID enables financial institutions to connect users with their related attributes and activities. Included in these attributes and activities are email addresses, payment details, past transactions, accounts, devices, location, proxies etc. These details are tied to digital “personas.” And, incoming transactions are evaluated against the corresponding digital identities in real-time and enables ThreatMetrix to distinguish legitimate users and cybercriminals.
  • Layered Approach – Rather than providing “Bigger Data,” which creates too many alerts to act on quickly, The Network uses pin-point decision analytics to assess devices, threats, personas and behavior across its anonymized digital identity network. This makes it possible to accurately identify cybercriminals in real time without added customer friction.

The Network: real-time intelligence

In an environment where financial institutions must assume digital identities and devices are compromised before authenticating logins or transactions, The Network delivers real-time intelligence, providing businesses with consistent risk assessments of data and creating unique digital identities for users by mapping their online behaviors and devices to protect customers from fraudulent transactions.

ThreatMetrix builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions leveraging a global shared digital identity network and real-time customer-driven analytics platform. These solutions help customers differentiate between trusted users and potential fraud resulting in reduced friction, incremental revenue and lower fraud and operational costs.
ThreatMetrix secures customers against account takeover, payment fraud, fraudulent account registrations resulting from malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes more than one billion monthly transactions and protects more than 250 million active user accounts across 3,000 customers and 15,000 websites and mobile applications. ThreatMetrix is deployed by industry leaders across financial services, e-commerce, payments, social networks, government and insurance.

For more information, visit www.threatmetrix.com or call 1-408-200-5755.
Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.

 

What’s Happening with Mobile Device Payments Is Criminal

Posted on February 23rd, 2015 by Dan Rampe

Mobile Devices

Mobile Device Fraud Makes Up a Disproportionate Share of the $6 Billion Fraud Costs Merchants and Card Issuers in the U.S. Each Year

Forrester Research says mobile payments accounted for $52 billion worth of U.S. transactions in 2014, up from $32 billion in 2013. And this year that number is expected to hit $67 billion.

A LexisNexis survey of 1,100 companies found that while mobile payments account for 14 percent of transactions among merchants, they make up 21 percent of fraud cases. In her story on bloomberg.com, Olga Kharif details how cyberthieves have continued to shift their focus to mobile devices. The following has been excerpted from her piece and edited to fit our format. You may find her complete article by clicking on this link.

More mobile fraud than on PCs

“We certainly see a surge in mobile payment attacks,” says Tomer Barel, chief risk officer at PayPal, who says his company deals with more cases of fraud on mobile devices than on PCs. “There are many more avenues for fraudsters to try.”

Every dollar of mobile fraud costs merchants $3.34

Each dollar worth of misbegotten mobile payments winds up costing a fooled merchant $3.34. That’s slightly more than the cost of a fraudulent credit card swipe or mail order, 27 percent more than a similar payment made from a PC.

Merchants aren’t equipped to handle mobile fraud

Along with the cost of lost merchandise, the total includes investigation of the fraud. That’s tougher on phones than on PCs, because many businesses aren’t equipped to track mobile devices’ unique identifiers such as IP addresses. Stores often don’t catch when a card issued in Los Angeles is used for a mobile order from Mexico, says Aaron Press, director of e-commerce and payments at LexisNexis Risk Solutions. “It’s kind of a wake-up call,” he says.

Lower-tech fraud

Some mobile fraud remains low-tech. Last year, the Better Business Bureau warned consumers about a scam in which people posted absurdly cheap offers for used cars online, then tricked interested buyers into wiring funds through a phony version of Google Wallet.

Higher-tech fraud

Other frauds are more technical, such as the hackers who found a bug in a Chilean public transportation app that let them top off their travel credits for free.

The weak link

Like the brief flurry of duplicate charges that accompanied Apple Pay’s debut in October, such glitches highlight the vulnerability inherent in a system that requires banks, card networks, and software makers to keep pace with thieves. “If you don’t make the proper investment, they’ll be attracted to the weakest link,” says PayPal’s Barel.

