Sandpiper: An Eagle When It Comes to Fighting Cybercrime

Posted on February 27th, 2015 by Dan Rampe

Europol

EC3 Supports 18-Month EU-Funded “Project Sandpiper” to Stop Payment Card Fraud in Its Tracks

The latest statistics published by the European Central Bank reveal that card-not-present (CNP) fraud is on the rise accounting for 60% of all fraud losses on cards issued in the European Union. To address the problem, Europol’s European Cybercrime Centre (EC3) has launched several investigations.

Project Sandpiper

Initiated by UK authorities and supported by Europol’s European Cybercrime Centre (EC3), Project Sandpiper took out after the bad guys. The score after eighteen months: 59 arrests; 32 prosecutions; 17 convictions; 52,812 compromised card numbers recovered; £23 million ($35 million) estimated savings to the banking industry; and the disruption of 5 organized crime groups misusing electronic payments mainly in overseas destinations.

Troels Oerting, head of EC3

An article on eurasiareview.com (link to article) quotes the head of the European Cybercrime Centre, Troels Oerting, who said, “The criminal networks involved in this sophisticated electronic payment crime have been taken down as a result of many months of hard work by police officers and prosecutors in the European Union. Through the international cooperation of law enforcement authorities, the European Commission and Europol, as well as cooperation with the financial industry, European customers’ payment transactions are safer. We continue our fight against this crime. The criminals continue to develop new methods for stealing our identities, money and ideas online, and we have to continue and further develop operations like Sandpiper and Skynet. [Skynet is the codename of a new EU-funded project. Just launched, it focuses on international cooperation to combat online CNP fraud. Six EU Member States are involved.]”

A joint EU effort

According to the eurasiareview.com story, Europol’s information and analysis systems are used to exchange and cross-check the intelligence received from member states.

ThreatMetrix builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions. These solutions authenticate consumer and workforce access to mission critical applications using real-time identity and access analytics that leverage the world’s largest trusted identity network.

ThreatMetrix secures enterprise applications against account takeover, payment fraud, fraudulent account registrations, malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes over 850 million monthly transactions and protects more than 210 million active user accounts across 3,000 customers and 15,000 websites.

The ThreatMetrix solution is deployed across a variety of industries, including financial services, enterprise, e-commerce, payments, social networks, government and insurance.

For more information, visit www.threatmetrix.com or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.

 

 

 

 

Visa, MasterCard: Different Paths. Same Destination.

Posted on February 26th, 2015 by Dan Rampe

Visa and Mastercard

Beyond EMV, Industry Giants Look to Upgrade Security Measures to Improve Protection for Shoppers and Merchants

Coming this spring to a store near you – better protection from fraud and theft. At least that’s what Visa and MasterCard are hoping to accomplish with two new programs.

In her story on consumerist.com, Kate Cox describes the technology each company is planning to introduce. The following has been excerpted from Cox’s piece and edited to fit our format. You may find the full article by clicking on this link.

MasterCard’s two-pronged approach

One element is a program called MasterCard Safety Net. The company claims … that Safety Net “provides an independent layer of security on top of the tools and policies of financial institutions, by monitoring and blocking specific transactions based on selected criteria.”

The company promises, “Safety Net is designed to intervene only in extreme cases to block fraudulent activity.”

Biometrics

The other half of MasterCard’s strategy is biometrics. The company is pairing with First Tech Federal Credit Union to work on a pilot program that will allow customers to use unique identifiers — including face, fingerprint, and voice matching — to authenticate and verify transactions.

EMV transition going well

MasterCard reports that the transition is “well underway”, with half of all cards and just under half (47%) of all point-of-sale terminals projected to be chip-enabled by the end of 2015.

Visa takes a different approach that works like Apple Pay

Where MasterCard is focusing on making the customer prove a charge is authorized, Visa is working on scrambling information that might be stolen, so [that thieves can’t use it.].

[Called] the Visa Token Service, [it] works in basically the same way Apple Pay does (in fact, it’s part of Apple Pay): instead of transmitting your 16-digit card number, expiration date, and security code, Visa instead shares a unique number — your token — with the merchant getting paid.

If someone intercepts the transmission or the system and manages to yank that token, all they have is a string of numbers. It’s not a thing that can be cloned onto a new payment card or used in any meaningful way.

Beyond mobile

What’s new about it is that Visa is trying to expand the Token Service out of just mobile payments, and into traditional online retailers as well. When your credit card is stored on the site of a merchant you regularly shop with, that’s a weakness: anyone who breaches that database has…everything they need to commit fraud on your card. But if the merchant stores a random token in your account information, instead of your credit card number, that data once again becomes meaningless to thieves even while it remains convenient to consumers.

ThreatMetrix builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions. These solutions authenticate consumer and workforce access to mission critical applications using real-time identity and access analytics that leverage the world’s largest trusted identity network.

