Fed Releases 2013 Payments Study to Mixed Reviews

Posted on August 21st, 2014 by Dan Rampe

Federal Reserve

First Time That Federal Reserve Study Addresses Fraud Related to Payments

According to the study, in 2012, 13.7 million fraudulent transactions involved credit cards, totaling $2.3 billion; 14.9 million involved debit or prepaid cards, totaling $1.5 billion; and 1.3 million, totaling $300 million, were fraudulent ATM withdrawals.

In her piece on bankinfosecurity.com (link to article), Tracy Kitten cites industry experts as saying “the new fraud data in the study [though] based on a 2012 survey of more than 1,300 U.S. banking institutions, payments processors and independent card issuers, will prove valuable to banks because it helps to highlight emerging fraud trends [and because questions about third-party fraud were added.]”

CNP three times more susceptible to fraud

The value of card-present fraud totaled $2.4 billion compared to card-not-present fraud, which totaled $1.6 billion. However, while the value of fraudulent CNP transactions was lower, the number of the fraudulent CNP transactions was three times greater than those reported for card-present fraud. And the CNP fraud rate for credit cards was the highest for all types of unauthorized third-party card transactions.

Third party card transactions

Jim McKee, a senior vice president of the Federal Reserve Bank of Atlanta, who was a key contributor to the study, pointed out that institutions were only asked to provide information about unauthorized third-party transactions they processed, not fraud they may have suspected or believed could be related to a retail breach. In his view the “Payments Study provides a helpful groundwork regarding ongoing payment trends.”

Reviews mixed

Tom Wills, a payments fraud expert, said the level of detail about third-party fraud is definitely of value to bankers. “It will help them determine what kind of resources to allocate for security and fraud programs. Different types of fraud indicate different types of countermeasures. For example, countermeasures for account-takeover fraud are different from those for online card fraud. Granular, quality data about fraud on a public level has historically been hard to come by, so I expect that bankers will welcome this additional insight.”

But financial fraud expert Shirley Inscoe, an Aite analyst, said she hopes future reports would include more detail about fraud losses. “This is great data; but it’s unfortunate the Fed did not also gather the same information concerning fraud losses. That would be a subset of the numbers reported and would also help quantify how good a job [financial institutions] are doing, overall, with their fraud-prevention efforts.”

ThreatMetrix® builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions. These solutions authenticate consumer and workforce access to mission critical applications using real-time identity and access analytics that leverage the world’s largest trusted identity network.

ThreatMetrix secures enterprise applications against account takeover, payment fraud, fraudulent account registrations, malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes over 500 million monthly transactions and protects more than 160 million active user accounts across 2,500 customers and 10,000 websites.

The ThreatMetrix solution is deployed across a variety of industries, including financial services, enterprise, e-commerce, payments, social networks, government and insurance.

For more information, visit www.threatmetrix.com or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.

Royal Blue Not Your Color?

Posted on August 20th, 2014 by Dan Rampe

Facebook

Clicking on “Facebook Color Changer” App Will Leave You Purple —with Rage.

Okay you don’t like Facebook’s standard royal blue. Well there’s an app called “Facebook color changer” that promises to change the color of your Facebook page from royal blue to any color you choose.

Don’t click on it

However, if you click on it, writes Dave Smith on businessinsider.com (link to article), you’ll end up rerouted to a malicious phishing site whose aim is infecting your computer.

10, 000 victims

The scam was discovered by Cheetah Mobile security researchers who say more than 10,000 people around the world have become victims. Smith writes that the app (maybe trap is a better word) works like this:

[When users click on the app, they are] directed to a phishing website that steals [user] Facebook “access tokens.” [Hackers] can use [the tokens] to connect with [users’] Facebook friends and spam them.

The Facebook color malware can also prompt users to download a separate video application, or a separate app if [they’re] using an Android phone. Both pieces of software contain malware, which could be used for more nefarious purposes than scamming [users’] friends, particularly if the malware can log…keystrokes or access other data points on [on users’ computers.]

How to get rid of it

Anyone inadvertently clicking on the “Facebook color changer” app can remove it by going to Facebook app settings. However, after removing the app, Cheetah Mobile recommends the user change his/her password.

