You Can Never Start Too Early

Posted on September 1st, 2014 by Dan Rampe

Cybersecurity Club

Camp Prepares 9th to 12th Graders for Cybersecurity Threats

With some hackers not yet out of their teens before they’re into cybercrime, it makes sense that there would be a camp for high school students to learn about online threats. Seventy-five teenagers in one Virginia county are getting that opportunity in the Marshall Academy’s third annual camp.

In her piece on fairfaxtimes.com, Kate Yanchulis outlines what the camp is like and what the students learn, including how to avoid hackers and handle cyberbullying. The following has been excerpted from Yanchulis’ piece and edited to fit our format. You may find her full article by clicking on this link.

Teenagers stared with wide eyes at their laptops … as Ryan Walters told them that more than 90 percent of their computers likely had been hacked or infected by a virus. Of the 75 campers gathered at McLean High School for a cyber security camp, only one girl could rest easy, said camp leader Walters. Her new laptop had never been powered up.

But [Walters] told students not to feel too bad about their security lapses. Walters, a former Air Force captain who worked on government defense systems, said at least 30 percent of the U.S. Defense Department’s network is considered compromised.

The realities of cyber security — on both a large and small scale — provide the backbone for the camp.

Marshall Academy offers [Fairfax county Virginia] students specialized technical education courses in several subject areas, including information technology. The $185 registration fee for the camp goes toward Marshall Academy’s cybersecurity club.

The camp divides students into beginner and advanced cohorts and teaches students the basic elements of cybersecurity as well as providing hands-on experience, Walters said. Walters, now a digital entrepreneur, founded Marshall Academy’s club three years ago with his son Jacob, then a freshman. Walters serves as a mentor for the club and lead instructor for the camp.

Charles Britt of SySTEMic Solutions [which provides support for the program], says, “With this camp, we want to offer exposure to the cybersecurity field to as many students as possible.”

Marshall Academy’s cybersecurity club counts 60 students as members. The club teaches students about cybersecurity and also takes part in annual cyber security competitions. The money from the camp goes toward competition fees [and the] club is a three-time national finalist in CyberPatriot competitions.

While the camp has proved a fertile ground for developing future cybersecurity team members, Walters said he just wants students to learn how to protect themselves online, whether from hacking or cyberbullying

ThreatMetrix® builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions. These solutions authenticate consumer and workforce access to mission critical applications using real-time identity and access analytics that leverage the world’s largest trusted identity network.

ThreatMetrix secures enterprise applications against account takeover, payment fraud, fraudulent account registrations, malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes over 500 million monthly transactions and protects more than 160 million active user accounts across 2,500 customers and 10,000 websites.

The ThreatMetrix solution is deployed across a variety of industries, including financial services, enterprise, e-commerce, payments, social networks, government and insurance.

For more information, visit www.threatmetrix.com or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.

 

Who Hacked JPMorgan Chase; 4 Other Banks — and Why?

Posted on August 28th, 2014 by Dan Rampe

jp morgan

Was It for Money? Industrial Espionage? A Response to Sanctions? State-Sponsored or Plain Criminal? Is Russia Involved? Or Iran?

While a myriad of unanswered questions hang in the air, one thing is certain. Whoever did it made off with gigabytes of data including checking and savings account information at four or more banks. The attacks were coordinated and highly sophisticated.

In her nytimes.com story, Nicole Perlroth taps a number of her sources, including four people who are familiar with the investigation, to discover who might be responsible, the reason for the attacks and how the attacks were carried out. The following has been excerpted from Perlroth’s piece and edited to fit our format. You may find her full article by clicking on this link.

The FBI is involved in the investigation, and in the past few weeks a number of security firms have been brought in to conduct forensic studies of the penetrated computer networks.

[To date] JPMorgan Chase has not seen any increased fraud levels, one person familiar with the situation said.

The Russians?

The intrusions were first reported by Bloomberg, which indicated that they were the work of Russian hackers. But security experts and government officials said they had not yet made that conclusion.

Earlier this year…a security firm in Dallas …warned companies that they should be prepared for cyberattacks from Russia in retaliation for Western economic sanctions.

But [security expert] Adam Meyers…said that it would be “premature” to suggest the attacks were motivated by sanctions.