ThreatMetrix secures enterprise applications against account takeover, payment fraud, fraudulent account registrations, malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes over 850 million monthly transactions and protects more than 210 million active user accounts across 3,000 customers and 15,000 websites.

The ThreatMetrix solution is deployed across a variety of industries, including financial services, enterprise, e-commerce, payments, social networks, government and insurance.

For more information, visit www.threatmetrix.com or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.

 

 

 

 

 

ThreatMetrix to Speak and Exhibit Context-Based Security Solutions at 2015 BAI Payments Connect Conference

Posted on February 25th, 2015 by Dan Rampe

BAI Payments

 

Alisdair Faulkner, Chief Products Officer, to Participate in a Panel on Strategies for Combatting Payment Fraud Using Enhanced Tools and Technology

San Jose, CA – February 25, 2015 – ThreatMetrix®, the fastest-growing provider of context-based security and advanced fraud prevention solutions, today announced it is speaking and exhibiting at the BAI Payments Connect Conference, March 2-4 at Phoenix Convention Center West Building in Phoenix, Ariz.

BAI Payments Connect Conference is a one-of-a-kind event that focuses on helping companies keep pace with and adapt to today’s fast-track complex payments space. More than 700 innovative payments professionals and solution providers will converge to focus on current issues, challenges and opportunities in the payments space. Participants can attend expos, demo sessions and the second-annual digital day, which will focus on how to take a business into the digital world. This year, attendees will have the opportunity to vote for their favorite, most innovative demo presentation, and the organization with the most votes will be the BAI Payments Innovation Track Award winner.

ThreatMetrix will exhibit its context-based security solutions at booth 301, giving attendees an opportunity to view its alternatives to outdated legacy-based customer authentication solutions. Additionally, Faulkner will participate in a panel discussion on Tuesday, March 3 from 9:45 a.m. – 10:45 a.m. MST in room 106A, focusing on “Combatting Payment Fraud through Enhanced Tools and Technology,” alongside several noted payments industry security experts.

”Payments professionals work solely in the transfer of money, meaning their business is one of the biggest targets for cybercriminals,” said Faulkner. “Unfortunately, many businesses within the industry rely on security solutions that create friction by authenticating returning customers and failing to recognize them based on minor changes in their environment – such clearing their cookies or changing browsers, for example. At the BAI Conference, attendees will learn about ThreatMetrix’s context-based authentication capabilities, which offer secure, cost effective and frictionless user access for the payments industry through real-time behavior and contextual analytics derived from analyzing billions of global transactions.”

ThreatMetrix recently began an initiative to offer alternatives to outdated authentication solutions for banks and financial institutions that includes solutions for financial services institutions to provide frictionless customer logins that decrease operational costs and improve cybercrime detection. The goal of many online and mobile banking institutions is to ensure a top-notch customer experience and increase revenue. ThreatMetrix’s growing shared global intelligence network delivers secure, accurate authentication in real time to reduce user friction and ensure a high-level of customer satisfaction.

“The payments industry is booming right now, mobile transactions are doubling year over year and our focus is to support this growth with transparent fraud solutions that don’t interfere with business,” said Faulkner. “ThreatMetrix is committed to rapid evolution in order to keep pace with the industry by leveraging a collective approach to cybersecurity to combat payment fraud. I am very excited to discuss the growth and success of our global shared network with BAI attendees at this year’s conference.”

ThreatMetrix authenticates customer payments using real-time identity and access analytics that leverage the power of the ThreatMetrix® Global Trust Intelligence Network (The Network), the world’s largest shared intelligence network. The solution protects financial Web and mobile applications against account takeover, payment fraud, and fraudulent account registrations as a result of stolen credentials obtained from malware, social engineering, phishing and data breaches.

For more information on the BAI Payments Connect Conference, click here.

ThreatMetrix Resources

About ThreatMetrix

ThreatMetrix builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions. These solutions authenticate consumer and workforce access to mission critical applications using real-time identity and access analytics that leverage the world’s largest trusted identity network.

ThreatMetrix secures enterprise applications against account takeover, payment fraud, fraudulent account registrations resulting from malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes over 850 million monthly web and mobile transactions protecting more than 210 million active user accounts across 3,000 customers and 15,000 websites and mobile applications.

The ThreatMetrix solution is deployed across a variety of industries, including financial services, enterprise, e-commerce, payments, social networks, government and insurance.

For more information, visit www.threatmetrix.com or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.

© 2015 ThreatMetrix. All rights reserved. ThreatMetrix, TrustDefender ID, TrustDefender Cloud, TrustDefender Mobile, TrustDefender Client, the TrustDefender Cybercrime Protection Platform, ThreatMetrix Labs, and the ThreatMetrix logo are trademarks or registered trademarks of ThreatMetrix in the United States and other countries. All other brand, service or product names are trademarks or registered trademarks of their respective companies or owners.

