March 27, 2019
Following precedents set by the eCommerce and financial services industries, insurers are being coerced down a path to digital transformation by Insurtechs who are disrupting the industry. Established and emerging players are challenging traditional insurance firms through technological innovation by building digital products and fulfilling consumers’ changing expectations.
Identity theft, policy fraud and fraudulent claims are top concerns for insurers. It is becoming more and more critical to ensure that the person logging in to view a policy, edit personal details or make a claim is the legitimate, trusted customer and not a fraudster masquerading as the policyholder.
Financial loss resulting from hijacked customer accounts, rate evasion, and fraud rings, is not solely restricted to insurers. Legitimate policyholders share the financial burden of insurance fraud by way of increased premiums.
The challenge for insurers is how to effectively integrate digital solutions with legacy systems to process timely and accurate quotes and claims without compromising security and adding friction.
Passwords alone are no longer sufficient protection for online accounts, as they can be cracked in minutes by experienced hackers or bought on the dark web due to an earlier breach. Although two factor authentication (2FA) provides an extra security layer to verify user identity, it doesn’t protect against Malware or social engineering attacks, as fraudsters can hijack legitimate login sessions.
The Value of Establishing Trusted Customer Behavior
Knowing who policyholders are, and how and when they transact, can detect suspicious behavior or compromised devices before accounts are infiltrated by cybercriminals. Insurers need to be able to continually recognize returning customers while seamlessly integrating this validation process into existing business processes without adding unnecessary friction. Insurers must adopt layers of defense, for example profiling the precise behavior on an account (including any change of details), accessing shared intelligence of known fraud, as well as detecting the presence of malware or remote access control.
Authenticate Returning Customers Without Adding Friction
ThreatMetrix has a market leading fraud solution that can protect insurers from account takeover by passively authenticating returning customers. The ThreatMetrix Cybercrime Protection Platform adopts a layered approach to effectively identify up to 95% of returning customers, reducing friction and fraud.
The ThreatMetrix Digital Identity Network
This network underpins the ThreatMetrix solution and leverages global shared intelligence from millions of daily consumer interactions including logins, payments and new account originations. Using this information, ThreatMetrix stitches together a customer’s true digital identity by analyzing the myriad connections between devices, locations and anonymized personal information.
Leveraging User Identity and Behavior Patterns to Detect Threats
Digital Identities within the ThreatMetrix Digital Identity Network show a pattern of trusted behavior by incorporating anonymized non-regulated personal information such as user name, password and email address with device identifiers, connection and location characteristics. At the same time, ThreatMetrix profiles all devices accessing a website (desktops, laptops, smartphones, or tablets), to identify the presence of malware or other anomalies that might indicate a high-risk login attempt. High-risk anomalies can be easily identified and flagged for review or automatic rejection. Insurers can confidently detect key situations that put user accounts at risk including:
- Attempted logins using stolen credentials: Detect new devices for existing users, attempted logins from unusual locations or via hidden proxies / VPNs, and multiple account access using a single device.
- Logins from risky or compromised devices/users: Detect unusual device or user behavior that might suggest fraudulent takeover.
- Malware targeting logins: Detect evidence of malware on a legitimate user’s login session.
- Credential replay attacks or session hijacks: Detect when a device changes between a login and a transaction, or when cookies are copied between devices.
- Botnets automating password guessing: Detect high velocity password attempts, unusual packet fingerprints, known botnet participation, and other symptoms of a scripted attack.
Personalizing the ThreatMetrix Solution to Your Business
ThreatMetrix offers a powerful yet easily customizable Policy Engine that allows you to incorporate your own business processes and tolerance for risk. This allows your business to fine tune and automate responses to login sessions. Every business faces different exposure to fraud risk; with ThreatMetrix you have the ability to tailor the solution to meet these varying and evolving business needs. For example, you may:
- Allow account access from known good customers on known devices with no evidence of malware or compromise.
- Deny logins from highly suspicious situations or known botnet participants.
- Implement step-up, “out-of-band” authentication or manual reviews only for suspicious and high-risk logins.
What Gives ThreatMetrix the Advantage?
ThreatMetrix offers the broadest combination of defenses against account takeover in a solution that imposes little burden on your IT resources or your customers:
- Rapid, lightweight deployment: The ThreatMetrix Cybercrime Protection Platform is a cloud-based solution, meaning you don’t need to add servers or additional infrastructure to protect account logins.
- Up-to-date global insight: Integration with the ThreatMetrix Digital Identity Network gives you constant access to current fraud intelligence, including known botnets, global device behavior, and the identity of known fraudsters.
- Real-time responsiveness: ThreatMetrix delivers real-time insight, so you can identify fraudsters before they breach accounts and compromise your business.
- All logins protected without adding friction: Unlike strong authentication solutions that require token deployments and extra user steps to log in, the ThreatMetrix solution easily secures all logins without unnecessary friction.
- Integration with third-party services: The ThreatMetrix solution has a number of fully integrated third party services, such as 2FA and Carrier ID, providing additional verification for high-risk or anomalous login attempts. Businesses can onboard relevant services without friction, streamlining end-to-end fraud management.
- Detailed analysis and reporting: ThreatMetrix provides visualizations and analytical reports that allow your security and fraud analysts to see and understand enterprise application activity, and take proactive steps to improve security and reduce fraud.