With 97% of Malware Aimed at Android, Can an Android Device Be as Safe as an iPhone for Example? App-solutely.

Posted on March 31st, 2014 by Dan Rampe

Malware

Two figures leap out of just about every survey on smartphones. Globally, Android has 87 percent of the market and 97 percent of the malware.

In 2012 there were 238 threats to Android. That jumped to 804 in 2013. And, over that same timeframe, threats to Apple iOS, BlackBerry OS and Microsoft Windows Phone were a goose egg, nil, zero, nada, none. These figures come from a piece on Forbes.com, which explains that the 3 percent of malware that didn’t go to Android went to Nokia’s now defunct Symbian platform.

So, if you want to be safe, get ABA (Anything But Android), right? Not so fast says Gordon Kelly in his Forbes.com piece:

Let’s be clear. From a statistical viewpoint researcher and security specialist F-Secure got them right. Android does account for 97% of all mobile malware, but it comes from small, unregulated third party app* stores predominantly in the Middle East and Asia. By contrast the percentage of apps carrying malware on Google’s official Play Store was found to be just 0.1% and F-Secure acknowledges rigorous checks mean “malware encountered there tends to have a short shelf life.”

If you want to stay safe on Android [here’s] the solution: stick to buying apps on the Play Store and every one in 1000 apps you buy may have had malware for a brief period.

Strangely F-Secure didn’t reveal figures for Amazon’s Apps for Android store, but other third party Android stores didn’t fare so well. Mumayi, AnZhi, Baidu, eoeMarket and liqucn were found to have 6%, 5%, 8%, 7% and 8% malware penetration respectively and an appalling 33% of apps were infected in Android159. Repacked or faked games were the big target and since it isn’t difficult to taint an app with malware the message is simple: steer clear of third party app stores that don’t have the resources to effectively scan and police their libraries.

Despite these figures, F-Secure … stressed each new version “has included a number of security-related changes that help mitigate the effects of malware. “ Consequently rather than laying the blame at Google’s feet, it stressed the real problem was fragmentation caused by hardware manufacturers failing to update their devices to the latest version of Android.

But Google doesn’t get off scot-free. Google lags a long way behind Apple when making its app store available around the world. The most notable omission is China, where Apple has made significant progress in recent years.

Furthermore, while Google Play users in most countries can now purchase apps, the countries where developers can sell apps remains hopelessly restrictive. For example there is no developer support in Africa and only Argentinian and Brazilian developers can sell apps through the Play Store in South America.

It is worse when it comes to media content with only Australia, Japan, the UK and US currently able to buy TV shows while music purchases only expand that list within European countries. As such the countries where customers and developers are most likely to be attracted by the cheap prices of budget Android handsets are the least well served.

Which leaves us with the all too familiar scenario that Android’s malware problem isn’t as black and white as many would have you believe. The truth is it is easy to stay safe on Android. The problem is that sentence relies on where you live.

One nagging question remains. Does Kelly himself use an Android smartphone? We guess that must depend on where he lives.

ThreatMetrix builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions. These solutions authenticate consumer and workforce access to mission critical applications using real-time identity and access analytics that leverage the world’s largest trusted identity network.

ThreatMetrix secures enterprise applications against account takeover, payment fraud, fraudulent account registrations, malware, and data breaches. Underpinning the solution is the ThreatMetrix™ Global Trust Intelligence Network, which analyzes over 500 million monthly transactions and protects more than 160 million active user accounts across 2,500 customers and 10,000 websites.

The ThreatMetrix solution is deployed across a variety of industries, including financial services, enterprise, e-commerce, payments, social networks, government and insurance.

For more information, visit www.threatmetrix.com or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.

 

A New Model for Building Trust on the Internet

Posted on January 28th, 2014 by Dan Rampe

Reed-Header

The beginning of a new year is often a time of reflection. At ThreatMetrix™, we have a lot to reflect on and look forward to. ThreatMetrix turns seven this year. In Internet- and dog-years alike, that’s a long time.

When we started ThreatMetrix, the online world was a simpler place. While we were developing our advanced device identification technologies in 2007, with proxy piercing and global device identification, Apple announced the iPhone. Amazon launched the Kindle in November of 2007. Those devices and others changed the way that we connect with the world.

We’ve worked hard to keep pace with those changes:

  • Since one size doesn’t fit all, we added customer-configurable rules to our risk analysis.
  • As cybercriminals got better at disguising their identities, we developed ThreatMetrix ExactID™ and ThreatMetrix SmartID™ technologies to look beyond the devices to the people using them.
  • Recognizing that legitimate user devices can be compromised by malware, we became the first advanced device identification technology to integrate malware detection.
  • Because it’s just as important for businesses to allow legitimate customers or employees access to applications as to keep out the false ones, we created ThreatMetrix™ Persona ID and ThreatMetrix™ Trust Tags technologies to help streamline access for trusted visitors.

The Trust Trifecta: Technologies, Processes and Data

Advanced device identification and malware detection were just the first phase in the evolution of the ThreatMetrix solution set. Although we started out as a first line of defense in the fight against fraud, in working with our customers we dove into the broader issues of online trust. In doing so, we have expanded our innovations to include processes for configuring and validating business policies and a global data set of shared intelligence.