After all this, you still can’t stand looking at a royal blue Facebook page. Then, go to Google Chrome and try the “Color My Facebook” add-on, which Smith notes, “lets you change the color scheme to pretty much any color you could think of.”

Wonder if it works for plaid.

ThreatMetrix® builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions. These solutions authenticate consumer and workforce access to mission critical applications using real-time identity and access analytics that leverage the world’s largest trusted identity network.

ThreatMetrix secures enterprise applications against account takeover, payment fraud, fraudulent account registrations, malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes over 500 million monthly transactions and protects more than 160 million active user accounts across 2,500 customers and 10,000 websites.

The ThreatMetrix solution is deployed across a variety of industries, including financial services, enterprise, e-commerce, payments, social networks, government and insurance.

For more information, visit www.threatmetrix.com or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.

 

ThreatMetrix Named One of 100 Most Promising Technology Companies in USA

Posted on August 19th, 2014 by Dan Rampe

CIO Review

Leading Technology Magazine of Enterprise Solutions, CIOReview, Places ThreatMetrix on Its CIOReview 100 List

The CIOReview 100 is a list of the “100 Most Promising Technology Companies in the U.S.” Honored are companies using powerful next-generation technologies to enable their customers to break through old performance barriers and improve business.

Put together each year by a distinguished panel of CEOs, CIOs and industry analysts including CIOReview’s own editorial board, this year’s list includes ThreatMetrix, a leader in context-based security and advanced fraud prevention.

“Recognition by the CIOReview 100 serves as validation of our continued innovation in context-based authentication and advanced fraud prevention,” said Bert Rankin, chief marketing officer, ThreatMetrix. “While we are incredibly invested in protecting our customers’ businesses from fraudsters, we also place equal weight on making sure we maintain a great customer experience for their users in the process. Our fraud and security solutions leverage a collective network to provide real-time insights, blocking out potential threats without adding additional authentication steps for good users.”

With its commitment to building trust on the Internet, an effort requiring frequent solution updates and enhancements, in July ThreatMetrix announced a new patent which “builds off” of its cookieless device identification using fuzzy matching technology to globally recognize trusted customers and cybercriminals.

With patents that help companies identify, recognize and stop attackers in their tracks, ThreatMetrix helps businesses remain secure and prevents cybercriminals from compromising online identities.

For a full list of winners, visit http://cioreview100.cioreview.com/.

In addition to being named to the CIOReview 100, ThreatMetrix 2014 awards include:

  • Recognized as a Silver Winner in the “Enterprise Product of the Year – Software” Category by the Best in Biz Awards 2014 International
  • Named to the 2014 AlwaysOn Global 250 Top Private Companies List
  • Named to the 2014 Lead411 Hottest Companies in Silicon Valley list
  • Products Guide (NPG) 2014 Hot Companies and Best Product Award Winner for the “Best Products and Services – Information Security and Risk Management” category and also in the “Best Products and Services – Security Software” category.
  • Judges Choice for Best Overall Fraud/Security Solution at the 2014 CardNotPresent.com (CNP) Awards for the ThreatMetrix TrustDefender Cybercrime Protection Platform
  • A 2014 Info Security Products Guide Global Excellence Award for Most Innovative Company of the Year (Security)
  • 2014 Cyber Defense Magazine Award Winner in 2 Categories: Most Innovative Anti-Malware Appliances Solution & Best Product Network Access Control Solution

ThreatMetrix® builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions. These solutions authenticate consumer and workforce access to mission critical applications using real-time identity and access analytics that leverage the world’s largest trusted identity network.

ThreatMetrix secures enterprise applications against account takeover, payment fraud, fraudulent account registrations, malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes over 500 million monthly transactions and protects more than 160 million active user accounts across 2,500 customers and 10,000 websites.

The ThreatMetrix solution is deployed across a variety of industries, including financial services, enterprise, e-commerce, payments, social networks, government and insurance.

For more information, visit www.threatmetrix.com or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.

 

ThreatMetrix Selected as One of CIOReview100’s Most Promising Technology Companies

Posted on August 19th, 2014 by Dan Rampe

Context-Based Security and Advanced Fraud Prevention Provider Recognized for Powerful, Flexible and Cost-Effective Security Solutions

San Jose, CA – August 19, 2014 – ThreatMetrix®, the fastest-growing provider of context-based security and advanced fraud prevention solutions, today announced it has been recognized by CIOReview as one of the “100 Most Promising Technology Companies in the U.S.”

