New ThreatMetrix TrustDefender Mobile App Enhancement Helps Businesses Meet PCI DSS

Posted on March 18th, 2015 by Dan Rampe

MRC

Extended Mobile App Reputation and Device Analysis Enables Businesses to Meet Latest Payment Card Industry Data Security Standards

ThreatMetrix’s latest TrustDefender Mobile release, the mobile software development kit (SDK), helps ThreatMetrix customers identify fraudulent behavior and reduce friction for transactions originating from mobile apps.

Android and iOS devices

In addition to Android, the release extends ThreatMetrix’s industry-leading Mobile App Reputation and Integrity capability to iOS devices.

Dean Weinert, ThreatMetrix director of mobile products, on stopping malware apps from different vendors

“One of the challenges our customers face in the mobile channel comes with the explosion of apps from a multitude of different vendors – many of which are used as vehicles to deliver malware. It’s important for businesses to distinguish between real, trusted apps and apps that have been altered, but that requires a significant amount of data, especially for mobile devices. ThreatMetrix provides a solution that is lightweight on users’ devices, putting those device attributes and threat risks into our digital identity network. The network is constantly learning about the growing mobile attack surface so our customers don’t have to.”

One billion transactions analyzed each month

This month, ThreatMetrix announced that the ThreatMetrix Global Trust Intelligence Network (The Network), the largest digital identity network in the world, has reached one billion transactions analyzed monthly, more than 250 million of which originate from mobile devices from more than 200 countries. The ThreatMetrix mobile solution further enhances the value of The Network by creating an anonymized digital identity of consumers based on device, persona and behavior from every transaction and comparing it in real time to previous activity. This growing network enables ThreatMetrix customers to understand users and associated devices, gain effective fraud intelligence without in-house expertise and ensure application integrity to stop fraud, not customers.

Vanita Pandey, ThreatMetrix senior director, strategy and product marketing, on the expansion of mobile in banking and ecommerce

“Mobile and other connected devices are fast becoming the leading way for users to access commerce and banking services. Mobile is the biggest emerging opportunity and risk for businesses and financial institutions trying to deliver frictionless experiences to their customers. Continued growth of mobile payments and banking will lead to stricter rules and regulations to secure these transactions.”

New mobile 2015 Payment Card Industry Data Security Standards

The recently instituted 2015 Payment Card Industry Data Security Standards (PCI DSS) for mobile devices are now stricter, including requirements for detecting rooted or jailbroken devices, detecting malware, and more.

The latest release of TrustDefender Mobile delivers enhanced capabilities to meet these new standards including:

  • Mobile App Reputation extended to iOS devices in addition to Android – This provides protection against malware and malicious applications across these platforms. Leveraging the intelligence from The Network with real-time reputation data from more than 14 million applications, ThreatMetrix can identify and classify millions of mobile applications, compared to the hundreds identified by competitors.
  • New mobile-specific attributes analyzed – The newest attributes analyzed by ThreatMetrix include additional details of device networks and security, as well as details of application “deep linking” to further identify unique devices and more importantly, to highlight devices compromised by malicious actors and malware.
  • Continues to leverage The Network – As with all ThreatMetrix products, the newest release is fully integrated with the ThreatMetrix digital identity network and analysis engine to help stop cybercriminals across mobile and other connected devices, using a common set of intelligence and policies.

iOS gains in the marketplace could make it a more tempting target

“iOS drives a significant percentage of mobile commerce,” said Pandey, “During Cyber Week 2014, The Network found that 39 percent of transactions originated from mobile devices, with nearly 80 percent of those transactions originating from iOS. While Android is at higher risk for malware, iOS is more prevalent. Extending the Mobile App Reputation and Integrity capabilities of TrustDefender Mobile to iOS offers our customers a more consistent solution.”

Visit ThreatMetrix at MRC Vegas 2015

ThreatMetrix is sponsoring and exhibiting its latest TrustDefender Mobile capabilities in booth 119 at MRC Vegas 2015, the industry-leading conference for merchants to discuss the latest trends in risk and payments, March 23-26 in Las Vegas. ThreatMetrix will participate in several speaking sessions and panels at the event, including:

Merchant Focus Group – Tuesday, March 24

  • 12:15-1:30 p.m. PST, Bristlecone 3 Room
  • Speaker: Carmen Honacker, director of customer advocacy at ThreatMetrix
  • Topic: Building a Fraud Prevention Community (Invite Only)

Ignite Session – Tuesday, March 24

  • 4:00-5:00 p.m. PST, Pinyon 2 Room
  • Speaker: Bert Rankin, chief marketing officer at ThreatMetrix

Speaking Session – Thursday, March 26

  • 9:55-10:35 a.m. PST, Bristlecone 3 Room
  • Speakers: Carmen Honacker and Peter Zeigler, senior products manager at TripAdvisor
  • Topic: Beyond Device ID: Using Digital Identification to Reduce E-Commerce Fraud

Joint ThreatMetrix and TripAdvisor session at MRC Vegas

Attendees at the joint ThreatMetrix and TripAdvisor speaking session on the final day of MRC Vegas will learn why and how e-commerce businesses need to move beyond simple device identification through the use of cookies to include other criteria. Cookies are easily compromised by hackers and privacy-conscious users alike. To complicate matters, IP address information is dangerously easy to spoof by using proxies, virtual private networks (VPNs) and botnets. This session will discuss how e-commerce merchants can take into account the context of an online event, resulting in historical evidence of persona behavior across all data.

