March 15, 2019
Reimagining the Concept of Identity
Every business is a now a digital business: success relies on aligning a frictionless online experience with optimized security. Static information alone is no longer effective to authenticate user identity; we live in a post-data breach world where complete user identities can be bought, traded and augmented on the dark web for use in multi-faceted cyberattacks.
Businesses need a new approach to understand the true identity of a connecting user, based on dynamic, global digital identity intelligence that is persistent and updated in real time. This approach allows businesses to more effectively distinguish trusted users from potential threats while preserving a frictionless user experience.
ThreatMetrix Smart Authentication™: Passive, Strong, Minimal Friction
Open Banking Scenario
Simplify the authentication flow: rather than re-directing the user to their bank for a payment authentication, incorporate a push notification that uses the device biometrics for a secure, frictionless, online experience
Smart Authentication with End-to-End Decision Management
The ThreatMetrix Digital Identity Network unites market-leading Digital Identity Intelligence with a Dynamic Decision Platform and Smart Authentication for optimized fraud and authentication management. This provides industry best-practice templates and configuration-driven flexibility for step-up authentication, identity verification, geo-fencing, A/B testing and third-party integrations.
Low-risk transactions can be passively authenticated in real time by comparing event data to digital identity intelligence held in the ThreatMetrix Network. Transactions that require additional authentication can be seamlessly routed to the appropriate integrated service using the Dynamic Decision Platform and Smart Authentication framework.
Leveraging the Power of Digital Identities
ThreatMetrix is unique in its ability to dynamically combine the four key pillars that define digital identity across all device platforms, creating the largest and most comprehensive repository of digital identity intelligence in the world. This intelligence streamlines the login process, prevents account takeover attacks and detects insider threats:
- Web and Mobile Device Intelligence: Device identification, detection of device compromises across web and mobile, device health and application integrity.
- True Location and Behavior Analysis: Detection of location cloaking or IP spoofing, proxies, VPNs and the TOR browser Detection of changes in behavior patterns, such as unusual transaction volumes, changes to velocity or frequency of transactions or new use of remote access software.
- Identity and Link Analysis: Defining patterns of trusted user behavior by combining identity and transactional metadata with device identifiers, connection and location characteristics.
- Bot and Malware Threat Intelligence: Actionable threat detection for Malware, Remote Access Trojans (RATs), automated bot attacks, session hijacking and phished accounts, combined with global threat information such as known fraudsters and botnet participation.
ThreatMetrix behavioral analytics and machine learning capabilities leverage this global intelligence to better model complex user behavior, dramatically reducing false positives and customer friction throughout the customer journey.
For high-risk events such as credential updates, use Carrier ID services to ensure that the request was made by the legitimate user and their registered device, without disrupting the user experience
Integrated Services for Additional Assurance
Enabled via ThreatMetrix Integration Hub
- 2FA: Businesses can invoke two-factor authentication (2FA) using one-time passcodes sent over SMS.
- Carrier ID: This provides a strong second layer of mobile authentication. Carrier ID Verifies SIM cards with the carrier network to confirm a user’s identity in the form of a one-time cryptographic challenge response that is secure, private and friction-free.
Strong Authentication Framework
The ThreatMetrix approach to strong customer authentication uses the mobile device as the enabler. This includes:
- Mobile App Security: ThreatMetrix Mobile SDK delivers strong device identification, detecting breaches to the host application and evaluating the overall security of the device.
- Device Binding: Leveraging the trust of existing devices to avoid repetitive authentication. This is offered using either Strong Device ID – A unique, tamper resistant identifier that cryptographically binds a device to a user’s identity – or Carrier ID.
- Multi-factor Authentication (MFA) Secure Notification: This sends a crytographically-backed push notification to the user’s mobile device for low friction authentication, via a fingerprint or PIN, for example.user authenticator (fingerprint, facial recognition, voice, PIN, etc.)
- Biometrics: A range of low friction, password-free authentication strategies that can be chosen by the user for an enhanced customer experience.
Authenticating High-Risk Events Using Location Services
Use app location services to verify a point-of-sale transaction that comes from a high-risk location. This reduces unecessary intervention for high-frequency travelers.
The ThreatMetrix Advantage
- An Unparalleled Network: The ThreatMetrix Digital Identity Network protects 1.4 billion unique online accounts using intelligence harnessed from 2 billion monthly transactions.
- Rising Recognition Rates: Over 90% of returning users are recognized without friction.
- An Integrated Approach to Authentication: Flexibly incorporate real-time event and session data, third-party signals and global intelligence into a single Authentication Decision Platform to deliver a consistent and low-friction experience with reduced challenge rates.
- A White-box Approach to Behavioral Analytics and Machine Learning: Advanced Behavioral Analytics and a Clear-box Approach to Machine Learning
- Integrated Forensics, Case Management and Business Intelligence for improved productivity