Biometrics may stop some cybercriminals

Smartphone operating systems, at least, are tougher to infiltrate than those of PCs. Phones with biometric sensors can also make a person’s identity tougher to steal. Mobile payment service LoopPay says it’s adding support for biometric features such as Apple’s fingerprint reader, despite hackers’ claims that they can fool the iPhone’s sensor. Rival CurrentC says it’s considering similar measures….

“There’s no perfect system,” says Will Graylin, chief executive officer of LoopPay. “It’s always a game of cat and mouse.”

ThreatMetrix builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions. These solutions authenticate consumer and workforce access to mission critical applications using real-time identity and access analytics that leverage the world’s largest trusted identity network.

ThreatMetrix secures enterprise applications against account takeover, payment fraud, fraudulent account registrations, malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes over 850 million monthly transactions and protects more than 210 million active user accounts across 3,000 customers and 15,000 websites.

The ThreatMetrix solution is deployed across a variety of industries, including financial services, enterprise, e-commerce, payments, social networks, government and insurance.

For more information, visit www.threatmetrix.com or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.

 

 

ThreatMetrix Named to OnCloud’s “Top 100” and CEO Tapped as Keynote for OnCloud 2015 Summit

Posted on February 17th, 2015 by Dan Rampe

Standard-Header-Reed

A Panelist at the Annual AlwaysOn Summit, ThreatMetrix CEO Reed Taussig Will Deliver His Keynote Speech on Security in the Cloud

AlwaysOn’s OnCloud 2015 Summit will take place at the College of San Mateo (San Mateo, CA) on February 26, 2015. The Summit brings together “the best and the brightest” including top entrepreneurs, investors, and corporate players in the business-to-business application and cloud infrastructure space to discuss and debate the future of cloud technology.

Reed Taussig’s keynote

Titled “Global Shared Intelligence: The Best Solution to Combat Cybercrime,” Taussig’s keynote presentation will take place at 11:30 a.m. PST. Over the course of his speech, he’ll be providing an overview of the current cybercrime landscape.

Using examples from ThreatMetrix’s TrustDefender Cybercrime Protection Platform, Taussig will show how ThreatMetrix discovered and defeated organized crime rings by leveraging the power of the ThreatMetrix Global Trust Intelligence Network (The Network).

A distinguished panel

Taussig will also be participating in a panel alongside host Aditya Singh, partner at Foundation Capital and co-panelist Barmak Meftah, president and CEO at AlienVault. The subject of the discussion will be “The New Frontier in Cloud Infrastructure” and will take place at 11:45 a.m. PST.

ThreatMetrix’s CEO on global shared intelligence

“The global cybercrime landscape is constantly evolving to include new, more sophisticated threats and the only way to combat these threats is through collective intelligence,” said Taussig. “This isn’t a threat any business or consumer can fight alone. It requires a collective network that leverages data from across a global information base. I’m honored to share what ThreatMetrix has accomplished in the fight against cybercrime by leveraging global shared intelligence with this year’s OnCloud attendees. The OnCloud summit hosts key industry players who can help to make shared intelligence an industry standard.”

ThreatMetrix on OnCloud’s Top 100 private companies list

The annual list honors companies in the B2B applications, management tools, security and infrastructure sectors that are rising to the challenge of bringing the world’s businesses and enterprises into the cloud. This year’s OnCloud 100 companies were selected based on a set of five criteria: innovation, market potential, commercialization, stakeholder value and media buzz. A full list of the OnCloud Top 100 winners is available here.

Validation of our continued innovation

“The OnCloud Top 100 honors companies that take big data and create useful, actionable intelligence from it to make high-powered decisions,” said Taussig. “In the case of ThreatMetrix and The Network, such decisions have the power to stop cybercriminals in real time. ThreatMetrix leverages data from the largest shared intelligence network available to make an immediate and educated decision to differentiate between authentic and fraudulent transactions. Being named to OnCloud’s Top 100 private companies list serves as validation of our continued innovation in advanced fraud prevention and context-based authentication.”