CIOReview100 is an annual list selected by a panel comprised of top CEOs, CIOs and industry analysts including the CIOReview editorial board to honor the top 100 technology companies in the U.S. This year, the list honored the most promising technology companies for their use of powerful next generation technologies such as cloud, mobile and big data. The list distinguishes companies that enable their customers to break through old performance barriers and improve their businesses.

“Recognition by the CIOReview100 serves as validation of our continued innovation in context-based authentication and advanced fraud prevention,” said Bert Rankin, chief marketing officer, ThreatMetrix. “While we are incredibly invested in protecting our customers’ businesses from fraudsters, we also place equal weight on making sure we maintain a great customer experience for their users in the process. Our fraud and security solutions leverage a collective network to provide real-time insights, blocking out potential threats without adding additional authentication steps for good users.”

In July 2014, ThreatMetrix announced the addition of a new patent that builds off of its cookieless device identification, using fuzzy matching technology to globally recognize trusted customers and cybercriminals.ThreatMetrix is committed to building trust on the Internet, which requires frequently updating and enhancing its solutions with patented technologies. Through the frequent addition of patents that help companies identify, recognize and thwart attackers, ThreatMetrix helps to keep businesses secure and prevent cybercriminals from compromising online identities.

For a full list of winners, visit http://cioreview100.cioreview.com/.

In addition to being named to the CIOReview100, ThreatMetrix has been recognized through several additional awards so far this year:

  • Recognized as a Silver Winner in the “Enterprise Product of the Year – Software” Category by the Best in Biz Awards 2014 International
  • Named to the 2014 AlwaysOn Global 250 Top Private Companies List
  • Named to the 2014 Lead411 Hottest Companies in Silicon Valley list
  • Products Guide (NPG) 2014 Hot Companies and Best Product Award Winner for the “Best Products and Services – Information Security and Risk Management” category and also in the “Best Products and Services – Security Software” category.
  • Judges Choice for Best Overall Fraud/Security Solution at the 2014 CardNotPresent.com (CNP) Awards for the ThreatMetrix TrustDefender Cybercrime Protection Platform
  • A 2014 Info Security Products Guide Global Excellence Award for Most Innovative Company of the Year (Security)
  • 2014 Cyber Defense Magazine Award Winner in 2 Categories: Most Innovative Anti-Malware Appliances Solution & Best Product Network Access Control Solution

ThreatMetrix Resources

About ThreatMetrix

ThreatMetrix builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions. These solutions authenticate consumer and workforce access to mission critical applications using real-time identity and access analytics that leverage the world’s largest trusted identity network.

ThreatMetrix secures enterprise applications against account takeover, payment fraud, fraudulent account registrations, malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes over 500 million monthly transactions and protects more than 160 million active user accounts across 2,500 customers and 10,000 websites.

The ThreatMetrix solution is deployed across a variety of industries, including financial services, enterprise, e-commerce, payments, social networks, government and insurance.

For more information, visit www.threatmetrix.com or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.

About CIOReview

CIOReview is a technology magazine that talks about the enterprise solutions that can redefine the business goals of enterprises tomorrow. It is the leading source that shares innovative enterprise solutions developed by established solutions providers, upcoming hot enterprises and is a neutral source for technology decision makers. Published from Fremont, California, CIO Review is an excellent platform for the enterprise to showcase their innovative solutions. While U.S. enterprise market is growing exponentially, there is a vacuum among entrepreneurs of enterprise startups. We believe that there is no other platform which gives companies a heads up on the innovative solutions that the startups are working on, what are the needs that haven’t been met yet and more. CIO Review will act as a platform allowing high level executives in the enterprises to share their insights, which in turn will help the enterprise startup ecosystem, help technology and business leaders with analysis on information technology trends and give a better understanding of the role that enterprise solutions play in achieving the business goals.

© 2014 ThreatMetrix. All rights reserved. ThreatMetrix, TrustDefender ID, TrustDefender Cloud, TrustDefender Mobile, TrustDefender Client, the TrustDefender Cybercrime Protection Platform, ThreatMetrix Labs, and the ThreatMetrix logo are trademarks or registered trademarks of ThreatMetrix in the United States and other countries. All other brand, service or product names are trademarks or registered trademarks of their respective companies or owners.