A bit of Russians history

Russian hackers began a month-long online assault on Estonia in 2007 that nearly crippled the Baltic nation, after Estonian government workers moved a Soviet-era war memorial from the Estonian capital.

Cyberthieves?

Still, security experts say that the stealthy nature of the recent attacks suggests that their motivation was not political. The American banking sector has been a frequent target for hackers over the past few years, with the vast majority of attacks motivated by financial theft.

Iranians?

But not all of them. Over the past two years, banks have been targeted in a series of politically motivated attacks from Iran, in which a group of Iranian hackers flooded United States banking sites with so much online traffic — a method called a distributed denial of service, or DDoS, attack — that the websites slowed or intermittently collapsed under the load.

Hackers who took credit for those attacks said they went after the banks in retaliation for an anti-Islam video that mocked the Prophet Muhammad, and pledged to continue the attacks until the video was removed from the Internet.

American intelligence officials said the group was actually a cover for the Iranian government. Officials claimed Iran was waging the attacks in retaliation for Western economic sanctions and for a series of attacks on its own systems.

Unlike like the attacks traced to Iran, the recent hacks against the American banks were not intended to disrupt the bank’s services but appeared to be part of a financial or intelligence-gathering effort, three people briefed on the investigations said.

Stealing business intelligence?

Mr. Meyers…said hackers could have been after account information, or even intelligence about a potential merger or acquisition. Security experts said the hackers chose to pursue account information, not disruption, which is the earmark of state-sponsored attacks.

State sponsored?

Banks are also frequent targets for intelligence agencies looking to collect information about their targets. In 2012, Russian security researchers uncovered a computer virus on 2,500 computers, many of them inside major Lebanese banks, including the Bank of Beirut, Blom Bank, Byblos Bank and Credit Libanais. The virus was specifically intended to steal customers’ login credentials to their bank accounts.

The researchers believed the computer virus was state-sponsored and said they had found evidence it had been created by the same programmers who created Flame and Stuxnet, two computer viruses that officials have said were unleashed by the United States and Israel to spy on computers inside Iran.

ThreatMetrix® builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions. These solutions authenticate consumer and workforce access to mission critical applications using real-time identity and access analytics that leverage the world’s largest trusted identity network.

ThreatMetrix secures enterprise applications against account takeover, payment fraud, fraudulent account registrations, malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes over 500 million monthly transactions and protects more than 160 million active user accounts across 2,500 customers and 10,000 websites.

The ThreatMetrix solution is deployed across a variety of industries, including financial services, enterprise, e-commerce, payments, social networks, government and insurance.

For more information, visit www.threatmetrix.com or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.

 

 

Brown Bagged by Cybercriminals

Posted on August 27th, 2014 by Dan Rampe

UPS

UPS Data Breach at 51 of its 4,400 Stores May Have Compromised 105,000 Customer Transactions

Notice that we said 105,000 customer transactions and not 105,000 customers? Well, that’s because while UPS knew the number of transactions, it had no idea how many customers were involved. The reason for that was the company didn’t have all cardholder data, a hassle for UPS customers who have been forced to check the UPS Store Inc.’s website to see if they shopped at an “infected” outlet. Stolen was information that included names, postal addresses, email addresses and credit- or debit-card data.

In her article on online.wsj.com (link to article), Laura Stevens says that the data breach hit UPS stores between January and August in 24 states including California, Florida, Texas and New York. The affected stores were all individually owned franchises using independent private networks.

UPS said the breach had been fixed and there was no evidence of fraud as a result of it. And, the company has set up an information website and will offer identity-protection and credit-monitoring services to any customers who have been affected.

Stevens observed that “UPS said it recently received a notification from the government alerting it to the malware, which it said wasn’t detectable by then-current antivirus software. UPS then hired a security firm to review its systems, prompting the discovery.”

ThreatMetrix® builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions. These solutions authenticate consumer and workforce access to mission critical applications using real-time identity and access analytics that leverage the world’s largest trusted identity network.

ThreatMetrix secures enterprise applications against account takeover, payment fraud, fraudulent account registrations, malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes over 500 million monthly transactions and protects more than 160 million active user accounts across 2,500 customers and 10,000 websites.

The ThreatMetrix solution is deployed across a variety of industries, including financial services, enterprise, e-commerce, payments, social networks, government and insurance.