Media Contacts
Dan Rampe
ThreatMetrix
Tel: 408-200-5716
Email: drampe@threatmetrix.com

Beth Kempton
WalkerSands Communications
Tel: 312.241.1178
Email: beth.kempton@walkersands.com

ThreatMetrix Demos Alternatives to Outdated Legacy Authentication Solutions at BAI Payments Connect 2015

Posted on February 25th, 2015 by Dan Rampe

 

BAI Payments

 

Plus Security Experts Join ThreatMetrix’s Alisdair Faulkner for a Panel on “Combatting Payment Fraud through Enhanced Tools and Technology”

More than 700 payments professionals and solution providers will attend BAI Payments Connect 2015 from March 2-4 at Phoenix Convention Center West Building in Phoenix, Arizona. A one-of-a-kind event concentrating on current issues in the payments space, BAI Payments Connect provides the opportunity to attend expos, panel discussions and demo sessions. In addition attendees can take part in the second-annual digital day, focusing on how to take a business into the digital world.

The most innovative demo

This year, attendees can cast their vote for their favorite, most innovative demo presentation. And the organization with the most votes will be the BAI Payments Innovation Track Award winner.

ThreatMetrix will exhibit at booth 301

ThreatMetrix recently began an initiative offering alternatives to outdated authentication solutions for banks and financial institutions (including financial services institutions). These solutions provide frictionless customer logins that lower operational costs and improve cybercrime detection.

ThreatMetrix will be exhibiting its context-based security solutions at booth 301 offering an opportunity for attendees to view the company’s alternatives to outdated legacy-based customer authentication solutions.

Alisdair Faulkner, Chief Products Officer, ThreatMetrix in panel discussion

Joined by other noted security experts, Alisdair Faulkner will participate in a panel discussion on Tuesday, March 3 from 9:45 a.m. – 10:45 a.m. MST in room 106A. As noted in the headline, the discussion is about “Combatting Payment Fraud through Enhanced Tools and Technology.”

”Payments professionals work solely in the transfer of money, meaning their business is one of the biggest targets for cybercriminals,” said Faulkner. “Unfortunately, many businesses within the industry rely on security solutions that create friction by authenticating returning customers and failing to recognize them based on minor changes in their environment – such clearing their cookies or changing browsers, for example. At the BAI Conference, attendees will learn about ThreatMetrix’s context-based authentication capabilities, which offer secure, cost effective and frictionless user access for the payments industry through real-time behavior and contextual analytics derived from analyzing billions of global transactions.”

Shared global intelligence

ThreatMetrix’s growing shared global intelligence network delivers secure, accurate authentication in real time to reduce user friction and ensure a high-level of customer satisfaction. ThreatMetrix is able to authenticate customer payments using real-time identity and access analytics that leverage the power of the ThreatMetrix Global Trust Intelligence Network (The Network), the world’s largest shared intelligence network. The solution protects financial Web and mobile applications against account takeover, payment fraud, and fraudulent account registrations as a result of stolen credentials obtained from malware, social engineering, phishing and data breaches.

Faulkner on ThreatMetrix solutions for the payments industry

“The payments industry is booming right now, mobile transactions are doubling year over year and our focus is to support this growth with transparent fraud solutions that don’t interfere business,” said Faulkner. “ThreatMetrix is committed to rapid evolution in order to keep pace with the industry by leveraging a collective approach to cybersecurity to combat payment fraud. I am very excited to discuss the growth and success of our global shared network with BAI attendees at this year’s conference.”

For more information on the BAI Payments Connect Conference, click here.

ThreatMetrix builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions. These solutions authenticate consumer and workforce access to mission critical applications using real-time identity and access analytics that leverage the world’s largest trusted identity network.

ThreatMetrix secures enterprise applications against account takeover, payment fraud, fraudulent account registrations resulting from malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes over 850 million monthly web and mobile transactions protecting more than 210 million active user accounts across 3,000 customers and 15,000 websites and mobile applications.

The ThreatMetrix solution is deployed across a variety of industries, including financial services, enterprise, e-commerce, payments, social networks, government and insurance.

For more information, visit www.threatmetrix.com or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.

 

What’s Happening with Mobile Device Payments Is Criminal

Posted on February 23rd, 2015 by Dan Rampe

Mobile Devices

Mobile Device Fraud Makes Up a Disproportionate Share of the $6 Billion Fraud Costs Merchants and Card Issuers in the U.S. Each Year

Forrester Research says mobile payments accounted for $52 billion worth of U.S. transactions in 2014, up from $32 billion in 2013. And this year that number is expected to hit $67 billion.

A LexisNexis survey of 1,100 companies found that while mobile payments account for 14 percent of transactions among merchants, they make up 21 percent of fraud cases. In her story on bloomberg.com, Olga Kharif details how cyberthieves have continued to shift their focus to mobile devices. The following has been excerpted from her piece and edited to fit our format. You may find her complete article by clicking on this link.