For more information on the OnCloud 2015 summit, click here.

ThreatMetrix has garnered a host of awards. Following are some of the most recent:

  • The Channel Company’s CRN 100 Coolest Cloud Computing Vendors of 2015
  • Gold Stevie in New Product or Service of the Year – Security Solution category and a Silver in the Most Innovative Tech Company of the Year – Computer Software category.
  • Gold for “Innovative Company of the Year” and for “Integrated Security (Software) Innovation” at the 2014 Golden Bridge Business Awards
  • CIOReview100 for the “100 Most Promising Technology Companies in the U.S.”
  • Best in Biz Awards 2014 International Silver for “Enterprise Product of the Year – Software”
  • The AlwaysOn Global 250 Top Private Companies in the “B2B Cloud and Infrastructure” category
  • Lead411’s 2014 “Hottest Companies in Silicon Valley” list
  • Products Guide (NPG) Hot Companies and Best Product Award Winner for the “Best Products and Services – Information Security and Risk Management” category and also in the “Best Products and Services – Security Software” category.
  • Judges Choice for Best Overall Fraud/Security Solution at the 2014 CardNotPresent.com (CNP) Awards for the ThreatMetrix TrustDefender Cybercrime Protection Platform
  • A 2014 Global Excellence Award for Most Innovative Company of the Year (Security)
  • 2014 Cyber Defense Magazine Award Winner in 2 Categories: Most Innovative Anti-Malware Appliances Solution & Best Product Network Access Control Solution

ThreatMetrix builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions. These solutions authenticate consumer and workforce access to mission critical applications using real-time identity and access analytics that leverage the world’s largest trusted identity network.

ThreatMetrix secures enterprise applications against account takeover, payment fraud, fraudulent account registrations resulting from malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes over 850 million monthly transactions and protects more than 210 million active user accounts across 3,000 customers and 15,000 websites and mobile applications.

The ThreatMetrix solution is deployed across a variety of industries, including financial services, enterprise, e-commerce, payments, social networks, government and insurance.

For more information, visit www.threatmetrix.com or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.

If Imitation Is the Sincerest Form of Flattery, Facebook Sure Did Flatter Us.

Posted on February 13th, 2015 by Dan Rampe

ThreatExchange

Facebook Launches ThreatExchange for Security Pros to Exchange Info about Cyberthreats

Does the concept of exchanging information about cyberthreats to make everyone safer sound somehow vaguely familiar? You know, like you’ve heard it somewhere before?

Well, how about the name “ThreatExchange?” That remind you of another company name? Like ThreatMetrix® perhaps?

Okay, it’s possible to chalk up Facebook’s latest “idea” to coincidence. Something that looks like a duck, waddles like a duck and quacks like a duck could turn out to be an ugly swan with a sprained ankle and deviated septum. Then, of course, there’s another explanation. It could be Facebook is validating the extremely successful concept pioneered years ago by ThreatMetrix.

In a recent article that appeared in Infosecurity, ThreatMetrix Chief Products Officer Alisdair Faulkner issued this cautionary note: “Shared threat intelligence is essential for stopping the bad guys, you just need to be careful you don’t stop customers as well. Reputation around shared identifiers like IP addresses can be a double edged sword.”

In his piece on mashable.com Rex Santus discusses Facebook’s launch. The following has been excerpted from his piece and edited to fit our format. You may find the full article by clicking on this link.

What a concept!

Doing what it does best, Facebook has created a platform — or a mini-social network, if you will — but this time for cybersecurity specialists. The concept is that researchers and professionals can learn from each other, and help keep everyone’s systems safer.

Been there. Done that.

“Our goal is that organizations anywhere will be able to use ThreatExchange to share threat information more easily, learn from each other’s discoveries, and make their own systems safer,” Mark Hammell, Facebook’s manager of threat infrastructure, wrote in a blog post announcing the project.