For more information, visit www.threatmetrix.com or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.

 

 

85° in the Shade and They’re Playing “Jingle Bells”

Posted on August 26th, 2014 by Dan Rampe

Jingle Bells

The Time for E-Retailers to Put Together a Strong Security Strategy with Shared Customer Intelligence Is Now. ThreatMetrix Can Help.

National Retail Federation figures put total 2013 holiday retail sales – which includes November and December – at $601.8 billion, an increase of 3.8 percent over 2012. With sales only expected to increase this year, retail and most especially e-retail will be a tempting target for cybercriminals.

“Holiday shopping keeps coming earlier and earlier each year, with many e-retailers beginning to run holiday sales even before Thanksgiving,” said Alisdair Faulkner, chief products officer, ThreatMetrix. “With less than four weeks between Black Friday and Christmas this year, e-retailers will experience an incredibly high number of transactions in a short period of time – and without the bandwidth to manually inspect every order, there will be a higher reliance on automated solutions. The question is ‘how many good customers get caught in the net this year?’”

The name Target has practically become as synonymous with data breach as with low prices. Not that you need reminding, but close to 40 million Target customers had their credit and debit card information compromised. And, of course, earlier this month, a Russian crime ring reportedly gained access to 1.2 billion username and password combinations and more than half-a-billion email addresses. Why should this particular crime concern e-commerce sites? Because the cybergang could very well use these stolen credentials to cash in big during the holiday shopping season via card-not-present transactions, account takeover and financial fraud.

Outlined are several holiday shopping trends retailers may expect and what they mean for online security.

  • Increased Mobile Holiday Shopping – Across the ThreatMetrix network during October 2013 through December 2013, mobile traffic accounted for approximately 20 percent of all online sales. This number is expected to be even higher this holiday season with more transactions happening via mobile devices. Many retailers will be rolling out new mobile apps. Security could take a backseat to development to have the apps done in time for the holidays. For the sake of convenience, some businesses allow customers to bypass security steps on mobile devices. Obviously, this offers cybercriminals an opening. If rumors are true and Apple’s iPhone 6 comes equipped with an “Apple e-wallet,” brick-and-mortar retailers will also have to be extra cautious when it comes to transactions that take place through customers’ phones. This CNP could be a hot target for cybercriminals.
  • Visa Checkout and Username/Password Transactions – This holiday season, many retailers will implement username and password transactions rather than having customers enter their credit card information at checkout. Visa Checkout, for example, lets customers check out from registered online retailers simply with their username and password using a secure backend system with contextual information to quickly and easily determine whether the transactions taking place on that account are authentic. Retailers who opt to set up their own username and password checkout system will see an increase in transactions taking place through that system. This poses a challenge when it comes to accurately identifying legitimate customers. These retailers should consider help from third-party automated identity and cyberthreat intelligence. Retailers with username and password systems should also urge customers not to use the same credentials across multiple sites, especially on sites where sensitive information is stored.
  • Deleting Cookies –Deleting cookies is no longer cause for increased suspicion around a transaction because a significant number of shoppers now delete them on a monthly basis. With the high volume of orders this holiday season, retailers will be looking for reasons to accept an order, rather than slowing the order process and creating friction that hinders genuine users. Leveraging cookieless device identification and a shared global intelligence network, retailers can use a shopper‘s reputation to maintain security without hassling the customer.
  • EMV and Increased Online Fraud – By October 2015, U.S. merchants must adopt Europay-MasterCard-Visa (EMV) global standard chip card payment systems. After this deadline, retailers and banks supporting magnetic stripe cards will be liable for fraud losses. While the goal of EMV is to decrease in-store fraud by getting rid of antiquated magnetic stripe technology that allowed cybercriminals to skim cards and steal information for example, the increased security measure in-store will likely lead to an increase in online fraud. Although an online fraud increase may not be readily apparent because many merchants have only just begun making the switch, e-retailers should consider EMV-readiness and have security measures in place prior to the 2015 deadline.

“While stopping fraud is essential, the primary goal for most retailers this season is maintaining a frictionless user experience for good customers,” said Faulkner. “Retailers need cybersecurity systems in place that are as good at recognizing good customers as they are at stopping fraud, and the best way to do this is through anonymized shared intelligence.”