Media Contacts
Dan Rampe
ThreatMetrix
Tel: 408-200-5716
Email: drampe@threatmetrix.com

Beth Kempton
WalkerSands Communications
Tel: 312.241.11178
Email: beth.kempton@walkersands.com

 

 

Plastic Has Holes Bad Actors Can Squeeze Through

Posted on August 18th, 2014 by Dan Rampe

Credit Card Fraud

Europe Records All-Time Card-Fraud Losses While More Genuine User Transactions Blocked

According to an article on cardnotpresent.com (link to article), overall losses to card fraud in the U.K. are the highest since 2008 and, “like many other countries that have migrated to chip-and-PIN, card-not-present fraud leads the way.” In one year, U.K. CNP losses jumped from $414 million to more than $505 million. In fact, when it came to losses from fraud, the U.K. and Russia led the way. Click this link for a European map of card fraud.

Blocking good customers

Martin Warwick, a principal fraud consultant at FICO, noted, “When fraud losses peaked in 2008, U.K. issuers sharply reduced card fraud through chip and PIN and fraud analytics. However, tougher fraud detection policies and thresholds also block more genuine transactions, and now the focus for U.K. banks and regulators is very much on improving the customer experience.”

ThreatMetrix® builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions. These solutions authenticate consumer and workforce access to mission critical applications using real-time identity and access analytics that leverage the world’s largest trusted identity network.

ThreatMetrix secures enterprise applications against account takeover, payment fraud, fraudulent account registrations, malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes over 500 million monthly transactions and protects more than 160 million active user accounts across 2,500 customers and 10,000 websites.

The ThreatMetrix solution is deployed across a variety of industries, including financial services, enterprise, e-commerce, payments, social networks, government and insurance.

For more information, visit www.threatmetrix.com or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.

The Customer Is Always Right — Right Out the Door

Posted on August 14th, 2014 by Dan Rampe

Data Breach

Breaches and Compromised Records Have Retail Customers Heading for the Exits in Droves

So far in 2014, according to security company SafeNet, there have been some 559 data breaches affecting 375 million records. SafeNet’s Breach Level Index second quarter report says from April to June 237 breaches resulted in over 175 million records compromised, 83 percent of which were in the retail industry.

Strong security platforms protect data

In her piece on itbusinessedge.com (link to article), Sue Marquette Poremba observes, “Less than 1 percent of all of the data breaches in the second quarter happened to networks that used encryption or strong security platforms to protect the data. [Not] every security system is foolproof, but you greatly improve your chances of avoiding a breach if you put strong security practices in place…. [And once] a customer discovers a company has been breached, he or she is not likely returning.”

Breaches are bad business

Poremba cites a Yahoo Finance report of more than 4,500 adults in the USA, UK, Germany, Japan, and Australia. The report found “nearly two-thirds (65 percent) of respondents would never or were very unlikely to shop or do business again with a company that had experienced a data breach where financial data (credit card information, bank account number, or associated login details) was stolen.”

The SafeNet report’s answer to keeping customers and keeping out the guys is stronger encryption and improved user access to the network. While agreeing that the advice is good, Poremba points out she doesn’t think it’s an easy fix.

Everyone in the company has to be on the same page

“First you have to get everyone in the company, from leadership on down to the stock room, on board with the need to practice better security. Perhaps the way to approach this is to make them understand that their jobs are on the line. After all, if customers walk away because your company suffered a breach, would your business be able to survive?”

ThreatMetrix® builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions. These solutions authenticate consumer and workforce access to mission critical applications using real-time identity and access analytics that leverage the world’s largest trusted identity network.

ThreatMetrix secures enterprise applications against account takeover, payment fraud, fraudulent account registrations, malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes over 500 million monthly transactions and protects more than 160 million active user accounts across 2,500 customers and 10,000 websites.

The ThreatMetrix solution is deployed across a variety of industries, including financial services, enterprise, e-commerce, payments, social networks, government and insurance.

For more information, visit www.threatmetrix.com or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.