For example, the Persona ID technology addresses the broader issue of tracking the behavior of a person online – whether or not you know exactly who that person is. The ThreatMetrix Persona ID approach is both passive and anonymous from the user’s perspective. This type of analysis is only possible by tracking and analyzing online behavior across sites – something we do through the ThreatMetrix™ Global Trust Intelligence Network.

So in addition to innovative technologies, we now have a core set of processes, a massive data set generated and refreshed daily by a global network, and comprehensive data analysis from that data. This combination of technologies, processes and data significant broadens the scope of the ThreatMetrix solution in the online world. We can address broader issues of risk assessment and identity authentication.

ThreatMetrix Today: Building Trust on the Internet

Which brings me to where the company is today, in early 2014. We’ve changed our tagline to reflect our broader purpose: Building Trust on the Internet. We’re building and growing our ThreatMetrix™ Global Trust Intelligence Network, which monitors and scores more than 500 million transactions per month. Our Persona ID and Trust Tag technologies, enhanced with our global network and data, enable a new kind of passive, context-based authentication for all kinds of online sites and applications. And we’re working not only with online banks and retailers, but also enterprises and government agencies to help streamline access for legitimate users and keep out those who don’t belong.

No one can see what twist and turns the Internet will take in the coming years – but building a foundation of trust with employees and customers is an important first step. And that’s where we’re putting all of our efforts from this point forward.

About ThreatMetrix

ThreatMetrix secures Web transactions against account takeoverpayment fraudidentity spoofing, malware, and data breaches. The ThreatMetrix Global Trust Intelligence Network, which analyzes 500 million monthly transactions, provides context-based authentication and Web fraud prevention to help companies accelerate revenue, reduce costs and eliminate friction. ThreatMetrix protects ThreatMetrix protects more than 160 million active user accounts, 2,500 customers and 10,000 websites across a variety of industries, including financial servicesenterprisee-commerce, payments, social networks, government, and insurance. For more information, visit www.threatmetrix.com or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.

Balancing Online Privacy and Security

Posted on January 28th, 2014 by Dan Rampe

Data Privacy 3Online security and privacy have a love/hate relationship. We need security measures to protect our online privacy. However, complete online privacy (anonymity) can defeat security measures by giving cybercriminals an undetected place to operate. And we often sacrifice data privacy in the name of security – the NSA Prism project being one visible example.

The strange relationship between privacy and security is perfectly illustrated in the story of Tor, a software program for online anonymity. According to last week’s BusinessWeek article on Tor, much of its original funding came from the Department of Defense. Now the NSA is spending a huge amount of time and energy trying to defeat Tor in the name of security. Security and privacy would appear to be on opposite teams.

I don’t think that has to be true. It’s possible to respect the online privacy of your customers while protecting the security of their data and your applications. Striking the right balance is something that every business has to do for its specific customer needs and use cases.

In honor of Data Privacy Day, here are some thoughts on how businesses can and should balance privacy and security.

Stop Asking People to Give Up Privacy for Security

As I wrote in a previous blog, be wary of asking people for more personal information in the name of giving them better security. The more of their personal information you hold, the greater your obligation to guard that data – and the more attractive target you become for identity thieves. Even credit bureaus and identity data aggregators have been breached and hacked, so even outsourcing data collection to third parties is problematic.

Consider Context When it Comes to Privacy

People have many ways of trying to operate anonymously online, from disguising IP addresses or true location to cookie wiping. Many people want to escape the scrutiny of marketers tracking their movements. Businesses need to look for indicators of people obscuring their real identity in those situation that represent risk of identity takeover.

Let’s say someone is disguising their IP address online – should that be a concern? It depends on the business and online context. When connecting to a social network, someone might legitimately want to disguise their IP address or use a VPN connection. For example, they might be traveling in a country that bans the network. The social network might detect the activity but not deny access unless there were other behavioral factors.

However, if someone tries to create a credit card account while disguising their IP or geolocation, that should be a red flag. The context of the transaction or online interaction is a critical factor.

Honor the Customer’s Trust

Ultimately, striking the right balance of security and privacy comes down to honoring the customer’s trust.

• Don’t collect personally identifiable information unless you need it. Use behavior-based and data anonymization to prevent the need to share data with third-parties about your customer’s personal lives.

• Whatever information you do gather for security reasons, you should only use for protecting the customer identity and data. Do not share it or sell it for marketing purposes. Partner with companies that are in the business of protecting trust, not monetizing identities.

• Protect customer identity in use – during the point of a transaction or at the moment of login. As I wrote in the blog Let’s Do Something Different for Data Privacy Day, online businesses need to be accountable for protecting the customer identity when it is used on their site – even if the identity was stolen elsewhere. By preventing account takeover you can maintain customer trust.

For more information, see the press release, “ThreatMetrix Shares Strategies for Walking the Tightrope Between Consumer Online Privacy and Security.”