To help retailers identify good customers and keep out cybercriminals, the ThreatMetrix Global Trust Intelligence Network (The Network) protects against account takeover, card-not-present and fraudulent account registration by processing transactions using shared intelligence that provides predictive analytics to protect online businesses and reduce customer friction.

ThreatMetrix® builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions. These solutions authenticate consumer and workforce access to mission critical applications using real-time identity and access analytics that leverage the world’s largest trusted identity network.

ThreatMetrix secures enterprise applications against account takeover, payment fraud, fraudulent account registrations, malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes over 500 million monthly transactions and protects more than 160 million active user accounts across 2,500 customers and 10,000 websites.

The ThreatMetrix solution is deployed across a variety of industries, including financial services, enterprise, e-commerce, payments, social networks, government and insurance.

For more information, visit www.threatmetrix.com or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.

 

 

 

Did Your Fridge Have Its ID Stolen? Is Your Toaster’s Data Toast? Has Your Thermostat Become a Bot?

Posted on August 25th, 2014 by Dan Rampe

Internet of Things

The Internet of Things Brings Huge Promise and Monster-Size Security Headaches

Proponents of the Internet of Things talk about its great promise. Kenneth Corbin, in his piece (link to article) on itworld.com writes, “Household appliances could modulate their power consumption to avoid peak load times. Sensors placed along railroad lines could relay temperature data that could help preempt track failures. The same could be done for bridges, tunnels and other pieces of the nation’s fraying infrastructure.”

Corbin notes a pilot project in Maryland where 14 sensors in an apartment building monitor for smoke, heat, carbon monoxide and other potential danger signs, “relaying them to a cloud service that dispatches emergency responders if a problem is observed.”

The brave, new world of the Internet of Things comes with many of the problems of the old world – only magnified by the negatives possibilities. Corbin cites Randy Garrett, a program manager at the Defense Advanced Research Projects Agency (DARPA) who “worries that, in the exuberance to embed sensors in a galaxy of devices and bring them onto the network, backers of the Internet of Things will unwittingly create a virtually limitless set of new threat vectors.”

Garrett observes that despite computer users’ tendencies to not pay as much attention to security as they should, “many people are at least aware that the threats are out there and will often exercise some restraint in not clicking on spam links or avoid setting their password to “password.” (editorial comment: Can you say the same thing about the average waffle iron? Okay, there are instances where a waffle iron might be more security savvy than some computer users.)

Garrett points out that the infamous Target breach resulted from Target’s heating and air conditioning systems being connected to the internet to make servicing more accessible for a contractor. Of course, as history demonstrates, it also made the enterprise more accessible to hackers.

On the Internet of Things’ plus side is what can be done in healthcare where patients would be able to monitor such things as glucose levels and blood pressure and instantly send the data to their healthcare provider. Michael Chui, a partner and senior fellow at the McKinsey Global Institute observes, “That’s a much better set of data in which to diagnose and manage diseases.”

And Chui suggests solutions to issues facing the Internet of Things might be found in “rethinking” organizations and their traditional roles and processes. In a current retail environment, Corbin writes, “the CIO’s involvement in store operations might be limited to the cash registers, point-of-sale systems and back-office operations. In [an Internet of Things] world where mobile payments are a reality and items on the shelf are expected to interact with shoppers’ devices, though, the tech team must take a more hands-on role.”

“It’s a tremendous number of organizational challenges when you start integrating the physical world with the virtual world.” Chui adds, “You have to change the way you make decisions if you’re going to use the Internet of Things effectively.”

For another read on The Internet of Things, please take a moment to read  a previous blog from Andreas Baumhof, ThreatMetrix chief technology officer: “Have You Remembered to Friend Your Refrigerator? The Internet of Things is Here and Growing Fast. But One Exopert Warms It May Be ‘Patch as Patch Can’t.’”

ThreatMetrix® builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions. These solutions authenticate consumer and workforce access to mission critical applications using real-time identity and access analytics that leverage the world’s largest trusted identity network.

ThreatMetrix secures enterprise applications against account takeover, payment fraud, fraudulent account registrations, malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes over 500 million monthly transactions and protects more than 160 million active user accounts across 2,500 customers and 10,000 websites.