Students, Teachers and Administrators Have a Lot to Learn about Cybersecurity This Semester — And There’s No Better Instructor than ThreatMetrix

Posted on August 13th, 2014 by Dan Rampe

Lecture Hall

More Mobile Devices, More Online Courses, More Student Online Data Storage and More Online Testing Mean More Cybercriminals are Looking to Cash in This Fall

“As students of all ages head back to school, they’ll most likely arrive with mobile devices in hand and on top of that many will receive tablets directly from school” said Alisdair Faulkner, chief products officer, ThreatMetrix. “However, increased device usage leads to an immense amount of sensitive information shared online and many students aren’t aware that online and mobile activities expose that information to cybercriminals.”

Following are the top risks for students with mobile devices to be aware of:

  • iPhone 6 with Apple E-Wallet – If the rumors are true, the newest iPhone will come equipped with an “e-wallet” that lets users pay for goods in-store with their iPhones. This will make the iPhone 6 a much bigger target for cybercriminals because the iPhone will not only hold users’ credit card data, but sensitive material such as passwords and banking info. Those who upgrade to the iPhone 6 will have to take extra care.
  • Malicious Links and Apps – Often to save money, students (and others) will download unauthorized apps from third-party sources. These downloads are prime hiding places for malware that can offer cybercriminals easy access to personal information stored on the devices. Additionally, students should be aware of malicious links offering free textbooks or test answers and “too good to be true” links. In short, they should only click on links and download apps from trusted sources.
  • Online Storage – Many students have not only their schoolwork and assignments stored with companies like Dropbox, they also use it for sharing photos and videos. While password protection isn’t foolproof, students and others should always use complex passwords and make them unique to each site.
  • Public Wi-Fi Networks –With public Wi-Fi widely available these days, many students will choose to complete their work in coffee houses or libraries over public networks – but those networks are only as secure as their weakest link. Students should avoid online banking activities and accessing other sensitive information over public networks, such as student portals with their tuition information.
  • Jailbroken Devices – Tech savvy students want access to the most personalized features, often prompting them to jailbreak their smartphones or even their school-provided tablets. This usually means deactivating a device’s security to download unauthorized applications and customized features. However, jailbreaking devices comes with consequences that students often ignore, such as downloading malicious apps.

Educational institutions are under threat of attack when students access online educational portals with infected jailbroken devices. Therefore, institutions should consider implementing a platform that can detect jailbroken devices to protect stored data such as student identity and tuition information, as well as denying access to students using jailbroken devices.

“While many of the security risks associated with going back to school this year fall onto students, educational institutions must also take steps to protect students from threats beyond their personal devices and activities,” said Faulkner. “Schools are incredibly concerned with their students’ success and well-being, but often don’t see how that translates to their online activities. Unfortunately, if a cybercriminal accesses a student’s information through an educational institution’s online portal, the results of that can be catastrophic to that student and their future.”

As schools shift everything from administering tests, lesson plans and student data online, they must ensure that none of this information can be accessed by cybercriminals. Educational institutions should be aware of risk associated with:

  • Online Student Data – In February, the University of Maryland was the target of a sophisticated attack that exposed the sensitive information (including names and Social Security numbers) of more than 200,000 students who enrolled at the university between 1998 and 2014. As the largest debt asset fund in the country, U.S. colleges and universities are a massive target for cybercriminals. Because of this, schools must take measures, such as implementing advanced fraud prevention and context-based authentication to differentiate between legitimate students and potential cybercriminals to ensure their online student records are secure. If students’ identities are compromised through their school records, it can have an impact that follows them throughout their lives.
  • Online Test Delivery – In addition to keeping student data secure, determining whether students are who they claim to be when taking online tests and lessons can be difficult for educational institutions. Schools should consider implementing a security solution that uses contextual factors beyond IP addresses and cookies to deter cheating or sabotage associated with online testing.
  • Bring-Your-Own-Device (BYOD) –. Many students bring their laptops and tablets from home to take notes in class, take tests online and access their school’s online portal for lesson plans and activities. Educational institutions should be sure they are implementing secure BYOD policies, such as monitoring logins in real-time and ensuring no one is accessing data that should not be available to them.

It’s up to students to protect their devices and schools and universities to protect their online resources. To that end, educational institutions should consider the assistance of a third-party solution to screen for suspicious online activities, such as the ThreatMetrix™ Global Trust Intelligence Network, which leverages data from a collective global network for real-time threat intelligence.