ThreatMetrix secures Web transactions against account takeoverpayment fraudidentity spoofing, malware, and data breaches. The ThreatMetrix Global Trust Intelligence Network, which analyzes 500 million monthly transactions, provides context-based authentication and Web fraud prevention to help companies accelerate revenue, reduce costs and eliminate friction. ThreatMetrix protects more than 160 million active user accounts, 1,900 customers and 9,000 websites across a variety of industries, including financial servicesenterprisee-commerce, payments, social networks, government, and insurance. For more information, visit www.threatmetrix.com or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.

 

 

 

ThreatMetrix Shares Strategies for Walking the Tightrope Between Consumer Online Privacy and Security

Posted on January 28th, 2014 by Dan Rampe

Data Privacy 3

Businesses Can Protect Customer Identities While Enabling Confidentiality on the Internet Through Anonymized Trusted Identity Networks

San Jose, Calif. – January 28, 2014 – ThreatMetrix™, the fastest-growing provider of context-based authentication and advanced Web fraud solutions, commemorates Data Privacy Day by announcing strategies for businesses to protect consumer identities without compromising privacy.

In the age of big data enterprises are collecting and sharing unprecedented amounts of customer information, many times unintentionally. When a single employee can steal up to 40 percent of a country’s credit data on a USB stick, and identity thieves can illegally purchase credit data, better practices are urgently needed for protecting access to online information and identities. The flip side however, is that in order to protect against data breaches and malware, big data approaches to cybersecurity are essential for total situational awareness.

“Often, bad things happen to good people and sometimes good people – even a company’s own employees – go bad and compromise online security and privacy,” said Alisdair Faulkner, chief products officer, ThreatMetrix. “Therefore, enterprises need to combine big data techniques with a new approach to protecting privacy and unlawful access to customer and employee accounts.”

At the heart of the problem is the way trust is evaluated online. In the offline world, trust is situational, continually evaluated over time based on observed behavior and informed by reputation. In the online world, however, the vast majority of data and commerce is protected by static checks such as passwords, payment information or supposedly private “out-of-wallet” information. The problem is exacerbated by the lack of privacy-protecting intelligence sharing, meaning companies either operate in a silo, or customers must trust their identity information will not be abused by marketing organizations or breached by hackers.

“There is a fine line between offering customers comprehensive security and invading their privacy,” said Faulkner. “Finding the balance is essential to effectively protecting sensitive data while maintaining trust and preventing customer identities from falling into the hands of cybercriminals. With the advent of controversies surrounding government spying programs, the tightrope between privacy and security has become even narrower.”

Added complexity lies in differentiating between cybercriminals, who are looking for anonymity to hide their fraudulent activity, and consumers who simply want privacy. For example a person using an anonymized IP Address to read political news is one thing and it’s a completely different matter if the user is accessing a Tor network while applying for a credit card. The expectations for privacy by a legitimate consumer and what is viewed by a business as acceptable behavior are very different based on the context of the action taken.

Key strategies ThreatMetrix recommends businesses implement to achieve the balance between privacy and security include:

CEO-Sponsored Trust Protection Taskforce – It’s essential that the CEO takes a leadership stand in framing the privacy and security tightrope as a competitive opportunity to build brand trust and remove obstacles to increasing revenue. The often-competing requirements of security, privacy and marketing need to come together under a coherent strategy that moves the internal conversation beyond compliance to protection.

Anonymized Shared Intelligence – A collective problem requires a collaborative solution. Leverage trusted identity networks that use strict anonymization practices to share risk intelligence and improve security without compromising privacy. Anonymized networks used in this way enable trust to be federated across applications and companies using big data techniques without falling afoul to privacy laws and consumer trust.

Behavior-Based Identity Proofing – Simple reputation systems cause authentic customers and employees to be treated unfairly when their identities or accounts are abused. Analyze anonymized global patterns of identity usage including locations, devices, accounts, transactions and associations over time to provide ‘spoof-proof’ identity screening without false positives – incorrectly labeling legitimate users as fraudulent.

Context-Based Authentication – ”Context is King” when it comes to differentiating between trusted users and cybercriminals. Businesses must dynamically establish the credibility of each and every access attempt and transaction, regardless of whether initiated by a customer or employee, based on business risk of the action and the full context of identity and device threats. These threats include Man-in-the-Middle and Man-in-the-Browser attacks, account compromise, bots, proxies, and location and transaction anomaly screening to determine the level of authentication and authorization required to process the request.

“At a minimum, industries operating online should self-enforce standards for controlling access to customer data from both insider and outsider theft,” said Faulkner. “Otherwise, government agencies will be forced to step in. It’s crucial that privacy and security professionals move to frictionless solutions that can tell whether a user is who they say they are without needing to know their name. These standards can be used as a balancing pole for chief security officers and chief privacy officers walking the tightrope between privacy and security.”

ThreatMetrix uses an anonymized global data repository, the ThreatMetrix™ Global Trust Intelligence Network (The Network), to evaluate logins, payments, new account registrations and remote access attempts for validity in real time. The most comprehensive global repository of anonymized identity and trust data, The Network uses real-time analytics to protect hundreds of millions of accounts and identities each day from cybercrime.

Through sharing strategies to balance between privacy and security, ThreatMetrix continues its commitment to Data Privacy Day, an annual event sponsored by the National Cyber Security Alliance that encourages businesses and consumers to protect their online privacy and control their digital footprint. ThreatMetrix was named a Data Privacy Day Champion for its ongoing efforts to prevent cybercrime and preserve personal data on the Internet.