For more information on MRC Vegas, visit www.merchantriskcouncil.org/Pages/home.aspx.

ThreatMetrix builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions leveraging a global shared digital identity network and real time customer driven analytics platform.  These solutions help customers differentiate between trusted users and potential fraud resulting in reduced friction, incremental revenue and lower fraud and operational costs.

ThreatMetrix secures customers against account takeover, payment fraud, fraudulent account registrations resulting from malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes over one billion monthly transactions and protects more than 250 million active user accounts across 3,000 customers and 15,000 websites and mobile applications. ThreatMetrix is deployed by industry leaders across financial services, e-commerce, payments, social networks, government and insurance.

For more information, visit www.threatmetrix.com or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.

 

 

New Study Reveals True Cost of Mobile Fraud

Posted on February 4th, 2015 by Dan Rampe

Mobile commerce

In 2014, Every $100 of Mobile Fraud Cost Merchants $334. In 2013, Every $100 Cost Merchants $283, a Hike of $51 in Just One Year

Do you happen to remember our referencing famous bank robber Willie “the Actor” Sutton who replied when asked why he robbed banks, “Because that’s where the money is.”? Never mind, Sutton never said it (likely it was made up by an enterprising reporter), it’s just common sense and the reason mCommerce has become a high priority target of cybercriminals. That’s where the money is.

A heraldonline.com story reports on LexisNexis Risk Solutions’ annual True Cost of Fraud Mobile Study demonstrating that as more merchants go to mobile, so do cybercriminals. The following has been excerpted from the heraldonline.com article and edited to fit our format. You may find the full article by clicking on this link.

70 percent spike

Revenue that mobile commerce (mCommerce) merchants lost to fraud spiked 70 percent in 2014 to 1.36 percent compared to 0.80 percent in 2013. For comparison, all merchants lost 0.68 percent of revenue to fraud in 2014 in comparison to 0.51 percent in 2013.

More ways to steal

The complexity of additional payment channels, like digital wallets, coupled with additional access channels, like mobile web sites and apps, produce more avenues for fraud. Study results show that mCommerce merchants accept an average of 4.5 payment channels, significantly more than the 2.6 channels accepted by all merchants. mCommerce companies have more fraud exposure than other types of retailers.

Now is the time for fraud prevention tools

Dennis Becker, Vice President, Corporate Markets, LexisNexis Risk Solutions said, “Mobile commerce is going to be more widely adopted by merchants because customers are clamoring for the convenience. To reduce customer friction and sell more through the mobile channel, now is the time for mCommerce retailers to put in place fraud prevention tools to counter the disproportionate amount of fraud that is currently occurring.”

Authentication, authentication, authentication

“mCommerce merchants have an opportunity to strategically implement mobile-channel specific fraud prevention measures,” Becker explained. “The findings of this study suggest that the more mCommerce companies move away from a ‘one-size-fits-all’ fraud strategy the faster they will grow and be more profitable.”

Based on the study results, customer identity verification is the top fraud prevention challenge for mCommerce merchants, followed by friendly fraud. The inability to confidently verify the identity of a customer and their device leads to friendly fraud, which is defined as fraud perpetrated by a family member or close associate. The study shows that 24 percent of fraudulent transactions are due to friendly fraud. “We expect this percentage to drop, as more mCommerce merchants adopt mobile-channel specific fraud prevention tools,” Becker concluded.

ThreatMetrix builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions. These solutions authenticate consumer and workforce access to mission critical applications using real-time identity and access analytics that leverage the world’s largest trusted identity network.

ThreatMetrix secures enterprise applications against account takeover, payment fraud, fraudulent account registrations, malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes over 850 million monthly transactions and protects more than 210 million active user accounts across 3,000 customers and 15,000 websites.

The ThreatMetrix solution is deployed across a variety of industries, including financial services, enterprise, e-commerce, payments, social networks, government and insurance.

For more information, visit www.threatmetrix.com or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.

 

 

 

Mobile Attacks Listed as One of the Top Threats Facing E-Commerce Businesses

Posted on September 24th, 2014 by Dan Rampe

According to a Recent ThreatMetrix Survey, 25 Percent of E-Commerce Executives Indicate Mobile Attacks a Leading Business Threat

San Jose, CA – September 24, 2014 – ThreatMetrix®, the fastest-growing provider of context-based security and advanced fraud prevention solutions, today announced the results of a recent customer survey, which found that mobile attacks are a top concern for e-commerce executives. In the wake of recent mobile innovations, including the iPhone 6 release, ThreatMetrix urges businesses to evaluate and update their current mobile strategies.