The ThreatMetrix solution is deployed across a variety of industries, including financial services, enterprise, e-commerce, payments, social networks, government and insurance.

For more information, visit www.threatmetrix.com or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.

 

The Customer Is Always Right — Right Out the Door

Posted on August 22nd, 2014 by Dan Rampe

Data Breach

Breaches and Compromised Records Have Retail Customers Heading for the Exits in Droves

So far in 2014, according to security company SafeNet, there have been some 559 data breaches affecting 375 million records. SafeNet’s Breach Level Index second quarter report says from April to June 237 breaches resulted in over 175 million records compromised, 83 percent of which were in the retail industry.

Strong security platforms protect data

In her piece on itbusinessedge.com (link to article), Sue Marquette Poremba observes, “Less than 1 percent of all of the data breaches in the second quarter happened to networks that used encryption or strong security platforms to protect the data. [Not] every security system is foolproof, but you greatly improve your chances of avoiding a breach if you put strong security practices in place…. [And once] a customer discovers a company has been breached, he or she is not likely returning.”

Breaches are bad business

Poremba cites a Yahoo Finance report of more than 4,500 adults in the USA, UK, Germany, Japan, and Australia. The report found “nearly two-thirds (65 percent) of respondents would never or were very unlikely to shop or do business again with a company that had experienced a data breach where financial data (credit card information, bank account number, or associated login details) was stolen.”

The SafeNet report’s answer to keeping customers and keeping out the guys is stronger encryption and improved user access to the network. While agreeing that the advice is good, Poremba points out she doesn’t think it’s an easy fix.

Everyone in the company has to be on the same page

“First you have to get everyone in the company, from leadership on down to the stock room, on board with the need to practice better security. Perhaps the way to approach this is to make them understand that their jobs are on the line. After all, if customers walk away because your company suffered a breach, would your business be able to survive?”

ThreatMetrix® builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions. These solutions authenticate consumer and workforce access to mission critical applications using real-time identity and access analytics that leverage the world’s largest trusted identity network.

ThreatMetrix secures enterprise applications against account takeover, payment fraud, fraudulent account registrations, malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes over 500 million monthly transactions and protects more than 160 million active user accounts across 2,500 customers and 10,000 websites.

The ThreatMetrix solution is deployed across a variety of industries, including financial services, enterprise, e-commerce, payments, social networks, government and insurance.

For more information, visit www.threatmetrix.com or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.

Fed Releases 2013 Payments Study to Mixed Reviews

Posted on August 21st, 2014 by Dan Rampe

Federal Reserve

First Time That Federal Reserve Study Addresses Fraud Related to Payments

According to the study, in 2012, 13.7 million fraudulent transactions involved credit cards, totaling $2.3 billion; 14.9 million involved debit or prepaid cards, totaling $1.5 billion; and 1.3 million, totaling $300 million, were fraudulent ATM withdrawals.

In her piece on bankinfosecurity.com (link to article), Tracy Kitten cites industry experts as saying “the new fraud data in the study [though] based on a 2012 survey of more than 1,300 U.S. banking institutions, payments processors and independent card issuers, will prove valuable to banks because it helps to highlight emerging fraud trends [and because questions about third-party fraud were added.]”

CNP three times more susceptible to fraud

The value of card-present fraud totaled $2.4 billion compared to card-not-present fraud, which totaled $1.6 billion. However, while the value of fraudulent CNP transactions was lower, the number of the fraudulent CNP transactions was three times greater than those reported for card-present fraud. And the CNP fraud rate for credit cards was the highest for all types of unauthorized third-party card transactions.

Third party card transactions

Jim McKee, a senior vice president of the Federal Reserve Bank of Atlanta, who was a key contributor to the study, pointed out that institutions were only asked to provide information about unauthorized third-party transactions they processed, not fraud they may have suspected or believed could be related to a retail breach. In his view the “Payments Study provides a helpful groundwork regarding ongoing payment trends.”

Reviews mixed

Tom Wills, a payments fraud expert, said the level of detail about third-party fraud is definitely of value to bankers. “It will help them determine what kind of resources to allocate for security and fraud programs. Different types of fraud indicate different types of countermeasures. For example, countermeasures for account-takeover fraud are different from those for online card fraud. Granular, quality data about fraud on a public level has historically been hard to come by, so I expect that bankers will welcome this additional insight.”

