April 20, 2018
April 18, 2018
Posted April 9, 2015
ThreatMetrix Outlines a New Approach in Line with FFIEC’s Joint Statements on Authenticating Customers and Employees
The Federal Financial Institutions Examination Council (FFIEC) has released joint statements dealing with stolen identities and malware that, combined, represent a threat not only to business, but to the entire financial system.
Alisdair Faulkner, ThreatMetrix chief products officer, on a new approach to authentication
“We’re not even halfway through the year and we’ve already seen data breaches of two major healthcare providers, Anthem and Premera, compromise the information of more than 90 million people. As the prevalence of personal data being breached continues to grow, financial institutions need a new approach to authentication and digital identity assessment.”
A summary of key FFIEC joint statements
Faulkner notes that digital identities power the underworld
“Forget Bitcoin, our digital identities are the cybercurrency that powers the underworld. Unlike credit cards that can be replaced, stolen identities and compromised devices are the gift that keeps on giving – pieces of a user’s digital identity can be used over and over again, with each attack increasing in sophistication on a daily basis. Combining stolen identities, compromised devices and newer device spoofing tools like Anti Detect and Fraud Fox, hackers can routinely bypass first generation authentication technologies still installed at banks. Financial institutions need new ways of assessing digital identities by leveraging global shared intelligence to detect when personal information and devices are being used illegitimately. When one financial institution’s network is breached, every financial institution becomes the target of the digital debris.”
The ThreatMetrix Global Trust Intelligence Network (The Network) offers features to help financial institutions protect themselves from compromised credentials and malware
The Network: real-time intelligence
In an environment where financial institutions must assume digital identities and devices are compromised before authenticating logins or transactions, The Network delivers real-time intelligence, providing businesses with consistent risk assessments of data and creating unique digital identities for users by mapping their online behaviors and devices to protect customers from fraudulent transactions.