“There has been a significant shift in consumer activity on mobile devices that is causing major security concerns among businesses across all industries,” said Alisdair Faulkner, chief products officer at ThreatMetrix. “Recent data from the ThreatMetrix® Global Trust Intelligence Network (The Network) shows top threats facing mobile apps and browsers include account creation, login and payment fraud. As mobile usage increases, specifically on enterprises’ mobile-based apps, businesses need to do everything in their power to protect customers from account takeover, fraudulent transaction and other related security risks.”

According to data from The Network, which is comprised of more than 210 million active user accounts, mobile represented one third of total traffic in 2013, and this number is projected to increase to 50 percent by the end of this year. In addition to the increase in mobile usage in general, consumer behavior on mobile is changing, as 86 percent of time on mobile devices is spent on mobile apps and only 14 percent on mobile Web browsers.

However, many businesses’ mobile apps are not secure enough to handle the increased usage. ThreatMetrix’s recent survey conducted with TechValidate indicates that 25 percent of executives using the ThreatMetrix TrustDefender™ Cybercrime Protection Platform believe mobile attacks are a leading threat they need to protect their business and customers against. Additional top threats include fraud losses, at 91 percent, and fraudulent account creation, at 49 percent.

“Fighting fake account creation is something we take seriously, always working on improving our strategies and trying new ideas,” said a chief technology officer at a medium-sized enterprise consumer products company. “ThreatMetrix has been most effective, and we see the impact directly in the metrics we monitor. The clearest gain was when we were able to launch ThreatMetrix directly in our mobile applications and saw the immediate drop off of fake account creation.”

In addition to increase mobile app usage, the recent release of the iPhone 6 and its new features should also be of concern to businesses, specifically in e-commerce and retail. The addition of near field communications (NFC) technology and Apple Pay will bring new security concerns via mobile for brick-and-mortar and online retailers alike.

“While the use of Apple Pay with NFC technology will cut down on opportunities to copy card data in-store, more data breaches are expected until the U.S. rolls out end-to-end encryption,” said Faulkner. “Additionally, the increase of secure in-store transactions will likely push even more fraud online, into the most vulnerable channel, where there is no card, person or physical device present.”

Using advanced fraud prevention and context-based authentication can help identify good users and protect customers without adding additional steps to the authentication process. The Network analyzes more than 850 million monthly transactions and combines device identification, threat assessments, identity and behavioral intelligence to accurately identify cybercriminals without creating friction for good users.

ThreatMetrix Resources

About ThreatMetrix

ThreatMetrix builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions. These solutions authenticate consumer and workforce access to mission critical applications using real-time identity and access analytics that leverage the world’s largest trusted identity network.

ThreatMetrix secures enterprise applications against account takeover, payment fraud, fraudulent account registrations, malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes over 850 million monthly transactions and protects more than 210 million active user accounts across 3,000 customers and 15,000 websites.

The ThreatMetrix solution is deployed across a variety of industries, including financial services, enterprise, e-commerce, payments, social networks, government and insurance.

For more information, visit www.threatmetrix.com or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.

© 2014 ThreatMetrix. All rights reserved. ThreatMetrix, TrustDefender ID, TrustDefender Cloud, TrustDefender Mobile, TrustDefender Client, the TrustDefender Cybercrime Protection Platform, ThreatMetrix Labs, and the ThreatMetrix logo are trademarks or registered trademarks of ThreatMetrix in the United States and other countries. All other brand, service or product names are trademarks or registered trademarks of their respective companies or owners.

Media Contacts
Dan Rampe
ThreatMetrix
Tel: 408-200-5716
Email: drampe@threatmetrix.com

Beth Kempton
Walker Sands Communications
Tel: 312.241.1178
Email: beth.kempton@walkersands.com

 

 

What Does Mobile Mean for Enterprise Security?

Posted on August 8th, 2014 by Dan Rampe

the-good,-the-bad-and-the-ugly-of-mobile-adoptionThreatMetrix Latest Infographic Reveals Mobiles’ Good, Bad and Ugly Sides

By the end of this year, there’ll be more smartphone subscriptions than there are people on planet earth (approximately 7 billion). And that number is going to go even higher when Apple launches their new iPhone 6 on September 9. That’s an amazing figure – especially when juxtaposed against the fact that only 4.5 billion earthlings have access to working toilets (Time.com March 2013). No wonder why there are so many smartphones. You have to do something while waiting for your turn in the WC.

In ThreatMetrix’s network of more than 160 million active user accounts, one third of the total traffic in 2013 was mobile. And that number is projected to increase to 50 percent by the end of this year. With so many users turning to mobile, ThreatMetrix put together an infographic of mobile’s good, bad and ugly sides so those charged with enterprise cybersecurity will be better equipped to protect staff as well as customers.

ThreatMetrix® builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions. These solutions authenticate consumer and workforce access to mission critical applications using real-time identity and access analytics that leverage the world’s largest trusted identity network.

ThreatMetrix secures enterprise applications against account takeover, payment fraud, fraudulent account registrations, malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes over 500 million monthly transactions and protects more than 160 million active user accounts across 2,500 customers and 10,000 websites.

The ThreatMetrix solution is deployed across a variety of industries, including financial services, enterprise, e-commerce, payments, social networks, government and insurance.

For more information, visit www.threatmetrix.com or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.