Real-time passive authentication to verify online access and control

Government institutions and civilian organizations responsible for critical infrastructure use ThreatMetrix® to avoid security breaches, prevent unauthorized account access and secure remote logins.

Cybercriminals target government resources and public infrastructure using increasingly sophisticated cyberattacks to compromise user accounts and steal, threaten or damage assets.

ThreatMetrix passively authenticates online users and detects latent threats from malware and Trojans hidden on their devices. Our powerful analytics help block threats and recognize digital identities by the ever-changing associations between people, their devices, locations, account credentials and behaviors.

Cybercriminals are experts at manipulating people into performing risky actions or divulging sensitive information. The dawn of new human-like and attractive avatars powered by artificial intelligence pose new safety concerns as they can foster a sense of trust and disarm otherwise prudent professionals to disclose sensitive information. The truth is that human error is gaining recognition as perhaps the weakest link in the security chain.

ThreatMetrix safeguards against malicious intrusions even for users with valid login credentials. Dynamic authentication based on device, location, identity and threat intelligence provide high-fidelity authentication in real time. Behavior intelligence identifies patterns of normal behavior, and ultimately identifies behaviors that deviate from the norm, which can then be flagged as high risk.


Our partnership with ThreatMetrix has allowed us to augment our network-level data with device analytics to make better fraud decisions. By using Digital Identities, we can provide a more streamlined authorization process, improving overall card usage while reducing fraud.

— Mark Nelsen, SVP, Risk Products, Visa Inc.

Critical infrastructure associated with electric power, natural gas/petroleum production and distribution, telecommunications, transportation, water supply, banking and finance, emergency and government services, and agriculture is highly complex and essential for national well-being. Many of these assets can be managed online via process control systems (PCS) or supervisory control and data acquisition (SCADA) systems.

ThreatMetrix secures these web-enabled systems from unauthorized access and secures online interactions across all digital channels. Our solutions aggregate digital transactions from across the globe and then stitch together digital identities by recognizing the constantly changing relationships between individuals, their behaviors, locations and devices. This helps pinpoint fraudsters and produces up to a 95-percent recognition rate for return visitors.


The ThreatMetrix solution is an excellent tool for us in looking at new and evolving attacks. The evolution of key elements such as remote access takeover, Persona ID, Smart ID, has been excellent.

— Andy Renshaw, Lloyds Banking Group

Legacy systems can prove vulnerable, especially given that fraud is dynamic and constantly evolving. These older systems typically require deep specialization to maintain, usually by an original IT staff member who may have already left the organization. Aside from the cost and time to apply OEM patches, adding new product security features can be onerous.

ThreatMetrix layers on top of existing applications quickly and easily to provide state-of-the-art cybercrime protection for even the most antiquated IT infrastructure.


We were able to do a quick installation on our own and integrate it into our existing systems without interrupting the customer experience. With ThreatMetrix, we have deeper visibility into the profile of our online banking customers – differentiating good, returning customers from cybercriminals hiding behind proxies to disguise their true location – while also identifying what devices they are using regardless of the location.

— Anthony Vitale, Vice President Information Technology, Patelco Credit Union

Bots and botnets are typically launched by computers that are unknowingly infected with malware controlled by hackers. They can execute large-scale scripted attacks that are fully automated, but occasionally designed to mimic human behavior so as to go undetected. Bots can be used to test stolen identities and subsequently open new accounts or take over existing ones. They can also launch denial of service attacks and steal sensitive credentials.

ThreatMetrix layers on top of existing security infrastructure and passively authenticates digital identities across devices to detect even the most sophisticated “low-and-slow” bot attacks without compromising the digital experience. This can help address granular intrusion where bots are specifically designed to mimic human behavior and bypass profiling by a web application firewall.


A behavioral approach correlating users, devices and personal characteristics is the only way of detecting fraudulent activity that follows approved business logic. ... Web behavior analytics is a formative market, but ThreatMetrix has been able to channel its ability to identify users and devices into business benefits for website operations.

— Eric Ogren, David Immerman, 451 Research, May 2016

Schedule a Consultation

Talk to a ThreatMetrix expert to see how we can help your business.

Learn More
close btn