ThreatMetrix® builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions. These solutions authenticate consumer and workforce access to mission critical applications using real-time identity and access analytics that leverage the world’s largest trusted identity network.

ThreatMetrix secures enterprise applications against account takeover, payment fraud, fraudulent account registrations, malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes over 500 million monthly transactions and protects more than 160 million active user accounts across 2,500 customers and 10,000 websites.

The ThreatMetrix solution is deployed across a variety of industries, including financial services, enterprise, e-commerce, payments, social networks, government and insurance.

For more information, visit www.threatmetrix.com or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.

 

 

 

 

ThreatMetrix Outlines Back to School Cybersecurity Risks and Strategies for Students and Educators

Posted on August 13th, 2014 by Dan Rampe

As Mobile Adoption and Online Educational Resources Continue to Grow, Now is the Time for a Lesson in Cybersecurity

San Jose, CA – August 13, 2014 – ThreatMetrix®, the fastest-growing provider of context-based security and advanced fraud prevention solutions, today announced the top cyber threats for students and education professionals to look out for in the upcoming 2014-2015 school year. As mobile usage becomes widely accepted at schools and online testing and student data storage become more commonplace, ThreatMetrix urges students and educational institutions to prepare for the associated risks.

“As students of all ages head back to school, they’ll most likely arrive with mobile devices in hand and on top of that many will receive tablets directly from school” said Alisdair Faulkner, chief products officer, ThreatMetrix. “However, increased device usage leads to an immense amount of sensitive information shared online and many students aren’t aware that online and mobile activities expose that information to cybercriminals.”

With the mobile student in mind, ThreatMetrix has outlined the top risks for students to be aware of as we enter the upcoming school year. These include:

  • iPhone 6 with Apple E-Wallet – If the rumors are true, the newest iPhone will come equipped with an “e-wallet” that will allow users to pay for goods in-store with nothing more than their phone. This will make the iPhone 6 a much bigger target for cybercriminals – it will not only hold the user’s credit card information, but extensive sensitive information such as passwords and banking info. Students who upgrade to the iPhone 6 will need to take extra care with their devices and keep them close at all times.
  • Malicious Links and Apps – Students often download unauthorized apps from third-party sources, many of which can be fraudulent. Downloading fraudulent apps can expose mobile devices to malware and offer cybercriminals easy access to personal information stored on devices. Additionally, students should be aware of malicious links that could expose their devices to malware, such as links offering free textbooks or test answers that could be indicative of a scam. Students should be wary of “too good to be true” links and only click through links and download apps from trusted sources.
  • Online Storage – Many students store not only their schoolwork and assignments with companies such as Dropbox, they also use it for sharing photos and videos. Students must make sure to use a sufficiently complex password unique for that site to avoid cyber hacking and compromised information becoming public.
  • Public Wi-Fi Networks –With public Wi-Fi widely available these days, many students will choose to complete their work in coffee houses or libraries over public networks – but those networks are only as secure as their weakest link. Students should avoid online banking activities and accessing other sensitive information over public networks, such as student portals with their tuition information.
  • Jailbroken Devices – Tech savvy students want access to the most personalized features, often prompting them to jailbreak their smartphones or even their school-provided tablets, which means deactivating the device’s security to download unauthorized applications and customized features. However, jailbreaking devices comes with consequences that students often ignore, such as downloading malicious apps that can infect their devices with malware. Educational institutions can also be threatened if students are accessing their online educational portals with jailbroken devices that could be infected with malware. They should consider implementing a platform that can detect jailbroken devices to protect data stored in their online portals, such as student identity and tuition information, as well as denying access to the portal for students using jailbroken devices, deterring students from doing so.

“While many of the security risks associated with going back to school this year fall onto students, educational institutions must also take steps to protect students from threats beyond their personal devices and activities,” said Faulkner. “Schools are incredibly concerned with their students’ success and well-being, but often don’t see how that translates to their online activities. Unfortunately, if a cybercriminal accesses a student’s information through an educational institution’s online portal, the results of that can be catastrophic to that student and their future.”

