ThreatMetrix Financial Institution Authentication Strategies for Stopping Malware and Compromised IDs
Posted April 9, 2015
ThreatMetrix Outlines a New Approach in Line with FFIEC’s Joint Statements on Authenticating Customers and Employees
The Federal Financial Institutions Examination Council (FFIEC) has released joint statements dealing with stolen identities and malware that, combined, represent a threat not only to business, but to the entire financial system.
Alisdair Faulkner, ThreatMetrix chief products officer, on a new approach to authentication
“We’re not even halfway through the year and we’ve already seen data breaches of two major healthcare providers, Anthem and Premera, compromise the information of more than 90 million people. As the prevalence of personal data being breached continues to grow, financial institutions need a new approach to authentication and digital identity assessment.”
A summary of key FFIEC joint statements
- Compromised Credentials – Whether an employee or administrator (and this is especially true for customers), banks can no longer trust the static identity of a user login or transaction. Even if a bank’s internal systems can’t be compromised, a bank’s customers and employees can be.
- Destructive Malware – Banks have to continuously evaluate the health and risk of devices being used to access data or perform transactions. The same holds true for an employee accessing services remotely from his or her tablet, or for a sanctioned locked-down PC.
- Shared Intelligence – To defeat malware and compromised credential threats, financial institutions have to look beyond their firewalls and share actionable threat intelligence about unauthorized account access attempts and attack patterns.
Faulkner notes that digital identities power the underworld
“Forget Bitcoin, our digital identities are the cybercurrency that powers the underworld. Unlike credit cards that can be replaced, stolen identities and compromised devices are the gift that keeps on giving – pieces of a user’s digital identity can be used over and over again, with each attack increasing in sophistication on a daily basis. Combining stolen identities, compromised devices and newer device spoofing tools like Anti Detect and Fraud Fox, hackers can routinely bypass first generation authentication technologies still installed at banks. Financial institutions need new ways of assessing digital identities by leveraging global shared intelligence to detect when personal information and devices are being used illegitimately. When one financial institution’s network is breached, every financial institution becomes the target of the digital debris.”
The ThreatMetrix Global Trust Intelligence Network (The Network) offers features to help financial institutions protect themselves from compromised credentials and malware
- Persona ID – Persona ID enables financial institutions to connect users with their related attributes and activities. Included in these attributes and activities are email addresses, payment details, past transactions, accounts, devices, location, proxies etc. These details are tied to digital “personas.” And, incoming transactions are evaluated against the corresponding digital identities in real-time and enables ThreatMetrix to distinguish legitimate users and cybercriminals.
- Layered Approach – Rather than providing “Bigger Data,” which creates too many alerts to act on quickly, The Network uses pin-point decision analytics to assess devices, threats, personas and behavior across its anonymized digital identity network. This makes it possible to accurately identify cybercriminals in real time without added customer friction.
The Network: real-time intelligence
In an environment where financial institutions must assume digital identities and devices are compromised before authenticating logins or transactions, The Network delivers real-time intelligence, providing businesses with consistent risk assessments of data and creating unique digital identities for users by mapping their online behaviors and devices to protect customers from fraudulent transactions.