About ThreatMetrix

ThreatMetrix secures Web transactions against account takeoverpayment fraudidentity spoofing, malware, and data breaches. The ThreatMetrix Global Trust Intelligence Network, which analyzes 500 million monthly transactions, provides context-based authentication and Web fraud prevention to help companies accelerate revenue, reduce costs and eliminate friction. ThreatMetrix protects more than 160 million active user accounts, 1,900 customers and 9,000 websites across a variety of industries, including financial servicesenterprisee-commerce, payments, social networks, government, and insurance. For more information, visit www.threatmetrix.com or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.

© 2013 ThreatMetrix. All rights reserved. ThreatMetrix, TrustDefender ID, TrustDefender Cloud, TrustDefender Mobile, TrustDefender Client, the TrustDefender Cybercrime Protection Platform, ThreatMetrix Labs, and the ThreatMetrix logo are trademarks or registered trademarks of ThreatMetrix in the United States and other countries. All other brand, service or product names are trademarks or registered trademarks of their respective companies or owners.

Media Contacts

Dan Rampe
ThreatMetrix
Tel: 408-200-5716
Email: drampe@threatmetrix.com

Beth Kempton
WalkerSands Communications
Tel: 312.241.11178
Email: beth.kempton@walkersands.com

 

Just Because You’re Paranoid Doesn’t Mean They’re Not out to Get You. One Cyberreporter Refuses to Share Her Email Address with Retailers.

Posted on January 27th, 2014 by Dan Rampe

personal data

Maybe you’re overcome by politeness. Maybe people who stand behind counters represent childhood authority figures like teachers and principals and movie ushers. Maybe because it’s become routine. Whatever the reason, when a vendor asks for a phone number or email address to complete a transaction, there’s a tendency to comply without question.

However, there’s a big difference between the information merchants need for executing a transaction and the information merchants want for marketing. And, online or brick-and-mortar, personal information that’s compromised is costly to both customers and merchants.

One cybersecurity reporter hit the keys to tell how she deals with companies and clerks who want her email address. Nicole Perlroth writes on nytimes.com:

There is a temptation to think that major retailers like Target are more secure because they have more cash to spend on security. But the reality is that no company is entirely secure.

It’s hard out there for a paranoid cybersecurity reporter.

I’ve covered enough breaches, identity thefts, cybercrime and worse, to know it’s a terrible idea to hand over my personal data — even something as seemingly innocuous as my birthday or email address — to a store clerk, or a strange login page on the Internet.

But it’s getting hard to resist. I was in the middle of buying a swimsuit recently when the sweet lady behind the boutique counter asked me for my email address. I explained, as I have a hundred times before, that I’m a paranoid security reporter who makes it a general rule of thumb not to hand out information unnecessarily.

“We won’t spam you or anything,” she said, perplexed. “We just need it for our database.”

I knew then that the conversation was headed into a whole lot of awkward, as it had dozens of times before. The fact is, a boutique doesn’t need my email address so I can buy a swimsuit. The hotel I stayed in recently didn’t need my birth date, or my home address, or my driver’s license number, before I could check in. And Target doesn’t need to store your debit card PIN.

After news of Target’s breach first broke last month, a reader emailed complaining that after a recent purchase at a Target store in San Francisco, she was asked for her driver’s license after her credit card was authorized. “I gave it to her thinking she was only going to look at it, however she immediately scanned it through her register. I was a bit shocked and asked why she did that.

She said it is always done but ‘Don’t worry, it is secure.’”

That, we now know, is absurd.

There is a temptation to think that major retailers like Target– and now Neiman Marcus– are more secure because they have more cash to spend on security. It’s the same assumption users made thinking Snapchat was secure because it magically makes selfies disappear, or that LinkedIn knew how to protect data because it likes to talk up big data, or that Adobe could protect our passwords.

Actually, I take that back: Compromised Adobe PDF files have been used in far too many cyberattacks to mention here.

The point is that no company is secure. None of them. Not when they are up against an increasingly sophisticated, elusive enemy. But the problem is not just retailers, or technology companies or hackers, it’s us.

We regularly hand over data simply because we’re politely asked. We don’t read privacy policies, or ask companies whether our email addresses and passwords will be “salted” or “hashed,” encrypted with long or short keys, or whether those keys will be stored on separate systems from the ones they can unscramble. We don’t challenge major credit card companies to hurry up and adopt smart-chip credit cards. And we don’t stop doing business with companies that don’t take data protection seriously.

So we’ll all feign shock that the Target breach did not just affect 40 million people as it previously reported, but well over one-third of America’s adult population. And then, in a few days, we will likely go back to politely handing over our email addresses and birth dates.

But for now, the sweet lady at the boutique just has this: privacyreporter@stopaskingme.com.

Note: We went to www.stopaskingme.com and found just this on the website:

It seems like today people want so much information from you. You have to spend 1-2 minutes on the phone, after you get to talk to a human, before you can ever get down to business. They need name, account number, (again) last for of something or other and on and on.

