BlogEMEA Press

March 21, 2013

Using Behavior to Identify and Stop Financial Cybercriminals Worldwide

In fighting fraud, there is great power in simplicity. This is the driving idea behind ThreatMetrix™ Cybercrime Defender Platform, which provides a unified view of users and devices. Now, financial institutions worldwide no longer need to piece together multiple solutions and sort through mountains of data to identify fraudulent identities and transactions. They rely on ThreatMetrix to identify cybercriminals.

There’s a new addition to the ThreatMetrix Cybercrime Defender Platform that makes it even harder for fraudsters to hide their identity – no matter how hard they try or how many layers of concealment they put up. It is behavioral analysis. Now, suspicious behavior is uncovered in real-time by associating related activity with connected “entities” such as email addresses, transactions, accounts, devices, IP addresses, geo-location, proxies, and physical addresses.

The platform delivers real-time linking of a current transaction to related transactions, and it’s all neatly done through a matrix of attributes that are associated with the visitor, the device and the connection. It makes it possible to create customer-specific user profiles, and then score the divergence (anomalies) or convergence (similarities) between current and historical attributes. This gives financial institutions a truly comprehensive view of fraud and security.

Alisdair Faulkner, our Chief Products Officer, gave me some clear insights into how this works. He told me that, should an identity be stolen and used on a compromised device by a cybercriminal or state-sponsored hacker, the ThreatMetrix Cybercrime Defender Platform will detect the threat and send an alert.

Cybercriminals and cyberterrorists are exploiting the fact that many of today’s traditional authentication and verification systems rely largely on breached personal data, which is easily discoverable or self-disclosed on popular social networks. In 2012 alone, Yahoo!, eHarmony, Zappos, LinkedIn, Global Payments and a host of others were hit with data breaches. Cybercriminals stole hundreds of millions of pieces of personal information, including credit cards, national identity cards and passwords.

Alisdair described how we circumvent these attacks through the ThreatMetrix Global Threat Intelligence Network that is a repository of devices, anonymized identities, transactions and interactions. We enable our customers to query this repository in real-time to determine whether a transaction is by a legitimate customer or actually by a cybercriminal hiding behind a spoofed or stolen alias. ThreatMetrix’ platform creates a user profile through link analysis of the user’s devices in conjunction with all their related entities and activity over time.

All ThreatMetrix identities collected in the ThreatMetrix Global Threat Intelligence Network are anonymized to enable the sharing of data without compromising or leaking personal data. In comparison to other identity profiling solutions, only ThreatMetrix matches the device – computer, tablet or smartphone – used in a transaction. This gives financial service firms, e-commerce companies, government agencies, enterprises and social media networks confidence that the device used in a transaction has ownership of identities and vice versa.

It’s a simple approach with powerful results!