As schools shift everything from administering tests, lesson plans and student data online, they must ensure that none of this information can be accessed by cybercriminals. Educational institutions should be on the lookout for risks associated with:

  • Online Student Data –In February, the University of Maryland was the target of a sophisticated attack that exposed the sensitive information (including names and Social Security numbers) of more than 200,000 students who enrolled at the university between 1998 and 2014. As one of the largest sources of debt in the country, U.S. colleges and universities are a massive target for cybercriminals. Because of this, schools must take measures, such as implementing advanced fraud prevention and context-based authentication to differentiate between legitimate students and potential cybercriminals to ensure their online student records are secure. If students’ identities are compromised through their school records, it can have an impact that follows them throughout their lives.
  • Online Test Delivery – In addition to keeping student data secure, determining whether or not students are who they claim to be when administering tests and lessons online can be very difficult for educational institutions. Schools should consider implementing a security solution that uses contextual factors beyond IP addresses and cookies to determine whether a student is who they claim to be to deter cheating or sabotage associated with online testing.
  • Bring-Your-Own-Device (BYOD) – As BYOD becomes more accepted in the workplace, it is also more accepted at schools, especially universities. Many students bring their laptops and tablets from home to take notes in class, take tests online and access their school’s online portal for lesson plans and activities. Educational institutions should be sure they are implementing secure BYOD policies, such as monitoring logins in real-time and ensuring no one is accessing data that should not be available to them.

This year, students will head back to school with all of their devices – mobile devices (perhaps even the new iPhone 6), tablets and laptops – within arms-reach. Staying one step ahead of the many risks associated with their school-related activities through added security measures is the first step in students staying protected. Educational institutions should also consider the assistance of a third-party solution to screen for suspicious online activities, such as the ThreatMetrix™ Global Trust Intelligence Network, which leverages data from a collective global network for real-time threat intelligence.

ThreatMetrix Resources

About ThreatMetrix

ThreatMetrix builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions. These solutions authenticate consumer and workforce access to mission critical applications using real-time identity and access analytics that leverage the world’s largest trusted identity network.

ThreatMetrix secures enterprise applications against account takeover, payment fraud, fraudulent account registrations, malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes over 500 million monthly transactions and protects more than 160 million active user accounts across 2,500 customers and 10,000 websites.

The ThreatMetrix solution is deployed across a variety of industries, including financial services, enterprise, e-commerce, payments, social networks, government and insurance.

For more information, visit www.threatmetrix.com or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.

© 2014 ThreatMetrix. All rights reserved. ThreatMetrix, TrustDefender ID, TrustDefender Cloud, TrustDefender Mobile, TrustDefender Client, the TrustDefender Cybercrime Protection Platform, ThreatMetrix Labs, and the ThreatMetrix logo are trademarks or registered trademarks of ThreatMetrix in the United States and other countries. All other brand, service or product names are trademarks or registered trademarks of their respective companies or owners.

Media Contacts
Dan Rampe
ThreatMetrix
Tel: 408-200-5716
Email: drampe@threatmetrix.com

Beth Kempton
WalkerSands Communications
Tel: 312.241.11178
Email: beth.kempton@walkersands.com

 

 

Everybody in Australia Will Be Just a Number

Posted on August 8th, 2014 by Dan Rampe

PINwise

PINs Replace Credit Card Signatures in Effort to Crack Down on Fraud Down Under

From August 1, 2014 on, PINs will be the primary form of authorization for cardholders as banks and card companies attempt to slash fraud which has cost Australia some $262 million between 2010 and 2012.

One million not ready

In a piece on smh.com.au (link to article), Kim Arlington quotes Nicole Pedersen-McKinnon, consumer spokesperson for the payment industry’s PINwise campaign, saying, “There are 1 million consumers who are far from ready for this move. [Either they] don’t have PINs or are not yet using their PINs.”

Across Australia, 800,000 merchant payment terminals will upload a software update that makes signatures obsolete.

What happens to people who can’t remember PINs?

Banks will issue signature-preferred cards for people who, for mental or physical reasons, struggle to remember a PIN or use a terminal keypad. The cards have a different built-in verification code which lets customers sign rather than provide a PIN.

Talk about bad advice

Ian Yates, chief executive for the Council on the Ageing Australia, said the Council had reports of bank staff advising elderly people with memory problems to write down their PIN and carry it with them. ‘‘I’m sure that’s not the official bank position … but that’s what some people will do,’’ Yates said. ‘‘The security implications are worrying.’’