Déjà vu “all over again”

Security threats aren’t typically relegated to just one target, and the lack of communication between malware targets ends badly for everyone, according to ThreatExchange. So far, some pretty big-name Internet players have joined Facebook on ThreatExchange, including Bitly, Dropbox, Pinterest, Tumblr, Twitter and Yahoo. The platform expects to attract more partners as time goes on.

The new platform builds on Facebook’s ThreatData, a framework that stores cyberthreat information (such as bad URLs) for analysis by security pros.

A year ago you say?

The idea for ThreatExchange came about a year ago, when Facebook and others were facing a malware spam attack. The social network’s security specialists “quickly learned that sharing with one another was key to beating” the problem, Hammell wrote.

Share and share alike. Not exactly

To quell any fears that potential partners may have about sharing too much information publicly, Facebook said participants can tweak settings to pick and choose with whom they share their information. For example, a company may only want to share sensitive data with another partner that is experiencing the same attack.

An original thought that’s been heard before

“That’s the beauty of working together on security,” Hammell wrote. “When one company gets stronger, so do the rest of us.”

ThreatMetrix builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions. These solutions authenticate consumer and workforce access to mission critical applications using real-time identity and access analytics that leverage the world’s largest trusted identity network.

ThreatMetrix secures enterprise applications against account takeover, payment fraud, fraudulent account registrations, malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes over 850 million monthly transactions and protects more than 210 million active user accounts across 3,000 customers and 15,000 websites.

The ThreatMetrix solution is deployed across a variety of industries, including financial services, enterprise, e-commerce, payments, social networks, government and insurance.

For more information, visit www.threatmetrix.com or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.

 

 

 

 

 

Happy Data Privacy Day. Keep It Under Your Hat.

Posted on January 26th, 2015 by Dan Rampe

Standard-Header---Logo-Faulkner

In Conjunction with Data Privacy Day, ThreatMetrix Offers Strategies to Help Business Protect Privacy, Secure Data and Build Trust on the Internet.

Little more than a week after the President’s State of the Union call for vastly improved cybersecurity and privacy measures comes Data Privacy Day.

Coordinated and led by the National Cyber Security Alliance (NCSA), Data Privacy Day is held each year on January 28th to raise international awareness and empower individuals and businesses to better protect their privacy. This year’s theme is “Respecting Privacy, Safeguarding Data and Enabling Trust.”

ThreatMetrix Data Privacy Day Champion

For its third consecutive year, ThreatMetrix has signed on as a Data Privacy Day Champion, supporting the ideal that individuals, organizations, business and government all share the responsibility to be aware of data privacy challenges.

Cybersecurity on both Democratic and Republican agendas

The State of the Union address made it clear that cybersecurity is an urgent and growing concern for government, business, consumers, students — everyone. And, it is at least one thing that both parties agree on.

Privacy Bill of Rights

The proposed Privacy Bill of Rights would let consumers decide what personal data could be collected by companies and how the data would be used. Under the proposed legislation consumers could prohibit companies which collect data for one purpose to use it for another. These changes have the potential to significantly impact the way businesses process customer data.

Alisdair Faulkner, ThreatMetrix’s chief products officer

“The only way we can build trust on the Internet is through better control of the consumer data processed online. Obama’s proposed Privacy Bill of Rights will raise the bar for privacy protections, keeping all companies no matter where they reside to the same standards. It may seem backwards, but to build trust, businesses and government entities need to increase data sharing while ensuring privacy. This means implementing security solutions that share data in real time, but preserve customer privacy through encryption and tokenization.”

Businesses may have the will, but no way to ensure privacy and security

Many businesses are well-intentioned, but they lack the resources or knowledge to protect their customers’ privacy and data. And, through their use of stolen identities, compromised devices, and masked IP addresses, cybercriminals are often virtually impossible to locate or stop without special skill and resources.