More mobile fraud than on PCs

“We certainly see a surge in mobile payment attacks,” says Tomer Barel, chief risk officer at PayPal, who says his company deals with more cases of fraud on mobile devices than on PCs. “There are many more avenues for fraudsters to try.”

Every dollar of mobile fraud costs merchants $3.34

Each dollar worth of misbegotten mobile payments winds up costing a fooled merchant $3.34. That’s slightly more than the cost of a fraudulent credit card swipe or mail order, 27 percent more than a similar payment made from a PC.

Merchants aren’t equipped to handle mobile fraud

Along with the cost of lost merchandise, the total includes investigation of the fraud. That’s tougher on phones than on PCs, because many businesses aren’t equipped to track mobile devices’ unique identifiers such as IP addresses. Stores often don’t catch when a card issued in Los Angeles is used for a mobile order from Mexico, says Aaron Press, director of e-commerce and payments at LexisNexis Risk Solutions. “It’s kind of a wake-up call,” he says.

Lower-tech fraud

Some mobile fraud remains low-tech. Last year, the Better Business Bureau warned consumers about a scam in which people posted absurdly cheap offers for used cars online, then tricked interested buyers into wiring funds through a phony version of Google Wallet.

Higher-tech fraud

Other frauds are more technical, such as the hackers who found a bug in a Chilean public transportation app that let them top off their travel credits for free.

The weak link

Like the brief flurry of duplicate charges that accompanied Apple Pay’s debut in October, such glitches highlight the vulnerability inherent in a system that requires banks, card networks, and software makers to keep pace with thieves. “If you don’t make the proper investment, they’ll be attracted to the weakest link,” says PayPal’s Barel.

Biometrics may stop some cybercriminals

Smartphone operating systems, at least, are tougher to infiltrate than those of PCs. Phones with biometric sensors can also make a person’s identity tougher to steal. Mobile payment service LoopPay says it’s adding support for biometric features such as Apple’s fingerprint reader, despite hackers’ claims that they can fool the iPhone’s sensor. Rival CurrentC says it’s considering similar measures….

“There’s no perfect system,” says Will Graylin, chief executive officer of LoopPay. “It’s always a game of cat and mouse.”

ThreatMetrix builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions. These solutions authenticate consumer and workforce access to mission critical applications using real-time identity and access analytics that leverage the world’s largest trusted identity network.

ThreatMetrix secures enterprise applications against account takeover, payment fraud, fraudulent account registrations, malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes over 850 million monthly transactions and protects more than 210 million active user accounts across 3,000 customers and 15,000 websites.

The ThreatMetrix solution is deployed across a variety of industries, including financial services, enterprise, e-commerce, payments, social networks, government and insurance.

For more information, visit www.threatmetrix.com or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.

 

 

A Billion Records Compromised in a Record-Breaking Year

Posted on February 19th, 2015 by Dan Rampe

Data Breach

Security Experts Discuss What Lessons Were Learned from 2014’s Data Breach Deluge

To be exact, there were 904 million records compromised in 2014, a record-breaking year in every sense of the word “record.” While a great deal was lost monetarily and even psychologically, i.e., a feeling of security, a great deal was learned as well. In a far-ranging piece on cio.com, Steve Ragan has security experts offer up their observations on what organizations can take away from a very tough learning experience. The following has been excerpted from his article and edited to fit our format. You may find the complete, unedited article by clicking on this link.

Like candy from a baby

Thus, this year’s security problems have taught organizations a valuable lesson when it comes to protecting the supply chain and offering awareness training to staff and vendors. From phishing to weak third-party access, criminals walked in through the backdoor, and out the front, with relative ease.

Difficult to defend

“Businesses today have a maze of complex dependencies on outside service providers and suppliers. This makes a complex attack surface, and that in turn makes defenses weak. The more complex our infrastructure, the harder it is for defenders to see it all and understand its weaknesses,” commented Dr. Mike Lloyd, CTO at RedSeal.

Multiple baskets

Another lesson learned this year centers on keeping all of one’s eggs in a single basket. As mentioned, twenty incidents reported in 2014 exposed one million records or more in each instance, but three of them resulted in the compromise of a combined 489 million records.

Adam Kujawa, head of Malware Intelligence at Malwarebytes Labs, said that the JPMorgan Chase breach was a perfect example of how the damage from an incident can be reduced by segmentation. “Attackers were able to steal millions of customer’s personal information such as names, emails, addresses, etc. However, they were unable to steal the actual financial data. That kind of data was hidden away behind another layer of security and one that was apparently impossible for attackers to get to,” Kujawa said.

“If all organizations used practices similar to that, then regardless of a breach, there would be a lot less damage in the aftermath.”