There is a fine balance between good customer service and down right annoyance. Anyways, I love the look on these peoples faces when I give them my email address of some name@stopaskingme.com. I can not tell you how many tech support people have bust out in laughter when I give them this email. Kind of lightens the whole mood and even has a calming effect when talking to some of the less, shall we say, less than helpful customer service reps.

ThreatMetrix secures Web transactions against account takeoverpayment fraudidentity spoofing, malware, and data breaches. The ThreatMetrix Global Trust Intelligence Network, which analyzes 500 million monthly transactions, provides context-based authentication and Web fraud prevention to help companies accelerate revenue, reduce costs and eliminate friction. ThreatMetrix protects more than 160 million active user accounts, 1,900 customers and 9,000 websites across a variety of industries, including financial servicesenterprisee-commerce, payments, social networks, government, and insurance. For more information, visit www.threatmetrix.com or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.

 

You Gotta Be Kidding Me. 17-Year-Old Russian Kid Wrote Code for Target, Neiman Marcus and Other Hacks.

Posted on January 24th, 2014 by Dan Rampe

Hacker

What did you do for money when you were 17? Mow lawns?. Do the Mickey D burger thing? Camp counselor? Whatever it was, chances are it wouldn’t have put you at the center of a worldwide manhunt. Which is where one Russian teenage hacker ended up.

Hearing a teenager wrote the code that put tens of millions of people in jeopardy of having their identities stolen can leave you conflicted. On one hand, like any prodigy or savant, he can be admired. On the other, for the pain he caused and will cause, he should be sent to Siberia with a thin moth-eaten blanket and Bermuda shorts and have a hungry grizzly for company.

The Washington Post’s, Hayley Tsukayama, writes about this latest twist in the Target-Neiman Marcus et al. hack with a reporter’s more objective eye:

Security firm IntelCrawler said Friday that it has identified a Russian teenager as the author of the malware probably used in the cyberattacks against Target and Neiman Marcus, and that it expects more retailers to acknowledge that their systems were breached.

In a report posted online, the Sherman Oaks, Calif., company said the author of the malware used in the attacks has sold more than 60 versions of the software to cybercriminals in Eastern Europe and other countries.

The firm said the 17-year-old has roots in St. Petersburg. He reportedly has a reputation as a “very well known” programmer in underground marketplaces for malicious code, the report said.

The company said the teenager did not perpetrate the attacks, but that he wrote the malicious programs — software known as BlackPOS — used to infect the sales systems at Target and Neiman Marcus. Andrew Komarov, the chief executive of IntelCrawler, said the attackers who bought the software entered retailers’ systems by trying several easy passwords to access the registers remotely.

“It seems that retailers still use quite easy passwords on most remote-access” servers, Komarov said. He added that there do not appear to be many restrictions on who has access to the remote point-of-sale servers in numerous companies. This, he said, could enable hackers to gain access to a prime target: back-office servers where criminals can pick up pools of data from multiple stores.

Target declined to comment on the report. Neiman Marcus spokeswoman Ginger Reeder said that she has heard no claim about weak passwords from anyone with direct knowledge of the retailers’ system.

Komarov first identified the software last March and reported it to Symantec and other security firms. Before both breaches, IntelCrawler said in its post, the company detected attempted attacks on point-of-sale terminals across the United States, Australia and Canada.

That indicates that more companies, specifically retailers, are likely to discover attacks on their systems in the near future, company executives said. The firm has identified six additional breaches at other retailers of various sizes across the country, Komarov said. He did not identify those retailers.

Last month, Target announced that hackers had gained access to as many as 40 million credit and debit cards used by its customers during the height of the holiday shopping season, later extending that figure to as many as 110 million. Neiman Marcus has also disclosed that it was the victim of an attack but has not disclosed how many customers were potentially affected.

Both companies have said the breaches are under investigation by federal authorities.

ThreatMetrix secures Web transactions against account takeoverpayment fraudidentity spoofing, malware, and data breaches. The ThreatMetrix Global Trust Intelligence Network, which analyzes 500 million monthly transactions, provides context-based authentication and Web fraud prevention to help companies accelerate revenue, reduce costs and eliminate friction. ThreatMetrix protects more than 160 million active user accounts, 1,900 customers and 9,000 websites across a variety of industries, including financial servicesenterprisee-commerce, payments, social networks, government, and insurance. For more information, visit www.threatmetrix.com or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.

 

Global Trust Intelligence – Changing Economics of Identity Theft

Posted on January 22nd, 2014 by Dan Rampe

Data-Privacy-Day-Alisdair-PR-Blog

ThreatMetrix Shares Strategies For Implementing Effective Security Measures Without Disrupting Authentic Users And Compromising Privacy

San Jose, Calif. – January 22, 2014 – ThreatMetrix™, the fastest-growing provider of integrated cybercrime prevention solutions, continues its alignment with Data Privacy Day by announcing several strategies for businesses to change the economics of data breaches and identity theft through global trust intelligence.

The Identity Theft Resource Center recorded more than 600 data breaches in 2013, a 30 percent increase over the number of breaches in 2012. Target and Neiman Marcus are just two examples of companies that experienced significant breaches recently and more are expected to occur in 2014. Personally identifiable information exposed in past breaches includes credit card numbers, password hints, names, email addresses and other sensitive information.

