An extension to the ThreatMetrix™ TrustDefender™ Cybercrime Protection Platform, the Spring 2014 Release is an update that delivers enhanced endpoint and context intelligence for mobile activity through a solution built on the ThreatMetrix™ Global Trust Intelligence Network (The Network).
More and more account logins and transactions are done via mobile devices. It’s true of both consumers and the workforce. Last year, mobile represented one third of total traffic on The Network. By the end of this year that number will jump to 50 percent. Cybercriminals are just as aware of these numbers as anybody. So, it’s no surprise they’re going to go where the money is.
For protection for themselves and their customers without compromising the intuitive user experience of mobile apps and browsers, more and more companies are turning to advanced fraud prevention and context-based security.
“Mobile device usage for e-commerce and banking will continue to rise and in order to prevent the associated risks, businesses must have the capabilities to effectively analyze mobile activity to detect returning authentic customers and device anomalies that indicate malicious behavior,” said Mustafa Rassiwala, senior director of product management, ThreatMetrix. “This includes differentiating between normal and jailbroken devices, as users with jailbroken devices are more likely to engage in criminal activity.”
With the Spring 2014 Release, The Network protects against mobile cybercrime using:
• Enhanced Mobile Identification: With the enhanced mobile software development kit (SDK), businesses can now detect jailbroken devices. This information often indicates that the mobile operating system has been breached and the security of all applications has been compromised. Cybercriminals typically jailbreak stolen mobile devices to gain full access to the original owner’s personal information. Additionally. sophisticated attacks can remotely jailbreak end users’ mobile devices to set up Man-in-the-Middle attacks and easily compromise sensitive information – including social media, banking and e-commerce website logins.
• Mobile-Specific Context Information: GPS-based location detection enables businesses to implement geo-fencing and accept transactions only when end users are within a specified proximity of an approved location. For example, banks may want to restrict certain high risk activities — adding new payments and money transfers on mobile devices for example — to when a user is in close proximity to his/her home address.
“By implementing enhanced location-based authentication capabilities and device recognition comprised of mobile jailbreak detection, identity, behavior and threat intelligence, businesses can establish trust for mobile activity without compromising user identity or convenience,” said Rassiwala. “ThreatMetrix analyzes each mobile activity such as user login or credit card purchase by combining intelligence from billions of previous transactions in The Network, the largest trusted identity network of shared intelligence, to provide businesses with the most comprehensive identity authentication solution on the market.”
With these new capabilities, ThreatMetrix offers comprehensive mobile protection with:
• Mobile SDK for Android and iOS to uniquely identify mobile devices
• Cookieless smart identification of devices when using mobile browsers
• Identity and account authentication using analytics that combine anonymized persona information, behavior and transaction context
“Businesses should rightfully focus on offering the best user experience on mobile apps without compromising on security and fraud prevention,” said Rassiwala. “Developers should not have to deal with low level device identification attributes that change periodically and ThreatMetrix regularly updates its mobile SDK leveraging the latest operating system enhancements to remain compliant and secure.”