November 14, 2017
- Drive legitimate customer adoption.
- Reduce fraud without compromising user experience.
- Prevent use of stolen credentials to create new identities and accounts.
- Detect compromised accounts across multiple channels, by understanding customer login attempts from suspicious devices and locations
Exciting innovations are emerging in the world of frictionless payment as a result of the growing connectivity of devices. The physical wallet is becoming somewhat redundant for many technologically savvy consumers, who are increasingly looking for more streamlined digital solutions to everyday transactions. As new solutions fuel the market, fraudsters are on the lookout for ways to exploit these new mobile payment systems. Cybercriminals are focusing their efforts on attacking mobile wallets using targeted malware and Near Field Communication (NFC) hacking for contactless payments.
With cybercriminals increasingly leveraging stolen identities to appear legitimate, it is becoming harder for organizations to distinguish between legitimate customers and fraudsters. Recent data breaches and growth of crime-ware tools have exacerbated the problem; fraudsters are tapping in to the latest technologies to dupe digital wallet providers into setting up bogus accounts or processing fraudulent payments.
Ensuring fraud is detected early while maintaining the frictionless experience that customers have come to expect means organizations are under increasing pressure to:
- Detect fraudsters using stolen credentials to create new wallet accounts.
- Detect the use of stolen payment methods within a digital wallet.
- Detect attacks to takeover existing users accounts.
Leveraging Digital Identities
ThreatMetrix layered approach validates the end user’s true digital identity through information related to devices, threats and persona (combination of device, history, transactions, email and other attributes). At the same time, ThreatMetrix real-time decision analytics platform provides additional insights to differentiate trusted customers from potential fraudsters. This knowledge allows digital wallet providers invaluable insight into who their customers really are and whether their transactions can be trusted. Underpinning this solution is world’s largest Digital Identity Network built on shared intelligence from over 1 billion transactions per month from more than 4,000 of the world’s most trusted brands.
The ThreatMetrix Solution for Digital Wallet Providers
ThreatMetrix offers real-time fraud detection and prevention solutions that allow digital and mobile wallet providers to minimize fraud-related losses. The ThreatMetrix platform enables them to:
Stop Fraudulent New Account Registrations:
Fraudsters often use false and stolen information to open accounts. These fraudulent accounts are then used to purchase things like gift cards (for ease of use and distribution) as well as carry out other fraudulent purchases. ThreatMetrix provides a risk-based fraud detection solution that prevents cybercriminals from creating false accounts.
Protect Against Account Takeover:
ThreatMetrix leading account takeover prevention solution helps digital wallet providers:
- Prevent unauthorized access to existing accounts using credentials obtained through phishing attacks, bad devices, malicious personas, shared passwords, or keyword loggers.
- Analyze subsequent access requests in real time to identify suspicious patterns, compromised devices, unusual locations (including attempts from known botnets or hidden proxies/VPNs) and suspicious configurations.
- Detect the presence of malware on a legitimate user’s device, detect activities from bots/scripted mechanisms, and detect account takeover attempts from the mobile channel.
Prevent Payment Fraud:
Wallet providers must make instant decisions about card-not-present (CNP) interactions. ThreatMetrix detects stolen credit cards in real time by combining device attributes, malware detection and sophisticated analytics with the user’s identity and transaction details. This real-time credit card fraud analysis offers digital wallet providers an additional layer of protection to reduce the costs of credit card fraud while protecting the online experience for legitimate customers.
Since implementation, ThreatMetrix has helped digital wallet providers lower fraud, reduce losses and deliver an enhanced experience for trusted users. This has been supported by the following key capabilities:
- ThreatMetrix Smart ID helps the wallet providers recognize a returning device even when cookies are deleted/disabled. Derived from the analysis of many browser, plug-in, and TCP/IP connection attributes, Smart ID can differentiate between trusted customers and cyber threats.
- ThreatMetrix Trust Tags enable the wallet providers to differentiate between fraudsters and legitimate customers. Trust can be associated dynamically with any combination of online attributes such as devices, email addresses, card numbers or any other attributes involved in accepting, rejecting or reviewing a customer.
- The Digital Identity Network, part of ThreatMetrix SaaS solution that analyzes billions of transactions, allows the wallet providers to access identifying attributes, characteristics, and behaviors associated with trusted users. Data shared by organizations, along with information available from ThreatMetrix device profiling, establishes a unique Digital Identity for each customer.
- ThreatMetrix deep connection analysis technologies give the wallet providers a clearer view of suspicious activity. Fraudsters often attempt to hide behind location and identity cloaking services such as hidden proxies, VPNs and the TOR browser. ThreatMetrix accurately detects the use of these technologies and, in the case of proxies and VPN, allows the lender to see the true IP address, geolocation and other attributes of each transaction.