To make matters worse, in the aftermath of data breaches, the solutions companies put in place to protect consumer identities are far from ideal. Businesses in the past have either implemented intrusive two-factor authentication solutions or offered customers credit monitoring.

“The current way in which companies prevent misuse of stolen identities is broken,” said Alisdair Faulkner, chief products officer, ThreatMetrix. “Many businesses that offer credit monitoring, two-factor authentication and other means of protecting personal information following a data breach end up causing additional damage to the customer relationship due to added charges, intrusive features or requesting more personal data. Instead we need solutions that make stolen identities worthless in the hands of cybercriminals.”

While two-factor authentication solutions such as SMS one-time passwords can provide an extra layer of protection, the reality is that they are expensive, can lead to abandonment and only protect the fraction of users that choose to adopt.

As an alternative to two-factor authentication, some businesses offer free trials of credit monitoring services, which expire and can require payment through automatic renewal. Instead of putting consumers at ease, these services can potentially cause backlash if customers perceive companies are profiting from their misfortune. In any case, credit monitoring doesn’t stop your identity being abused to hack accounts or commit payment fraud.

High profile breaches are a prime example of why businesses across industries – including retailers, financial institutions and others – should not rely on traditional identity verification services to screen users.

“Legacy identity verification solutions are largely a solution for a bygone era because they can prove that an identity exists, but not ownership of that identity,” said Faulkner. “The cat is out of the bag – cybercriminals and consumers are well aware that traditional verification and authentication solutions are no longer effective – and businesses need better strategies in place for customer identity protection.”

Instead of applying bandage-like solutions, ThreatMetrix recommends changing the economics of data breaches and identity theft by transparently rendering stolen data invaluable with global trust intelligence comprising of:

Anonymized Shared Intelligence – A collective problem requires a collaborative solution. Leveraging trusted identity networks that use strict anonymization practices to share intelligence improves security without compromising privacy. Anonymized networks used in this way enable trust to be federated across applications and companies to reduce challenge rates.

Behavior-Based Identity Proofing – Simple reputation systems cause authentic customers to be treated unfairly when their identities or accounts are abused. Analyzing patterns of usage including locations, identities, devices and associations over time provides ‘spoof-proof’ identity screening without false positives – incorrectly labeling legitimate customers as fraudulent.

Passive Two-factor Authentication– Use cookieless device identification technologies in combination with rich contextual information such as account usage, location profiles and business risk to reduce unwanted and intrusive step-up authentications.

“ThreatMetrix uses anonymized device, identity and transaction data to determine whether or not customers are who they claim to be without needing to know their name,” said Faulkner.

To effectively protect customers, businesses should leverage a global data repository that can process transactions in real time and verify their authenticity against anonymized user profiles and past behavior. The ThreatMetrix™ Global Trust Intelligence Network (The Network) is the most comprehensive global repository of identity and fraud data and protects hundreds of millions of users and revenues each day from cybercrime. Its real-time analytics evaluate logins, payments, new account registrations and remote access attempts to differentiate between good and bad actors.

Data Privacy Day takes place on January 28 and is sponsored by the National Cyber Security Alliance. ThreatMetrix, a Data Privacy Day Champion, will continue its commitment to Data Privacy Day by publishing additional news on protecting consumer identities throughout the month of January.

About ThreatMetrix

ThreatMetrix secures Web transactions against account takeoverpayment fraudidentity spoofing, malware, and data breaches. The ThreatMetrix Global Trust Intelligence Network, which analyzes 500 million monthly transactions, provides context-based authentication and Web fraud prevention to help companies accelerate revenue, reduce costs and eliminate friction. ThreatMetrix protects more than 160 million active user accounts, 1,900 customers and 9,000 websites across a variety of industries, including financial servicesenterprisee-commerce, payments, social networks, government, and insurance. For more information, visit www.threatmetrix.com or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.

© 2013 ThreatMetrix. All rights reserved. ThreatMetrix, TrustDefender ID, TrustDefender Cloud, TrustDefender Mobile, TrustDefender Client, the TrustDefender Cybercrime Protection Platform, ThreatMetrix Labs, and the ThreatMetrix logo are trademarks or registered trademarks of ThreatMetrix in the United States and other countries. All other brand, service or product names are trademarks or registered trademarks of their respective companies or owners.

Media Contacts

Dan Rampe
ThreatMetrix
Tel: 408-200-5716
Email: drampe@threatmetrix.com

Beth Kempton
WalkerSands Communications
Tel: 312.241.11178
Email: beth.kempton@walkersands.com

 

ThreatMetrix Cybercrime Education Series Webinar: “Stop Payment Fraud Without Adding Friction”

Posted on January 17th, 2014 by Dan Rampe

Attendees Will Learn How to Increase Revenue Without Inconveniencing Trusted Customers

San Jose, CA – January 17, 2013 – ThreatMetrix™, the fastest-growing provider of integrated cybercrime prevention solutions, today announced that it is hosting a complimentary one-hour ThreatMetrix™ Cybercrime Education Series webinar on “Stop Payment Fraud Without Adding Friction.”