But financial fraud expert Shirley Inscoe, an Aite analyst, said she hopes future reports would include more detail about fraud losses. “This is great data; but it’s unfortunate the Fed did not also gather the same information concerning fraud losses. That would be a subset of the numbers reported and would also help quantify how good a job [financial institutions] are doing, overall, with their fraud-prevention efforts.”

ThreatMetrix® builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions. These solutions authenticate consumer and workforce access to mission critical applications using real-time identity and access analytics that leverage the world’s largest trusted identity network.

ThreatMetrix secures enterprise applications against account takeover, payment fraud, fraudulent account registrations, malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes over 500 million monthly transactions and protects more than 160 million active user accounts across 2,500 customers and 10,000 websites.

The ThreatMetrix solution is deployed across a variety of industries, including financial services, enterprise, e-commerce, payments, social networks, government and insurance.

For more information, visit www.threatmetrix.com or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.

Royal Blue Not Your Color?

Posted on August 20th, 2014 by Dan Rampe

Facebook

Clicking on “Facebook Color Changer” App Will Leave You Purple —with Rage.

Okay you don’t like Facebook’s standard royal blue. Well there’s an app called “Facebook color changer” that promises to change the color of your Facebook page from royal blue to any color you choose.

Don’t click on it

However, if you click on it, writes Dave Smith on businessinsider.com (link to article), you’ll end up rerouted to a malicious phishing site whose aim is infecting your computer.

10, 000 victims

The scam was discovered by Cheetah Mobile security researchers who say more than 10,000 people around the world have become victims. Smith writes that the app (maybe trap is a better word) works like this:

[When users click on the app, they are] directed to a phishing website that steals [user] Facebook “access tokens.” [Hackers] can use [the tokens] to connect with [users’] Facebook friends and spam them.

The Facebook color malware can also prompt users to download a separate video application, or a separate app if [they’re] using an Android phone. Both pieces of software contain malware, which could be used for more nefarious purposes than scamming [users’] friends, particularly if the malware can log…keystrokes or access other data points on [on users’ computers.]

How to get rid of it

Anyone inadvertently clicking on the “Facebook color changer” app can remove it by going to Facebook app settings. However, after removing the app, Cheetah Mobile recommends the user change his/her password.

After all this, you still can’t stand looking at a royal blue Facebook page. Then, go to Google Chrome and try the “Color My Facebook” add-on, which Smith notes, “lets you change the color scheme to pretty much any color you could think of.”

Wonder if it works for plaid.

ThreatMetrix® builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions. These solutions authenticate consumer and workforce access to mission critical applications using real-time identity and access analytics that leverage the world’s largest trusted identity network.

ThreatMetrix secures enterprise applications against account takeover, payment fraud, fraudulent account registrations, malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes over 500 million monthly transactions and protects more than 160 million active user accounts across 2,500 customers and 10,000 websites.

The ThreatMetrix solution is deployed across a variety of industries, including financial services, enterprise, e-commerce, payments, social networks, government and insurance.

For more information, visit www.threatmetrix.com or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.

 

ThreatMetrix Named One of 100 Most Promising Technology Companies in USA

Posted on August 19th, 2014 by Dan Rampe

CIO Review

Leading Technology Magazine of Enterprise Solutions, CIOReview, Places ThreatMetrix on Its CIOReview 100 List

The CIOReview 100 is a list of the “100 Most Promising Technology Companies in the U.S.” Honored are companies using powerful next-generation technologies to enable their customers to break through old performance barriers and improve business.

Put together each year by a distinguished panel of CEOs, CIOs and industry analysts including CIOReview’s own editorial board, this year’s list includes ThreatMetrix, a leader in context-based security and advanced fraud prevention.

“Recognition by the CIOReview 100 serves as validation of our continued innovation in context-based authentication and advanced fraud prevention,” said Bert Rankin, chief marketing officer, ThreatMetrix. “While we are incredibly invested in protecting our customers’ businesses from fraudsters, we also place equal weight on making sure we maintain a great customer experience for their users in the process. Our fraud and security solutions leverage a collective network to provide real-time insights, blocking out potential threats without adding additional authentication steps for good users.”

