New ThreatMetrix TrustDefender Mobile App Enhancement Helps Businesses Meet PCI DSS

Posted March 18, 2015


Extended Mobile App Reputation and Device Analysis Enables Businesses to Meet Latest Payment Card Industry Data Security Standards

ThreatMetrix’s latest TrustDefender Mobile release, the mobile software development kit (SDK), helps ThreatMetrix customers identify fraudulent behavior and reduce friction for transactions originating from mobile apps.

Android and iOS devices

In addition to Android, the release extends ThreatMetrix’s industry-leading Mobile App Reputation and Integrity capability to iOS devices.

Dean Weinert, ThreatMetrix director of mobile products, on stopping malware apps from different vendors

“One of the challenges our customers face in the mobile channel comes with the explosion of apps from a multitude of different vendors – many of which are used as vehicles to deliver malware. It’s important for businesses to distinguish between real, trusted apps and apps that have been altered, but that requires a significant amount of data, especially for mobile devices. ThreatMetrix provides a solution that is lightweight on users’ devices, putting those device attributes and threat risks into our digital identity network. The network is constantly learning about the growing mobile attack surface so our customers don’t have to.”

One billion transactions analyzed each month

This month, ThreatMetrix announced that the ThreatMetrix Global Trust Intelligence Network (The Network), the largest digital identity network in the world, has reached one billion transactions analyzed monthly, more than 250 million of which originate from mobile devices from more than 200 countries. The ThreatMetrix mobile solution further enhances the value of The Network by creating an anonymized digital identity of consumers based on device, persona and behavior from every transaction and comparing it in real time to previous activity. This growing network enables ThreatMetrix customers to understand users and associated devices, gain effective fraud intelligence without in-house expertise and ensure application integrity to stop fraud, not customers.

Vanita Pandey, ThreatMetrix senior director, strategy and product marketing, on the expansion of mobile in banking and ecommerce

“Mobile and other connected devices are fast becoming the leading way for users to access commerce and banking services. Mobile is the biggest emerging opportunity and risk for businesses and financial institutions trying to deliver frictionless experiences to their customers. Continued growth of mobile payments and banking will lead to stricter rules and regulations to secure these transactions.”

New mobile 2015 Payment Card Industry Data Security Standards

The recently instituted 2015 Payment Card Industry Data Security Standards (PCI DSS) for mobile devices are now stricter, including requirements for detecting rooted or jailbroken devices, detecting malware, and more.

The latest release of TrustDefender Mobile delivers enhanced capabilities to meet these new standards including:

  • Mobile App Reputation extended to iOS devices in addition to Android – This provides protection against malware and malicious applications across these platforms. Leveraging the intelligence from The Network with real-time reputation data from more than 14 million applications, ThreatMetrix can identify and classify millions of mobile applications, compared to the hundreds identified by competitors.
  • New mobile-specific attributes analyzed – The newest attributes analyzed by ThreatMetrix include additional details of device networks and security, as well as details of application “deep linking” to further identify unique devices and more importantly, to highlight devices compromised by malicious actors and malware.
  • Continues to leverage The Network – As with all ThreatMetrix products, the newest release is fully integrated with the ThreatMetrix digital identity network and analysis engine to help stop cybercriminals across mobile and other connected devices, using a common set of intelligence and policies.

iOS gains in the marketplace could make it a more tempting target

“iOS drives a significant percentage of mobile commerce,” said Pandey, “During Cyber Week 2014, The Network found that 39 percent of transactions originated from mobile devices, with nearly 80 percent of those transactions originating from iOS. While Android is at higher risk for malware, iOS is more prevalent. Extending the Mobile App Reputation and Integrity capabilities of TrustDefender Mobile to iOS offers our customers a more consistent solution.”

Visit ThreatMetrix at MRC Vegas 2015

ThreatMetrix is sponsoring and exhibiting its latest TrustDefender Mobile capabilities in booth 119 at MRC Vegas 2015, the industry-leading conference for merchants to discuss the latest trends in risk and payments, March 23-26 in Las Vegas. ThreatMetrix will participate in several speaking sessions and panels at the event, including:

Merchant Focus Group – Tuesday, March 24

  • 12:15-1:30 p.m. PST, Bristlecone 3 Room
  • Speaker: Carmen Honacker, director of customer advocacy at ThreatMetrix
  • Topic: Building a Fraud Prevention Community (Invite Only)

Ignite Session – Tuesday, March 24

  • 4:00-5:00 p.m. PST, Pinyon 2 Room
  • Speaker: Bert Rankin, chief marketing officer at ThreatMetrix

Speaking Session – Thursday, March 26

  • 9:55-10:35 a.m. PST, Bristlecone 3 Room
  • Speakers: Carmen Honacker and Peter Zeigler, senior products manager at TripAdvisor
  • Topic: Beyond Device ID: Using Digital Identification to Reduce E-Commerce Fraud

Joint ThreatMetrix and TripAdvisor session at MRC Vegas

Attendees at the joint ThreatMetrix and TripAdvisor speaking session on the final day of MRC Vegas will learn why and how e-commerce businesses need to move beyond simple device identification through the use of cookies to include other criteria. Cookies are easily compromised by hackers and privacy-conscious users alike. To complicate matters, IP address information is dangerously easy to spoof by using proxies, virtual private networks (VPNs) and botnets. This session will discuss how e-commerce merchants can take into account the context of an online event, resulting in historical evidence of persona behavior across all data.

For more information on MRC Vegas, visit

LexisNexis Risk Solutions | ThreatMetrix

LexisNexis Risk Solutions | ThreatMetrix

close btn