March 27, 2019
With 800,000 merchant locations served, 1,400 financial institution relationships, and counting 10 of the top 25 national retailers as its clients, Vantiv is one of the largest payments processors in the U.S., with a legacy spanning more than 40 years. Vantiv’s ethos is to make payment processing easy; its vision is to facilitate smarter, faster and easier payments to promote business growth and success.
As data breaches become more commonplace, stolen identity and payment credentials are fueling the fire of cybercrime. It was imperative that Vantiv customers could accurately pinpoint high-risk payment transactions in real time, before their business was compromised.
The challenge was static identity assessments were near useless when pitted against a fraudster using stolen identity data. Vantiv needed a partner who could provide dynamic digital identity intelligence that leveraged all the online connections a user made as they transacted online. With ThreatMetrix, Vantiv’s eCommerce payment platform was supported by the world’s largest digital repository of digital identities, which harnesses global shared intelligence from millions of daily consumer interactions including logins, payments and new account applications.
The Rise in Identity Testing in The Nonprofit Sector
In addition to eCommerce, in-store, omni-commerce merchants and financial institutions of all sizes, Vantiv has a sizeable number of customers in the nonprofit sector, and several were experiencing a rise in identity testing attacks. These entities typically try to minimize any barriers to donate, which means sign-up procedures for new accounts and payments are as simple as possible. The downside is that this simplicity also appeals to fraudsters wanting to test stolen identity/credential data without the risk of detection.
These organizations were being actively targeted by fraudsters attempting to make small value payments (typically between $1-$5), testing the validity of stolen credentials before moving onto higher value purchases elsewhere. Successful attempts were the gateway to big ticket items on other sites.
The challenge was that these attacks were happening extremely quickly and were hard to detect. They were also a significant drain on very limited resources and were increasing the volume of chargebacks and fees. Vantiv wanted to help its nonprofit customers validate their online payments without compromising the user experience for trusted donors and members.
Securing Vantiv’s Ecommerce Platform With Global Shared Intelligence From ThreatMetrix Digital Identity Network
Vantiv needed a way to detect behavior that looked high-risk or suspicious; that could accurately pinpoint a fraudster who was cloaking their location, testing multiple payments from a single device, or performing a series of high velocity/low value payments to one platform in quick succession.
The best way to tackle these complex, evolving cybercrime tactics is using the power of a global shared network. The ThreatMetrix Digital Identity Network collects and processes global shared intelligence from millions of daily consumer interactions across thousands of global websites. Using this information, ThreatMetrix creates a unique digital identity for each user by analyzing the myriad connections between devices, locations and anonymized personal information. Behavior that deviates from this trusted digital identity can be accurately identified in real time, alerting Vantiv customers to potential fraud. Suspicious behavior can be detected and flagged for customer review, step-up authentication or rejection before a transaction is processed, helping Vantiv provide a frictionless payment service to its customers.
Working together with ThreatMetrix, Vantiv can offer different levels of fraud protection based on individual customer needs. Vantiv provides first-level protection, including address verification, security code checks, card velocity checks, prior chargeback, and fraud advice, among other capabilities. These services are further supported by a number of additional capabilities from ThreatMetrix, such as:
- ThreatMetrix Trust Tags: These enable customers to differentiate between fraudsters and legitimate users. Trust can be associated dynamically with any combination of online attributes such as devices, email addresses, card numbers or any other attributes involved in accepting, rejecting or reviewing a transaction.
- ThreatMetrix deep connection analysis technologies: These give customers a clearer view of anomalous events. Fraudsters often attempt to hide behind location and identity cloaking services such as hidden proxies, VPNs and the TOR browser. ThreatMetrix accurately detects the use of these technologies and, in the case of proxies and VPNs, allows customers to see the true IP address, geolocation and other attributes of each event, backed by global identity data over time.
- ThreatMetrix Smart ID: This capability helps customers recognize a returning device even when cookies are deleted/disabled. Derived from the analysis of many browser, plug-in, and TCP/IP connection attributes, Smart ID generates a confidence score that helps customers identify when fraudsters are using the same device to make multiple payments.