With its commitment to building trust on the Internet, an effort requiring frequent solution updates and enhancements, in July ThreatMetrix announced a new patent which “builds off” of its cookieless device identification using fuzzy matching technology to globally recognize trusted customers and cybercriminals.

With patents that help companies identify, recognize and stop attackers in their tracks, ThreatMetrix helps businesses remain secure and prevents cybercriminals from compromising online identities.

For a full list of winners, visit http://cioreview100.cioreview.com/.

In addition to being named to the CIOReview 100, ThreatMetrix 2014 awards include:

  • Recognized as a Silver Winner in the “Enterprise Product of the Year – Software” Category by the Best in Biz Awards 2014 International
  • Named to the 2014 AlwaysOn Global 250 Top Private Companies List
  • Named to the 2014 Lead411 Hottest Companies in Silicon Valley list
  • Products Guide (NPG) 2014 Hot Companies and Best Product Award Winner for the “Best Products and Services – Information Security and Risk Management” category and also in the “Best Products and Services – Security Software” category.
  • Judges Choice for Best Overall Fraud/Security Solution at the 2014 CardNotPresent.com (CNP) Awards for the ThreatMetrix TrustDefender Cybercrime Protection Platform
  • A 2014 Info Security Products Guide Global Excellence Award for Most Innovative Company of the Year (Security)
  • 2014 Cyber Defense Magazine Award Winner in 2 Categories: Most Innovative Anti-Malware Appliances Solution & Best Product Network Access Control Solution

ThreatMetrix® builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions. These solutions authenticate consumer and workforce access to mission critical applications using real-time identity and access analytics that leverage the world’s largest trusted identity network.

ThreatMetrix secures enterprise applications against account takeover, payment fraud, fraudulent account registrations, malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes over 500 million monthly transactions and protects more than 160 million active user accounts across 2,500 customers and 10,000 websites.

The ThreatMetrix solution is deployed across a variety of industries, including financial services, enterprise, e-commerce, payments, social networks, government and insurance.

For more information, visit www.threatmetrix.com or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.

 

The Pace That Launched 575 Million Chips

Posted on August 18th, 2014 by Dan Rampe

EMV

By the End of 2015, U.S. Payment Cards with EMV Chips to Top 575 Million

Visa and MasterCard say rollouts of the new EMV-Chip payment cards are on pace to reach 575 million by the end of next year. According to a piece by Evan Schuman (link to article), that number is “partially based on EMV shipment plans from nine key card issuers: Bank of America, Capital One, Chase, Citi, Discover, Independent Community Bankers of America (representing issuing members), Navy Federal Credit Union, US Bank and Wells Fargo & Company.” Visa Vice President Ryan McInerney observed that by aggressively pushing EMV, “one in two of [these companies’] U.S. payment cards will be chip-enabled” by the end of 2015.

Getting consumers to buy in

Shuman writes that “the next two EMV U.S. hurdles are retailer equipment upgrades and training… plus getting consumers to not only use their new EMV cards, but to specifically insert for chip rather than just use the comfortable magstripe. Consumer training and perhaps some incentives will be needed to close this loop and to get these cards to actually be used in meaningful numbers.”

Next on the agenda

Visa and MasterCard also noted that they are in the process of “identifying an actionable, long-term roadmap [for delivering] a consistent level of security for payments in the digital and physical environments. Part of this [would] include providing clarity around enhanced security like tokenization and point-to-point encryption.”

Payment processor, First Data Corporation’s president, Guy Chiarello urged all institutions to “launch their EMV plans immediately, and not wait for the October 2015 liability shift [because] issuing EMV now [would] benefit consumers by making the most secure payment card available sooner, while reducing fraud losses and enhancing payments system security for all.”

ThreatMetrix® builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions. These solutions authenticate consumer and workforce access to mission critical applications using real-time identity and access analytics that leverage the world’s largest trusted identity network.

ThreatMetrix secures enterprise applications against account takeover, payment fraud, fraudulent account registrations, malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes over 500 million monthly transactions and protects more than 160 million active user accounts across 2,500 customers and 10,000 websites.

The ThreatMetrix solution is deployed across a variety of industries, including financial services, enterprise, e-commerce, payments, social networks, government and insurance.

For more information, visit www.threatmetrix.com or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.