No longer a luxury

“Today, [security is] rapidly shifting to an imperative – auditors look for it, regulators demand it, and customers expect it. Cost is no longer the limiting factor – boards are willing to spend money to steer clear of the wrong kind of news coverage. The limiting factor is complexity – you can’t segment what you can’t map, and too many organizations have effectively lost the blueprints of the infrastructure they run their businesses on,” he explained.

Criminals prefer personal information

Criminals are starting to favor PII over financial information, because it’s easier to sell and leverage. To put it simply, the banks are making it harder to use stolen credit card details due to anti-fraud advancements.

Michele Borovac, VP at HyTrust, pointed out that while it’s relatively easy to cancel a credit card, it’s much harder to track down and recover your identity if it’s stolen. “Attackers with a few pieces of personal information can parlay that data into new credit card applications, online account access and many other nefarious – but lucrative – activities,” Borovac said.

Big data big breach

“Big Data leads to Big Theft,” said Dr. Lloyd. “Cyber criminals are savvy about risk vs. reward – if we make big piles of data, they are willing to put in more effort to get in to take it.”

HyTrust’s Borovac agrees:

“The primary reason that we’re seeing breaches of this magnitude is that data and applications are becoming more concentrated. As organizations consolidate and virtualize data centers, it becomes easier for someone who gets in to get everything.”

Lessons are lost on some

Despite the fact that 2014 was a record setting year for data breaches, for most organizations security is still an after-the-fact, bolted-on additive.

“Security professionals at heart have known for over a decade now that security, like all business practices, is ultimately dictated by ROI. Until companies feel that they will lose customers due to security concerns, there is no good business reason to address them with the same attention that they do sales or any other income-generating business infrastructure piece,” said Carl Vincent, security consultant at Neohapsis.

ThreatMetrix builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions. These solutions authenticate consumer and workforce access to mission critical applications using real-time identity and access analytics that leverage the world’s largest trusted identity network.

ThreatMetrix secures enterprise applications against account takeover, payment fraud, fraudulent account registrations, malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes over 850 million monthly transactions and protects more than 210 million active user accounts across 3,000 customers and 15,000 websites.

The ThreatMetrix solution is deployed across a variety of industries, including financial services, enterprise, e-commerce, payments, social networks, government and insurance.

For more information, visit www.threatmetrix.com or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.

 

 

 

 

ThreatMetrix Named to OnCloud’s “Top 100” and CEO Tapped as Keynote for OnCloud 2015 Summit

Posted on February 17th, 2015 by Dan Rampe

Standard-Header-Reed

A Panelist at the Annual AlwaysOn Summit, ThreatMetrix CEO Reed Taussig Will Deliver His Keynote Speech on Security in the Cloud

AlwaysOn’s OnCloud 2015 Summit will take place at the College of San Mateo (San Mateo, CA) on February 26, 2015. The Summit brings together “the best and the brightest” including top entrepreneurs, investors, and corporate players in the business-to-business application and cloud infrastructure space to discuss and debate the future of cloud technology.

Reed Taussig’s keynote

Titled “Global Shared Intelligence: The Best Solution to Combat Cybercrime,” Taussig’s keynote presentation will take place at 11:30 a.m. PST. Over the course of his speech, he’ll be providing an overview of the current cybercrime landscape.

Using examples from ThreatMetrix’s TrustDefender Cybercrime Protection Platform, Taussig will show how ThreatMetrix discovered and defeated organized crime rings by leveraging the power of the ThreatMetrix Global Trust Intelligence Network (The Network).

A distinguished panel

Taussig will also be participating in a panel alongside host Aditya Singh, partner at Foundation Capital and co-panelist Barmak Meftah, president and CEO at AlienVault. The subject of the discussion will be “The New Frontier in Cloud Infrastructure” and will take place at 11:45 a.m. PST.

ThreatMetrix’s CEO on global shared intelligence

“The global cybercrime landscape is constantly evolving to include new, more sophisticated threats and the only way to combat these threats is through collective intelligence,” said Taussig. “This isn’t a threat any business or consumer can fight alone. It requires a collective network that leverages data from across a global information base. I’m honored to share what ThreatMetrix has accomplished in the fight against cybercrime by leveraging global shared intelligence with this year’s OnCloud attendees. The OnCloud summit hosts key industry players who can help to make shared intelligence an industry standard.”

ThreatMetrix on OnCloud’s Top 100 private companies list

The annual list honors companies in the B2B applications, management tools, security and infrastructure sectors that are rising to the challenge of bringing the world’s businesses and enterprises into the cloud. This year’s OnCloud 100 companies were selected based on a set of five criteria: innovation, market potential, commercialization, stakeholder value and media buzz. A full list of the OnCloud Top 100 winners is available here.