Alisdair Faulkner

“All businesses, regardless of industry, need efficient, automated processes for fraud detection and customer notification,” said Faulkner. “Any company that uses some form of online user authentication is now going to be held accountable for at least a minimal level of protecting customer privacy. The proposed Privacy Bill of Rights requires customers be notified by businesses about a data breach within 30 days, but cybercriminals can take data in the blink of an eye. Thirty days gives cybercriminals an eternity to monetize that information. Ideally, businesses need to be able to measure unauthorized access in real time, address the problem and notify customers immediately.”

ThreatMetrix strategies businesses can implement for combating cybercrime while building trust online:

  • Digital Identity Proofing–Traditional identity verification technologies, e.g. challenge questions, rely on personal information that has already been breached and in the hands of the criminals they are trying to vet. Businesses need a different approach. By analyzing global patterns of identity usage, including locations, devices, accounts, transactions and associations over time, it’s possible to factor in all aspects of a user’s behavior without putting artificial speed-bumps in his/her path.
  • Secure Anonymized Shared Intelligence– You have to have a network to fight a network. Additionally, you need “privacy by design” built into the ecosystem. Intelligence networks must anonymize and secure data not just from outside attacks, but also internal theft and social engineering attacks. Legal restrictions, such as those proposed by the President will fail to protect consumer data if not backed by solid technology and processes.
  • Endpoint Threat Intelligence – To differentiate between trusted users and cybercriminals, businesses must consider the context of every access attempt and transaction from each user. Whether initiated by a customer or an employee, businesses have to establish the credibility of the transaction in real time based on the full context of the user’s identity, behavior over time and device threats. These threats include Man-in-the-Middle and Man-in-the-Browser attacks, account compromises, bots, proxies, and location and transaction anomaly screening to determine the level of authentication and authorization required to process the request.

ThreatMetrix builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions. These solutions authenticate consumer and workforce access to mission critical applications using real-time identity and access analytics that leverage the world’s largest trusted identity network.

ThreatMetrix secures enterprise applications against account takeover, payment fraud, fraudulent account registrations resulting from malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes over 850 million monthly transactions and protects more than 210 million active user accounts across 3,000 customers and 15,000 websites and mobile applications.

The ThreatMetrix solution is deployed across a variety of industries, including financial services, enterprise, e-commerce, payments, social networks, government and insurance.

For more information, visit www.threatmetrix.com or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.

 

 

ThreatMetrix Shares Strategies for Businesses to Protect Privacy, Safeguard Data and Build Trust on the Internet in Alignment with Data Privacy Day

Posted on January 26th, 2015 by Dan Rampe

Standard-Header---Logo-Faulkner

Following President Obama’s State of the Union Address, Businesses Must Increase Data Sharing to Protect Consumer Privacy While Combatting Fraud

San Jose, CA – January 26, 2015 – ThreatMetrix®, the fastest-growing provider of context-based security and advanced fraud prevention solutions, today announced its alignment with Data Privacy Day by outlining strategies for businesses to build trust on the Internet through better cybersecurity measures without compromising consumer privacy.

Coordinated and led by the National Cyber Security Alliance (NCSA), Data Privacy Day is held each year on January 28 to raise international awareness and empower individuals and businesses to better protect their privacy, centered on the theme of “Respecting Privacy, Safeguarding Data and Enabling Trust.” For its third consecutive year, ThreatMetrix has signed on as a Data Privacy Day Champion, supporting the ideal that individuals, organizations, business and government all share the responsibility to be aware of data privacy challenges.

During President Obama’s State of the Union address last week, it was clear that cybersecurity is an urgent and growing concern among the U.S. government and its citizens. The proposed Privacy Bill of Rights would allow consumers to decide what pieces of their personal data are collected by companies and decide how that data is used. The legislation would also enable consumers to prohibit companies that collect their data for one purpose to use it for another. These changes have the potential to significantly impact the way businesses process customer data.