And there’s the visually impaired

Greg Madson, president of Blind Citizens Australia, said older members of his organization had never navigated a terminal keypad. “We will be advocating for some sort of uniformity across the design of these [terminals] so that people who are vision impaired … [do] not have to struggle around the keyboard.”

On behalf of Australian retailers

“Retailers just do not look at these signatures,” noted Russell Zimmerman, executive director of the Australian Retailers Association, who knew of one man who regularly signed for credit card purchases as “Mickey Mouse.” Hmmm. Did the guy have big ears, white gloves and a squeaky voice?

ThreatMetrix® builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions. These solutions authenticate consumer and workforce access to mission critical applications using real-time identity and access analytics that leverage the world’s largest trusted identity network.

ThreatMetrix secures enterprise applications against account takeover, payment fraud, fraudulent account registrations, malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes over 500 million monthly transactions and protects more than 160 million active user accounts across 2,500 customers and 10,000 websites.

The ThreatMetrix solution is deployed across a variety of industries, including financial services, enterprise, e-commerce, payments, social networks, government and insurance.

For more information, visit www.threatmetrix.com or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.

 

 

 

ThreatMetrix Winner: Best in Biz Awards 2014 International

Posted on August 5th, 2014 by Dan Rampe

BestinBizAwards_final_2013_international_green

ThreatMetrix Takes Silver in “Enterprise Product of the Year – Software”

Representing virtually every sector of the economy, the Best in Biz Awards 2014 International recognizes success in a number of categories as judged by industry analysts and members of the press. Journalists from financial, business and trade publications as well as industry experts objectively evaluate each of the entries to choose the world’s top companies, teams, executives and products.

“It’s quite a feat to not only be recognized among other major providers of cybersecurity solutions, but among companies of varying industries and scope around the world,” said Reed Taussig, CEO, ThreatMetrix. “Our TrustDefender Cybercrime Protection Platformenables us to differentiate ourselves from other providers of security and fraud prevention solutions as well as other global companies in the enterprise software industry. Through the platform, we can quickly identify threats and protect our enterprise customers and businesses across industries in real time.”

Leveraging the power of the ThreatMetrix™ Global Trust Intelligence Network (The Network), the TrustDefender Cybercrime Protection Platform creates trust across all types of online transactions. It guards against account takeover, card-not-present, and fictitious account registration fraud.

The Network – the largest trusted identity network of shared intelligence – processes transactions using shared intelligence that provides predictive analytics to protect online businesses and reduce customer friction.

Recently, ThreatMetrix expanded its enterprise solutions through its integration with Ping Identity’s PingFederate identity bridge. Integrating ThreatMetrix and PingFederate leverages context-based authentication and single sign-on. This enables enterprises to deliver users secure, frictionless access to their business productivity applications.

For a full list of winners, visit http://intl.bestinbizawards.com/intl-2014-winners/.

In addition to Best in Biz International Awards, ThreatMetrix has been recognized through several additional awards so far this year:

  • Named to the 2014 AlwaysOn Global 250 Top Private Companies List
  • Named to the 2014 Lead411 Hottest Companies in Silicon Valley list
  • Products Guide (NPG) 2014 Hot Companies and Best Product Award Winner for the “Best Products and Services – Information Security and Risk Management” category and also in the “Best Products and Services – Security Software” category.
  • Judges Choice for Best Overall Fraud/Security Solution at the 2014 CardNotPresent.com (CNP) Awards for the ThreatMetrix TrustDefender Cybercrime Protection Platform
  • A 2014 Info Security Products Guide Global Excellence Award for Most Innovative Company of the Year (Security)
  • 2014 Cyber Defense Magazine Award Winner in 2 Categories: Most Innovative Anti-Malware Appliances Solution & Best Product Network Access Control Solution

ThreatMetrix® builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions. These solutions authenticate consumer and workforce access to mission critical applications using real-time identity and access analytics that leverage the world’s largest trusted identity network.

ThreatMetrix secures enterprise applications against account takeover, payment fraud, fraudulent account registrations, malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes over 500 million monthly transactions and protects more than 160 million active user accounts across 2,500 customers and 10,000 websites.

The ThreatMetrix solution is deployed across a variety of industries, including financial services, enterprise, e-commerce, payments, social networks, government and insurance.

For more information, visit www.threatmetrix.com or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.