Online payment fraud resulted in billions of dollars in losses last year and cost businesses over $3 for each dollar lost to fraud, according to LexisNexis. Preventing fraud without disrupting the user experience for trusted customers is a necessity for online businesses to maintain customer loyalty and attract new business.

The one-hour complimentary webinar will take place at 10 a.m. PDT/1 p.m. EDT on Tuesday, January 21. The session will be led by Peter Liske, vice president of product management, ThreatMetrix. Webinar attendees will learn methods to detect online payment fraud in real-time. Other topics include:

  • Risks from payment fraud to online businesses
  • Examples of fraud attacks used by sophisticated cybercriminals
  • Methods to transparently differentiate between trusted customers and fraudsters
  • Solutions to reduce fraud while minimizing friction and manual reviews

“Our TrustDefender™ Cybercrime Protection Platform enables businesses to implement payment fraud prevention and security strategies that drive incremental revenue, increase customer confidence and reduce chargebacks,” said Liske. “With our software-as-a-service (SaaS) model, businesses can deploy fast, efficient and comprehensive transaction fraud protection.”

The TrustDefender Cybercrime Protection Platform is the leading payment fraud prevention solution. It delivers comprehensive visitor assessment, built on the powerful ThreatMetrix™ Global Trust Intelligence Network (The Network). The Network is the only global data repository that provides insight into positive and negative behavior and threat intelligence for both online personas and devices using trust-based authentication. The Network differentiates between good and bad actors in real-time so suspicious transactions can be blocked or require additional screening without inconveniencing authentic customers.

To register, please click here.

About ThreatMetrix

ThreatMetrix secures Web transactions against account takeoverpayment fraudidentity spoofing, malware, and data breaches. The ThreatMetrix Global Trust Intelligence Network, which analyzes 500 million monthly transactions, provides context-based authentication and Web fraud prevention to help companies accelerate revenue, reduce costs and eliminate friction. ThreatMetrix protects more than 1,900 customers and 9,000 websites across a variety of industries, including financial servicesenterprisee-commerce, payments, social networks, government, and insurance. For more information, visit www.threatmetrix.com or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.

© 2013 ThreatMetrix. All rights reserved. ThreatMetrix, TrustDefender ID, TrustDefender Cloud, TrustDefender Mobile, TrustDefender Client, the TrustDefender Cybercrime Protection Platform, ThreatMetrix Labs, and the ThreatMetrix logo are trademarks or registered trademarks of ThreatMetrix in the United States and other countries. All other brand, service or product names are trademarks or registered trademarks of their respective companies or owners.

Media Contacts

Dan Rampe
ThreatMetrix
Tel: 408-200-5716
Email: drampe@threatmetrix.com

Beth Kempton
WalkerSands Communications
Tel: 312.241.11178
Email: beth.kempton@walkersands.com

 

A Journey Into Adobe Flash’s Vulnerabilities and How Users Can Upgrade

Posted on January 16th, 2014 by Andreas Baumhof

Header-Andreas

This will be a blog post that will be updated continuously as we track how “normal” endusers are taking security advisories seriously.

Adobe recently released a security bulletin  (January 14, 2014) advising all users to URGENTLY update their Adobe Flash players because “These updates address critical vulnerabilities in the software.

CVE-2014-0491 and CVE-2014-0492 both concern remote code execution vulnerabilities, which means that any website you visit can silently install malware on your computer. Ever wonder how malware is installed? This is exactly how it is done.

Just to repeat this. Every single computer that has an Adobe Flash version < 12 installed is vulnerable to get malware on their device.

So let’s look into the ThreatMetrix™ Global Trust Intelligence Network (The Network) for some statistics. (The Network is powered by more than 1,900 customers protecting over 9,000 websites worldwide).

First of all, Adobe Flash is installed on over 64% of the devices that interact with ThreatMetrix customers.

 

installed

The Adobe Flash Player versions in use are:

 

versions

If we look at the important number of how many users have already upgraded to an Adobe Flash version 12 or higher, that’s 1.72%.

Not surprisingly most people upgraded last week, although “most people” is still an understatement.

protectedusers

We will track these numbers for you continuously and update this blog as it will be very interesting to see how endusers update their software.

Congratulations to a user in the United Kingdom for being the first one within The Network to make a transaction on November 14, 2013 with a Flash version 12.0.0.3 which was the first beta of the v12 on the day it came out. You made my day.

Oh, and if you haven’t done so, please upgrade your Adobe Flash player here: http://get.adobe.com/flashplayer

ThreatMetrix secures Web transactions against account takeoverpayment fraudidentity spoofing, malware, and data breaches. The ThreatMetrix Global Trust Intelligence Network, which analyzes 500 million monthly transactions, provides context-based authentication and Web fraud prevention to help companies accelerate revenue, reduce costs and eliminate friction. ThreatMetrix protects more than 1,900 customers and 9,000 websites across a variety of industries, including financial servicesenterprisee-commerce, payments, social networks, government, and insurance. For more information, visit www.threatmetrix.com or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.

