January 10, 2019
In a digital first world, businesses need to quickly and accurately recognize their customers and prospects, and do so without friction. Unfortunately, traditional user authentication methods are simply no longer effective or practical. With increasing data breaches and other high-tech compromises, cybercriminals can easily and convincingly impersonate legitimate online customers and prospects using widely available stolen credentials. Worse, traditional authentication approaches that use a blanket policy across the entire user base cause unnecessary and cumbersome disruptions, leading to a negative user experience.
ThreatMetrix takes a practical, user-centric approach to authentication. The ThreatMetrix solution can authenticate most users passively and invisibly via strong device binding, advanced behavioral biometrics and deep connection location analysis, coupled with unmatched global identity and threat intelligence. With industry-leading identity recognition rates, nearly all customers and prospects can be accurately and safely authenticated with no disruption. Because authentication is tightly interwoven with identity and fraud management, the appropriate authentication challenge is initiated only when necessary, based on a complete assessment of the actual risk posed. This intelligent, coordinated approach provides superior user identification and fraud protection while minimizing the impact to customer service and company resources.
ThreatMetrix takes a practical, user-centric approach to authentication.
Many businesses are now considering smartphone biometric authentication methods, which have become more relevant and accepted. However, adopting third party and custom authentication services can be complex and protracted, involving contract negotiations, proof of concepts and careful integration management, placing further drain on limited resources. ThreatMetrix Authentication Orchestration simplifies end-to-end authentication orchestration by allowing businesses to unite ThreatMetrix fraud prevention tools with prepackaged third party services as well as enabling custom services integration.
ThreatMetrix Authentication Orchestration is supported by a REST-based API that provides a bridge to cloud and enterprise data sources and services. Integration is as straightforward as plug and play and can be achieved in a matter of weeks, usually with minimal IT support.
Advanced Integration With an Extensive Open Ecosystem
ThreatMetrix Authentication Orchestration is powered via our Dynamic Decision Platform, which unites digital and threat intelligence with integration and orchestration, real-time analytics and decision management. Most importantly, this platform is underpinned by the ThreatMetrix Digital Identity Network which harnesses real-time shared intelligence from billions of transactions worldwide. This builds a unique picture of true digital identity by analyzing connections between devices, locations and myriad pieces of anonymized personal information.
ThreatMetrix Authentication Orchestration can extend the core platform’s capabilities to include prepackaged third party and custom services. Core third party authentication services include:
- One Time Password (OTP) Services: Verify a user or suspicious device with two-factor authentication (2FA) using one-time passcodes sent over SMS, email and voice channels. ThreatMetrix Authentication Orchestration enables businesses to selectively invoke challenge responses when other friction-free services yield inconclusive results.
- Smartphone Biometric Services: Incorporate fingerprint and other multi-modal biometric authenticators such as voice, facial, retina, and signature capabilities. Utilize ThreatMetrix integrated partner solutions or easily connect an existing provider.
- Carrier ID Services: Validate IP geolocation and phone carrier ID based on ownership and irrefutable evidence of communication with the SIM card. Verifying SIM cards with the carrier network provides the highest authentication assurance (National Institute of Standards and Technology (NIST) Level 4) to confirm a user’s identity in the form of a one-time cryptographic challenge response that is secure, private and friction-free.
- Identity Verification Services: Enhance identity assessment by incorporating additional user information including name, address, telephone number, and email address with along address verification attributes, (e.g. length of residence at a particular address), and history of email address to help filter out fraudsters and bots attacking with machine generated information.
Powerful Policy Orchestration – End-to-End Workflow With Case Management
Authentication Orchestration also works in conjunction with the ThreatMetrix Case Management capability, part of the decision management component of our platform, that permits individual events or groups of events to be evaluated and acted upon using manual or automatic logic. This workflow process is highly customizable to suit the varying needs of different use cases and system configurations.
Suspicious transactions that deviate from trusted patterns of behavior can be automatically routed into Case Management. This provides a proactive approach to fraud detection, improving efficiency and streamlining the review process.
An Integrated Fraud Management Solution
In summary, the ThreatMetrix Authentication Orchestration provides the following key benefits:
An open API architecture allows organizations to quickly and easily connect existing databases with new data sources and authentication services to comprehensively manage authentication and fraud prevention.
ThreatMetrix supports almost 2 billion monthly transactions in over 140 countries worldwide.
Enhances the value of the ThreatMetrix Digital Identity Network, allowing organizations to validate user identities, transactions or devices in real time, reducing the need for additional step-up authentication.
Streamlines end-to-end workflow management; suspicious transactions are triggered for manual review while fulfilment or ticketing for trusted users can be processed automatically. This reduces friction and enhances customer experience.
In a digital first world, businesses need to quickly and accurately recognize their customers and prospects, and do so without friction. Unfortunately, traditional authentication methods are simply no longer effective or practical.
The ThreatMetrix Advantage
- Rapid, lightweight deployment: The ThreatMetrix solution is cloud-based, providing simple and straightforward integration with existing systems.
- Up-to-date global insight: The ThreatMetrix Digital Identity Network gives clear visibility of current threat intelligence to give organizations a holistic view of emerging threats.
- Real-time responsiveness: ThreatMetrix delivers real-time insight; businesses can identify high-risk and fraudulent transactions before they compromise user accounts.
- Integration with third party services: Organizations can verify high risk transactions with integrated third party services such as identity verification, providing an extra level of assurance.
- Detailed analysis and reporting: ThreatMetrix provides reporting for retrospective-based and proactive forensic data analysis as well as a graphical interface for examining and investigating data trends.