“The only way we can build trust on the Internet is through better control of the consumer data processed online,” said Alisdair Faulkner, chief products officer at ThreatMetrix. “Obama’s proposed Privacy Bill of Rights will raise the bar for privacy protection, keeping all companies no matter where they reside to the same standards. It may seem backwards, but to build trust, businesses and government entities need to increase data sharing while ensuring privacy. This means implementing security solutions that share data in real time, but preserve customer privacy through encryption and tokenization.”

Many businesses lack the resources or knowledge to fulfill their responsibility of protecting customers’ privacy and data. Cybercriminals are often virtually impossible to locate due to the use of stolen identities, compromised devices, and masked IP addresses and many businesses simply don’t know how to stop those networks of fraudsters.

“All businesses, regardless of industry, need efficient, automated processes for fraud detection and customer notification,” said Faulkner. “Any company that uses some form of online user authentication is now going to be held accountable for at least a minimal level of protecting customer privacy. The proposed Privacy Bill of Rights requires customers be notified by businesses about a data breach within 30 days, but cybercriminals can take data in the blink of an eye. Thirty days gives cybercriminals an eternity to monetize that information. Ideally, businesses need to be able to measure unauthorized access in real time, address the problem and notify customers immediately.”

To help combat cybercrime while maintaining customer privacy to build trust online, ThreatMetrix has outlined several strategies for businesses to implement:

  • Digital Identity Proofing–Traditional identity verification technologies such as challenge questions rely on personal information that has already been breached and is in the hands of the cybercriminals. Businesses need to take a different approach and analyze global patterns of identity usage, including locations, devices, accounts, transactions and associations over time to consider all aspects of a user’s behavior without putting artificial speed bumps in the way of the customer.
  • Secure Anonymized Shared Intelligence– Businesses need a network to fight a network, but they also need “privacy by design.” Intelligence networks need to anonymize and secure data not only against outside attacks but also internal theft and social engineering attacks. Legal restrictions such as those proposed by Obama will fail to protect consumer data if not backed by advanced technology and processes.
  • Endpoint Threat Intelligence – To differentiate between trusted users and cybercriminals, businesses need to consider the context of every access attempt and transaction from each user. Whether initiated by a customer or an employee, businesses need to establish the credibility of the transaction in real time based on the full context of the user’s identity, behavior over time and device threats. These threats include man-in-the-middle and man-in-the-browser attacks, account compromise, bots, proxies, and location and transaction anomaly screening to determine the level of authentication and authorization required to process the request.

The most effective way for businesses to protect against cybercrime is through information sharing, leveraging an anonymized global data repository, such as the ThreatMetrix® Global Trust Intelligence Network (The Network), which analyzes over 850 million monthly transactions and protects more than 210 million active user accounts across 3,000 customers and 15,000 websites and mobile applications.

ThreatMetrix Resources

About ThreatMetrix

ThreatMetrix builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions. These solutions authenticate consumer and workforce access to mission critical applications using real-time identity and access analytics that leverage the world’s largest trusted identity network.

ThreatMetrix secures enterprise applications against account takeover, payment fraud, fraudulent account registrations resulting from malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes over 850 million monthly transactions and protects more than 210 million active user accounts across 3,000 customers and 15,000 websites and mobile applications.

The ThreatMetrix solution is deployed across a variety of industries, including financial services, enterprise, e-commerce, payments, social networks, government and insurance.

For more information, visit www.threatmetrix.com or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.

© 2015 ThreatMetrix. All rights reserved. ThreatMetrix, TrustDefender ID, TrustDefender Cloud, TrustDefender Mobile, TrustDefender Client, the TrustDefender Cybercrime Protection Platform, ThreatMetrix Labs, and the ThreatMetrix logo are trademarks or registered trademarks of ThreatMetrix in the United States and other countries. All other brand, service or product names are trademarks or registered trademarks of their respective companies or owners.

Media Contacts

Dan Rampe
ThreatMetrix
Tel: 408-200-5716
Email: drampe@threatmetrix.com

Beth Kempton
Walker Sands Communications
Tel: 312-241-1178
Email: beth.kempton@walkersands.com