Validation of our continued innovation

“The OnCloud Top 100 honors companies that take big data and create useful, actionable intelligence from it to make high-powered decisions,” said Taussig. “In the case of ThreatMetrix and The Network, such decisions have the power to stop cybercriminals in real time. ThreatMetrix leverages data from the largest shared intelligence network available to make an immediate and educated decision to differentiate between authentic and fraudulent transactions. Being named to OnCloud’s Top 100 private companies list serves as validation of our continued innovation in advanced fraud prevention and context-based authentication.”

For more information on the OnCloud 2015 summit, click here.

ThreatMetrix has garnered a host of awards. Following are some of the most recent:

  • The Channel Company’s CRN 100 Coolest Cloud Computing Vendors of 2015
  • Gold Stevie in New Product or Service of the Year – Security Solution category and a Silver in the Most Innovative Tech Company of the Year – Computer Software category.
  • Gold for “Innovative Company of the Year” and for “Integrated Security (Software) Innovation” at the 2014 Golden Bridge Business Awards
  • CIOReview100 for the “100 Most Promising Technology Companies in the U.S.”
  • Best in Biz Awards 2014 International Silver for “Enterprise Product of the Year – Software”
  • The AlwaysOn Global 250 Top Private Companies in the “B2B Cloud and Infrastructure” category
  • Lead411’s 2014 “Hottest Companies in Silicon Valley” list
  • Products Guide (NPG) Hot Companies and Best Product Award Winner for the “Best Products and Services – Information Security and Risk Management” category and also in the “Best Products and Services – Security Software” category.
  • Judges Choice for Best Overall Fraud/Security Solution at the 2014 CardNotPresent.com (CNP) Awards for the ThreatMetrix TrustDefender Cybercrime Protection Platform
  • A 2014 Global Excellence Award for Most Innovative Company of the Year (Security)
  • 2014 Cyber Defense Magazine Award Winner in 2 Categories: Most Innovative Anti-Malware Appliances Solution & Best Product Network Access Control Solution

ThreatMetrix builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions. These solutions authenticate consumer and workforce access to mission critical applications using real-time identity and access analytics that leverage the world’s largest trusted identity network.

ThreatMetrix secures enterprise applications against account takeover, payment fraud, fraudulent account registrations resulting from malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes over 850 million monthly transactions and protects more than 210 million active user accounts across 3,000 customers and 15,000 websites and mobile applications.

The ThreatMetrix solution is deployed across a variety of industries, including financial services, enterprise, e-commerce, payments, social networks, government and insurance.

For more information, visit www.threatmetrix.com or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.

ThreatMetrix Named to OnCloud Top 100 Private Companies and CEO to Speak at OnCloud 2015 Summit

Posted on February 17th, 2015 by Dan Rampe

Standard-Header-Reed

CEO Reed Taussig to Provide Keynote on Security in the Cloud and Participate as a Panelist at Annual AlwaysOn Summit

San Jose, CA – February 17, 2015 – ThreatMetrix®, the fastest-growing provider of context-based security and advanced fraud prevention solutions, today announced its CEO, Reed Taussig, will serve as a keynote speaker and participate in a panel at AlwaysOn’s OnCloud 2015 Summit in San Mateo, Calif. on Feb. 26.

Hosted annually in the heart of Silicon Valley at the College of San Mateo, OnCloud brings together the brightest minds and top entrepreneurs, investors, and corporate players in the business-to-business application and cloud infrastructure space to discuss and debate the future of cloud technology.

Taussig’s keynote presentation on security in the cloud, entitled, “Global Shared Intelligence: The Best Solution to Combat Cybercrime,” will take place at 11:30 a.m. PST. During this presentation, he will provide an overview of the current cybercrime landscape, citing examples from ThreatMetrix’s comprehensive solution, the ThreatMetrix TrustDefender™ Cybercrime Protection Platform, which has been successful in discovering and defeating organized crime rings by leveraging the power of the ThreatMetrix® Global Trust Intelligence Network (The Network). Taussig will also participate in a panel alongside host Aditya Singh, partner at Foundation Capital and co-panelist Barmak Meftah, president and CEO at AlienVault, entitled, “The New Frontier in Cloud Infrastructure,” at 11:45 a.m. PST.

“The global cybercrime landscape is constantly evolving to include new, more sophisticated threats and the only way to combat these threats is through collective intelligence,” said Taussig. “This isn’t a threat any business or consumer can fight alone. It requires a collective network that leverages data from across a global information base. I’m honored to share what ThreatMetrix has accomplished in the fight against cybercrime by leveraging global shared intelligence with this year’s OnCloud attendees. The OnCloud summit hosts key industry players who can help to make shared intelligence an industry standard.”

ThreatMetrix was also recently included in the 2015 OnCloud Top 100 private companies list. The annual list honors companies in the B2B applications, management tools, security and infrastructure sectors that are rising to the challenge of bringing the world’s businesses and enterprises into the cloud. This year’s OnCloud 100 companies were selected based on a set of five criteria: innovation, market potential, commercialization, stakeholder value and media buzz. A full list of the OnCloud Top 100 winners is available here.

