September 6, 2018
Departments of Motor Vehicles (DMVs) are leading the digital revolution among government agencies. Driver’s license and vehicle registration renewals, license plate purchases, and driving record requests are a few of the services that can now be fulfilled online.
However, as the ease and convenience of transacting online has become more prevalent, so too has the presence of cybercrime, as security and data breaches have supplied the dark web with a plethora of stolen identity credentials, enabling cybercriminals to masquerade as legitimate users behind the cloak of the internet.
Like other government agencies, DMVs are prime targets for cybercriminals seeking access to sensitive information by exploiting vulnerabilities through legacy systems, social engineering, etc. With millions of data records compromised each year, static identity verification alone is no longer an effective means to ensure that users are who they say they are. Limited customer interactions, characteristic of DMVs, further add to the challenge.
DMVs need a deeper understanding of who they are issuing licenses to, accepting payments from, updating records for, etc. not only to safeguard sensitive information, but also to detect and prevent fraud. Combining multiple static data sources with dynamic, real-time intelligence is the most effective approach for protecting users and detecting fraud. Furthermore, with digital driver’s licenses on the horizon, the utilization of real-time data to accurately authenticate users will become more important than ever.
Understanding User Behavior by Leveraging the Largest Repository of Digital Identity Intelligence
Knowing who users really are and how and when they transact, can detect suspicious behavior before information is compromised or accounts are accessed by cybercriminals. The challenge for DMVs is how to accurately detect and block fraudsters without causing friction for legitimate users. Built from crowdsourced intelligence from approximately 2 4 billion global transactions each year including logins, payments, and new account applications, ThreatMetrix Digital Identity Network provides a wealth of cross-industry intelligence related to devices, locations, identities and past behaviors.
DMVs are prime targets for cybercriminals seeking access to sensitive information by exploiting vulnerabilities through legacy systems
Using this information, ThreatMetrix helps DMVs understand the true identity of a connecting user by going beyond just device-based analysis, grouping various other entities based on complex associations formed between events. Behavior that deviates from this trusted digital identity can be accurately identified in real time, alerting government departments to potential fraud. Suspicious behavior can be detected and flagged for manual review or rejection before a transaction is processed.
ThreatMetrix Solution for DMVs
ThreatMetrix can help DMVs confidently detect key situations that put user accounts, customer data and payments at risk including:
- Attempted logins using stolen credentials: Detect an existing user logging in with a new device, attempted logins from unusual locations or via hidden proxies/VPNs, and attempted access to multiple accounts using a single device.
- Logins from risky or compromised devices / users: Detect unusual device or user behavior that might suggest fraudulent takeover.
- Malware attacks: Detect evidence of malware on a legitimate user’s device or login session.
- Credential replay attacks or session hijacks: Detect when a device changes between a login and a transaction, or when cookies are copied between devices.
- Automated bot attacks: Detect high velocity password attempts, unusual packet fingerprints, known botnet participation, and other symptoms of a scripted attack.
- An Unparalleled Network: The ThreatMetrix Digital Identity Network protects 1.4 billion unique online accounts using intelligence harnessed from 2 billion monthly transactions.
- Privacy by Design: ThreatMetrix is unique in its ability to solve the challenge of providing dynamic risk assessment of identities while maintaining data privacy through the use of anonymization and encryption.
- An Integrated Approach to Authentication: Flexibly incorporate real-time event and session data, third-party signals and global intelligence into a single Smart Authentication framework, to deliver a consistent and low-friction experience with reduced challenge rates.
- Advanced Behavioral Analytics and A Clear-box Approach to Machine Learning: ThreatMetrix Smart Analytics analyzes dynamic user behavior to build more accurate, yet simpler, risk models. The result is a competitive edge in customer experience with reduced false positives, while maintaining the lowest possible fraud levels.