Digital Identity Blog

Thought leadership for cybersecurity, fraud and digital channel professionals

ThreatMetrix Ensures Businesses Avoid Stiff OFAC Fines of $250,000 (or More)

By ThreatMetrix
ThreatMetrix®, The Digital Identity Company®, is the market-leading cloud solution for authenticating digital personas and transactions on the Internet. Verifying more than 20 billion annual transactions supporting 30,000 websites and 4,000 customers globally through the ThreatMetrix Digital Identity Network®, ThreatMetrix secures businesses and end users against account takeover, payment fraud and fraudulent account registrations resulting from malware and data breaches.
Follow ThreatMetrix ThreatMetrix's Most Recent Posts:

The ThreatMetrix TrustDefender Cybercrime Protection Platform’s Location Detection Capability Maintains Business Compliance with OFAC Regulations

The United States Treasury’s Office of Foreign Assets Control (OFAC) regulations prohibit American corporations from doing business with embargoed or restricted countries or entities. The problem is it’s often difficult for businesses such as banks to discover customers’ true locations.

Heavy fines for infractions

Maintaining privacy and protecting personal data might be legitimate reasons for some companies to disguise their locations. However, using proxy servers, TOR network, etc, cybercriminals intentionally hide their locations and place banks and other entities innocently doing business with them in jeopardy of violating OFAC regulations, which have substantial penalties — fines up to $250,000 per incident or twice the value of the offending transactions, whichever is greater.

Most detection outdated

As it stands, most companies use outdated technologies such as IP addresses to determine a customer’s location. These are the equivalent of facing a tank with a BB gun when it comes to cybercriminals who use sophisticated techniques that alter their IP addresses and make it look like they’re in a friendly country (by OFAC standards).

Bert Rankin, chief marketing officer

“We’re addressing a major gap and solving a growing problem in the way business is conducted,” said Bert Rankin, chief marketing officer, ThreatMetrix. “Banks and institutions are significantly impacted when OFAC regulations are violated. France’s largest bank, BNP Paribas, for instance, was recently fined $8.9 billion. This doesn’t have to happen. Our SaaS-based fraud prevention solution is easy to implement and can provide measurable financial benefits to the businesses, in addition to protecting their reputations.”

TrustDefender Cybercrime Protection Platform

The ThreatMetrix TrustDefender Cybercrime Protection Platform significantly enhances an organizations’ ability to comply with OFAC regulations by detecting location spoofing and identifying users’ true locations. The platform’s real-time trust analytics enable context-aware security combining device, identity, and behavioral analytics with collaborative feedback from millions of users across thousands of sites to accurately identify good users and block out cybercriminals.

Additionally, the TrustDefender platform provides organizations with an accurate assessment of suspicious account registrations and transactions as well as the ability to instantly determine if a request or transaction should be blocked, prohibited, accepted or held for manual review.

The Network

Leveraging global intelligence from the world’s most comprehensive database, the ThreatMetrix Global Trust Intelligence Network (The Network), the platform is able to detect hidden proxies, Virtual Private Networks (VPNs) and other methods used to conceal visitors’ true locations.

Using real-time advanced device profiling and data from The Network to detect proxy use and evaluate the entire context surrounding each transaction, ThreatMetrix’s solution includes:

  • Device analytics: Uniquely identifies each device, determines its location, association with the user, and ties to criminal activity or hacker rings. It detects the presence of proxies, anonymizers, bots or malware and exposes other anomalies that may indicate fraudulent locations, hacking or a compromised device.
  • Identity analytics: Pinpoints the end user’s association(s) with trusted entities, or any history or affiliation with crime, fraud, or hacking activities.
  • Behavior analytics: Analyzes normal login patterns such as login frequencies, locations, typical access times, login names, and devices used.
By ThreatMetrix Posted