November 21, 2017
Real-time passive authentication to fight fraud and safeguard sensitive information
Government organizations use ThreatMetrix® to instantly verify the true identities of users and constituents while stopping cybercriminals and fraudsters armed with stolen identities.
Digital benefits, tax, financial, regulatory and information sharing services make the government more efficient and provide key benefits to stakeholders. Users depend on instant and secure access to these critical services that are central to our economic system and national security.
ThreatMetrix passively authenticates online users to instantly block threats and recognize identities using global intelligence that connects the dots between the continuously changing associations between people, their devices, locations, credentials and online behaviors in real time.
Fraudsters and cybercriminals use stolen identity credentials to divert government payments and steal benefits. With the push to digitize a growing number of government services — from bill payment and collection, to managing retirement benefits, to making loans and awarding governments contracts and more — the risks from cybercrime are growing fast. However, traditional forms of identity assessment can’t differentiate between a legitimate user and a criminal using valid credentials.
ThreatMetrix protects the financial integrity of government services from fraudsters and cybercriminals, even if they’re using valid credentials. By understanding the digital DNA of users and their unique online footprints, ThreatMetrix knits together trusted digital identities government agencies can rely on, and that can never be faked or stolen.
Government agencies offer a wide range of citizen and stakeholder services, from issuing visas to providing healthcare coverage. Programs are mandated to ensure access to qualified stakeholders while keeping out individuals that seek to abuse the system and commit fraud. With an ever-increasing amount of consumer and stakeholder data compromised and for sale, agencies are increasingly challenged to differentiate between qualified beneficiaries and fraudsters.
Through the power of global digital identity intelligence, ThreatMetrix enables government agencies to recognize more than 1.4 billion legitimate and fraudulent identities from more than 4.5 billion devices across the globe. This produces up to a 95-percent recognition rate to distinguish between qualified beneficiaries and cybercriminals.
Regulatory agencies collect highly sensitive corporate business data in the course of fulfilling their missions. This is data that can move markets. The unauthorized release of any of this data could be extremely detrimental to regulated parties and to the reputation of the regulator. Fraudsters and cybercriminals are continuously evolving their attacks to gain access to this data, using increasingly sophisticated technologies and approaches.
ThreatMetrix secures web-enabled systems from unauthorized access across all digital channels. Our solutions aggregate millions of transactions from across the globe in real time, harnessing the power of fraud-proof digital identities so users are recognized and fraudster are blocked—instantly.
Defense, Homeland Security, Law Enforcement and many other agencies manage systems containing vast amounts of data that must be kept simultaneously secure and instantly accessible for users who need it to protect our country. Providing this kind of secure access within and across agencies, as well as with applicable state, local and private sector interests, can create vulnerabilities that our adversaries try to exploit.
ThreatMetrix safeguards against malicious intrusions through risk-based authentication that employs a layered approach to defense, focusing resources on high-risk or anomalous events. This provides government agencies with a comprehensive solution that detects unauthorized access using stolen credentials, without adding friction for legitimate users.
The National Institute of Standards and Technology has issued Special Publication 800-63-3, Digital Identity Guidelines to help agencies protect digital government programs.
- Accurately identify and authenticate users
- Protect critical systems
- Identify fraudulent behavior
Cybercriminals use stolen credentials and scripted bot attacks to relentlessly attack online systems. When they encounter step-ups, fraudsters are often equipped with answers to challenge questions and other personally identifiable information, making static identity verification highly unreliable.
- Authenticate users based on dynamic data that can’t be faked or stolen
- Establish normative behavior patterns with behavioral intelligence
- Identify anomalies that can signal fraud
When it comes to digital government services, stakeholders expect a straightforward account creation and login process. They want smooth, efficient service, and they demand security. But they don’t like step-up authentication that impedes their experience and often makes them feel like they’re being treated like criminals.
- Instantly recognize legitimate users
- Enable a personalized experience
- Block cybercriminals without adding user friction
In an increasingly connected world, real-time detection of potential threats continues to challenge government services. Legitimate users can sometimes behave unpredictably. And sophisticated fraudsters use techniques to mimic legitimate user behavior.
- Detect and analyze changes in user behavior
- Define advanced rules with behavioral analytics and customizable toolsets
- Accurately identify fraudulent behavior
Static forms of authentication that rely on usernames and passwords are simply no longer effective. Forcing out-of-band authentication on everyone creates an alienating experience. The key is to use step-up authentication only when necessary.
- Authenticate users and detect threats in real time
- Achieve superior fraud protection
- Reduce customer friction
Cybercriminals gain unauthorized account access using credentials obtained through phishing attacks, compromised devices, malicious personas, shared passwords, keyword loggers and other tricks.
- Identify 95 percent of returning users
- Streamline the login process
- Recognize fraudsters in real time