January 10, 2019
As organizations continue along their path to consumer-centric digital transformation, limited IT resources can often shoulder the burden of trying to integrate legacy on-premises interfaces with new digital processes. The enhanced ThreatMetrix Decision Management Portal is a cloud-based platform, and provides clear and straightforward HTML access for all levels of users involved with fraud and risk management across an organization. The Portal is HTML 5-compliant, allowing cloud-based access that can be easily utilized on both desktop and tablet devices. It enables fraud and security managers to investigate high-risk incidents, identify suspicious patterns at large scale and take corrective and preventative action. The Portal provides an intuitive graphical layout to conduct policy setting, search, drill down, geomapping and self-service user administration.
The major components of the ThreatMetrix Decision Management Portal are:
The Forensics component is a graphical interface for examining and investigating data trends. Forensics allows the user to take action on specific events directly from the screen or move the selected events to the Workspace. The intuitive search bar with the automatic type ahead feature allows fraud and security analysts to swiftly identify suspicious patterns over multiple terabytes of data. A full view of events linked to an account can be viewed as a map or a list of events. The time period of interest can be varied and queries can be used to identify specific events or event types.
ThreatMetrix Workspace provides a consolidated area for investigating events and entities. This view allows users to examine events in detail by searching for related events and comparing multiple chosen events side-by-side. Once a decision is made users can take all necessary actions such as rejecting or approving transactions, moving elements of the event to black and white lists and others directly from the screen.
The Policy Management component allows fraud and security analysts to manage all aspects of real-time decision making. Policies are customizable rule sets that score or take action on a transaction in real time. Policies consist of a set of rules that look for specific information within a transaction and then apply a risk weighting if the specified conditions are met or take actions. Pre-defined rules templates are provided to streamline business workflow. Within rules, variables can be used as part of the Analytics feature.
As part of the Policy Management component, users can leverage the premium add-on Smart Analytics component. Smart Analytics allows organizations to create custom variables, rules, models and policies to analyze patterns specific to business needs. Rather than a static and linear behavior model, the ThreatMetrix policy engine leverages statistical methods to determine whether an event falls within a “good user” or “bad user” pattern, while still allowing for changes in trusted user behavior.
The Lists component allows users to define and manage lists of digital identities that are allowed (whitelists), restricted (blacklists) and flagged (watchlists). Lists may include identity information such as username, phone number, email addresses, geolocations and device information. The policy engine streamlines the process by automatically add digital identities to lists. For example, identities can be added to blacklists when an event is determined to be fraudulent. In addition to automated entries added from the policy engine, users can also manually add or remove entries.
The Admin component is a full, self-service user and configuration management interface. Major functions include:
- User access and roles editing
- Screen configuration for managing forensic views
- System setting, e.g. API keys configuration
- Audit trail
- Self-service organization editor for partners and enterprise