“The OnCloud Top 100 honors companies that take big data and create useful, actionable intelligence from it to make high-powered decisions,” said Taussig. “In the case of ThreatMetrix and The Network, such decisions have the power to stop cybercriminals in real time. ThreatMetrix leverages data from the largest shared intelligence network available to make immediate and educated decisions to differentiate between authentic and fraudulent transactions. Being named to OnCloud’s Top 100 private companies list serves as validation of our continued innovation in advanced fraud prevention and context-based authentication.”

For more information on the OnCloud 2015 summit, click here.

ThreatMetrix Resources

About ThreatMetrix

ThreatMetrix builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions. These solutions authenticate consumer and workforce access to mission critical applications using real-time identity and access analytics that leverage the world’s largest trusted identity network.

ThreatMetrix secures enterprise applications against account takeover, payment fraud, fraudulent account registrations resulting from malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes over 850 million monthly transactions and protects more than 210 million active user accounts across 3,000 customers and 15,000 websites and mobile applications.

The ThreatMetrix solution is deployed across a variety of industries, including financial services, enterprise, e-commerce, payments, social networks, government and insurance.

For more information, visit www.threatmetrix.com or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.

© 2015 ThreatMetrix. All rights reserved. ThreatMetrix, TrustDefender ID, TrustDefender Cloud, TrustDefender Mobile, TrustDefender Client, the TrustDefender Cybercrime Protection Platform, ThreatMetrix Labs, and the ThreatMetrix logo are trademarks or registered trademarks of ThreatMetrix in the United States and other countries. All other brand, service or product names are trademarks or registered trademarks of their respective companies or owners.

Media Contacts
Dan Rampe
ThreatMetrix
Tel: 408-200-5716
Email: drampe@threatmetrix.com

Beth Kempton
WalkerSands Communications
Tel: 312.241.1178
Email: beth.kempton@walkersands.com

 

White House Cybersecurity Summit Decisions Aligned with ThreatMetrix Solutions

Posted on February 16th, 2015 by Dan Rampe

Obama

President Calls for Threat Information Sharing and Right to Privacy

In the wake of the White House Cybersecurity Summit held at Stanford University last week, Alisdair Faulkner, chief products officer, ThreatMetrix® wrote:

In light of President Obama’s visit to Silicon Valley, now is a better time than ever to address online security and privacy. Collecting an unreasonable amount of personal information will lead to a “Privacy Pearl Harbor.”

How much information collection is too much?

Threat intelligence sharing is necessary but only to a certain extent – businesses must make sure that reasonable security is not an unreasonable privacy invasion. There needs to be a reasonable amount of digital identity verification such as verifying one’s location or phone number when using a banking app. However, some businesses, including ride sharing services and major banks, have access to information about your entire location and activity history each time you use the app. With so much information stored on users’ mobile devices and in specific mobile apps, this often leads to an unreasonable privacy invasion beyond what is necessary for security measures. Instead, the recent influx of data breaches and privacy concerns calls for industry-wide authentication guidelines that do not compromise privacy.

Anonymized shared intelligence: authentication and privacy

To maintain a balance between privacy and security, businesses should leverage anonymized shared intelligence, behavior-based identity proofing and context-based authentication. At a minimum, industries operating online should self-enforce standards for controlling access to customer data from both insider and outsider theft without invading privacy.

Protecting customer and corporate identities

In addition to balancing privacy and security, businesses need to focus on protecting data in use in addition to data at rest. Data in use refers to customer or corporate identities that are used following a data breach without the individual’s knowledge. A key requirement for data protection is for businesses to ensure personally identifiable information is screened against unauthorized use prior to being processed. This can be done through device identification, malware detection and anonymized trust federation.

For more on preserving privacy while maintaining security, see:

ThreatMetrix Shares Strategies for Walking the Tightrope Between Consumer Online Privacy and Security

ThreatMetrix Shares Strategies for Businesses to Protect Identities in Use in Support of Data Privacy Day

At summit President acknowledges challenge of info sharing vs. privacy

In her story on techcrunch.com, Sarah Buhr discusses the primary themes that emerged from the President’s call for closer cooperation between government and the private sector. The following has been excerpted from her piece and edited to fit our format. You may find the complete article by clicking on this link.

A new sheriff in town

While pushing for that collaboration, he admitted it would be a challenge to both keep up with cyber threats and protect American’s right to privacy at the same time. “Protecting the American people while making sure government is not abusing its capabilities is hard. The cyberworld is sort of the Wild Wild West and to some degree we are asked to be the sheriff…”

President signs Executive Order

[Obama] signed an Executive Order….. One of those provisions encourages information sharing and analysis organizations (ISAOs), which would serve as points of contact for information sharing between the government and the private sector.