 

 

ThreatMetrix Shares Strategies for Businesses to Protect Identities in Use in Support of Data Privacy Day

Posted on January 13th, 2014 by Dan Rampe

Data-Privacy-Day-PR

Businesses Must Move Beyond Focusing Merely on Data at Rest and Protect Customer Identities Against Fraudulent Activity Following Data Breaches

San Jose, Calif. – January 13, 2014 – ThreatMetrix™, the fastest-growing provider of integrated cybercrime solutions, kicks off its commitment to Data Privacy Day by announcing several strategies for businesses to protect identities in use following a data breach.

Every time an identity is used online, especially when a new account is opened, there’s a chance that identity has been stolen or compromised. However, many organizations simply focus on guarding data at rest–inactive data stored on an internal server–rather than understanding the implications of identities in use and taking action to protect them.

Following a data breach, a significant implication is that customer and corporate identities are used without an individual or company’s knowledge. A key requirement for data protection is for businesses to assure personally identifiable information is screened against unauthorized use prior to being processed. Every year, ThreatMetrix protects more than four billion transactions and identities in use and has several strategies for businesses across industries to prevent spoofed or stolen identities.

Key strategies that businesses can implement to protect identities in use include:

Device Identification – Using a visitor’s browser and machine attributes as a passive form of two-factor authentication reduces effectiveness of cybercriminals reusing stolen credentials from a new or known fraudulent device. In addition, advanced proxy piercing and virtual private network (VPN) detection capabilities eliminate IP spoofing, the most common attack vector for identity thieves.

Malware Detection – Frictionless malware detection can analyze risk on a customer’s behalf giving businesses the option to prevent access to sensitive data if there is a known Trojan on the customer’s device.

Behavior-Based Identity Proofing – Analyzing patterns of usage including locations, identities, devices and associations over time provide ‘spoof-proof’ identity screening.

Anonymized Trust Federation – Passively leveraging prior authentication and verification information across departments and organizations reduces customer friction and authentication costs.

“Cybersecurity strategies often prioritize minimizing a company’s monetary losses following a data breach over protecting customer identities and data obtained by cybercriminals,” said Alisdair Faulkner, chief products officer, ThreatMetrix. “Personal identities, both consumer and workforce, account for a large amount of identities in use, and organizations and service providers must protect individual identities by investing in frictionless customer protection and fraud prevention technologies. Examples of fraudulent activity may include using a spoofed IP address to hide online location, using work-at-home scams for stolen goods deliveries or using bots for brute force attacks against customer account passwords.”

Customer data contains sensitive information–including banking credentials, email passwords, medical information and social security numbers. Once this data is exposed, it is at risk for fraudulent activity by cybercriminals or can be sold via online crime rings. To prevent such risks, businesses need to understand how stolen identities are used against consumers and companies – including fraudulent credit card transactions, social media logins and banking logins.

“Data breaches are a key focus for cybersecurity providers, but many companies don’t consider how stolen identities are eventually used against their customers for cybercrime,” said Faulkner. “ThreatMetrix is uniquely positioned to help businesses measure and understand how identities are used online, especially regarding the risks and implications of exposed customer identities following a data breach or cyber attack.”

One of the most effective ways businesses can protect online data is through an anonymized global data repository, such as the ThreatMetrix™ Global Trust Intelligence Network (The Network), to differentiate between authentic and suspicious transactions and online activity. The Network is the most comprehensive global repository of identity and fraud data, protecting hundreds of millions of users and data points each day from cybercrime. Its real-time analytics evaluate logins, payments, new account registrations and remote access attempts for validity.

By collaborating on a global level through a shared network, businesses can effectively build trust on the Internet by mitigating cybercrime risks. Given the severity of today’s high profile data breaches, no business can afford to stand alone in the fight against cybercrime and protecting customer identities.

Data Privacy Day, sponsored by the National Cyber Security Alliance, takes place annually on January 28, and encourages businesses and consumers to make protecting privacy and data a greater priority. Due to its alignment with online data protection and cybercrime prevention, ThreatMetrix was named a Data Privacy Day Champion by the National Cyber Security Alliance, which educates and empowers a digital society to use the Internet safely at home, work and school. ThreatMetrix will publish additional news surrounding data privacy throughout the month of January.

About ThreatMetrix

ThreatMetrix secures Web transactions against account takeoverpayment fraudidentity spoofing, malware, and data breaches. The ThreatMetrix Global Trust Intelligence Network, which analyzes 500 million monthly transactions, provides context-based authentication and Web fraud prevention to help companies accelerate revenue, reduce costs and eliminate friction. ThreatMetrix protects more than 1,900 customers and 9,000 websites across a variety of industries, including financial servicesenterprisee-commerce, payments, social networks, government, and insurance. For more information, visit www.threatmetrix.com or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.

© 2013 ThreatMetrix. All rights reserved. ThreatMetrix, TrustDefender ID, TrustDefender Cloud, TrustDefender Mobile, TrustDefender Client, the TrustDefender Cybercrime Protection Platform, ThreatMetrix Labs, and the ThreatMetrix logo are trademarks or registered trademarks of ThreatMetrix in the United States and other countries. All other brand, service or product names are trademarks or registered trademarks of their respective companies or owners.

Media Contacts

Dan Rampe
ThreatMetrix
Tel: 408-200-5716
Email: drampe@threatmetrix.com

Beth Kempton
WalkerSands Communications
Tel: 312.241.11178
Email: beth.kempton@walkersands.com