The order added the Department of Homeland Security to the list of government organizations that would be able to approve the sharing of classified information and ensure that proper information is shared between entities.

The Snowden effect

The big question here is whether the private sector will be willing to offer this information. Many companies are still reeling from Edward Snowden’s revelations that they were handing over consumer information to the U.S. government and have since taken measures to encrypt data, even from themselves.

Constructing a cathedral

Obama acknowledged the challenge to protect American citizens from cyber threats, but at the same time protect their right to privacy. [He] likened the process of technological development to building a cathedral.

“[T]hat cathedral will not just be about technology but about the values we have embedded in this system. It will be about privacy and security and about connection. A magnificent cathedral and we’re all going to be a part of that.”

ThreatMetrix builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions. These solutions authenticate consumer and workforce access to mission critical applications using real-time identity and access analytics that leverage the world’s largest trusted identity network.

ThreatMetrix secures enterprise applications against account takeover, payment fraud, fraudulent account registrations, malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes over 850 million monthly transactions and protects more than 210 million active user accounts across 3,000 customers and 15,000 websites.

The ThreatMetrix solution is deployed across a variety of industries, including financial services, enterprise, e-commerce, payments, social networks, government and insurance.

For more information, visit www.threatmetrix.com or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.

 

ThreatMetrix Cautions President and Participants at Cybersecurity Summit

Posted on February 13th, 2015 by Dan Rampe

Standard-Header-AF

ThreatMetrix’s Alisdair Faulkner Warns of a Possible “Privacy Pearl Harbor” Should Collecting Personal Info for Security Destroy Privacy

The long awaited presidential summit on cybersecurity taking place at Stanford University in Palo Alto, California brings together experts from industry, hi-tech, and law enforcement as well as consumer and privacy advocates, law professors who are specialists in the field, and students.

In its announcement of the Cybersecurity Summit, The White House says the Obama administration is pursuing five key priorities that will strengthen [the U.S.] approach to cybersecurity threats by:

  1. Protecting the country’s critical infrastructure — our most important information systems — from cyber threats.
  2. Improving our ability to identify and report cyber incidents so that we can respond in a timely manner.
  3. Engaging with international partners to promote internet freedom and build support for an open, interoperable, secure, and reliable cyberspace.
  4. Securing federal networks by setting clear security targets and holding agencies accountable for meeting those targets.
  5. Shaping a cyber-savvy workforce and moving beyond passwords in partnership with the private sector.

One key issue not touched upon in the White House announcement is the issue of privacy.

Alisdair Faulkner, ThreatMetrix chief products officer,  warns about losing privacy to gain security

In light of President Obama’s visit to Silicon Valley, now is a better time than ever to address online security and privacy. Collecting an unreasonable amount of personal information will lead to a “Privacy Pearl Harbor.”

How much information collection is too much?

Threat intelligence sharing is necessary but only to a certain extent – businesses must make sure that reasonable security is not an unreasonable privacy invasion. There needs to be a reasonable amount of digital identity verification such as verifying one’s location or phone number when using a banking app. However, some businesses, including ride sharing services and major banks, have access to information about your entire location and activity history each time you use the app. With so much information stored on users’ mobile devices and in specific mobile apps, this often leads to an unreasonable privacy invasion beyond what is necessary for security measures. Instead, the recent influx of data breaches and privacy concerns calls for industry-wide authentication guidelines that do not compromise privacy.

Anonymized shared intelligence: authentication and privacy

To maintain a balance between privacy and security, businesses should leverage anonymized shared intelligence, behavior-based identity proofing and context-based authentication. At a minimum, industries operating online should self-enforce standards for controlling access to customer data from both insider and outsider theft without invading privacy.

Protecting customer and corporate identities

In addition to balancing privacy and security, businesses need to focus on protecting data in use in addition to data at rest. Data in use refers to customer or corporate identities that are used following a data breach without the individual’s knowledge. A key requirement for data protection is for businesses to ensure personally identifiable information is screened against unauthorized use prior to being processed. This can be done through device identification, malware detection and anonymized trust federation.

For more on preserving privacy while maintaining security, see:

ThreatMetrix Shares Strategies for Walking the Tightrope Between Consumer Online Privacy and Security

ThreatMetrix Shares Strategies for Businesses to Protect Identities in Use in Support of Data Privacy Day

ThreatMetrix builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions. These solutions authenticate consumer and workforce access to mission critical applications using real-time identity and access analytics that leverage the world’s largest trusted identity network.

ThreatMetrix secures enterprise applications against account takeover, payment fraud, fraudulent account registrations, malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes over 850 million monthly transactions and protects more than 210 million active user accounts across 3,000 customers and 15,000 websites.

The ThreatMetrix solution is deployed across a variety of industries, including financial services, enterprise, e-commerce, payments, social networks, government and insurance.

For more information, visit www.threatmetrix.com or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.