November 13, 2018
As digital transactions continue to grow, recognizing returning trusted customers is critical for eCommerce businesses.
Failure to do so can result in shopping cart abandonment, customer attrition, low customer lifetime value, undesirable net promoter scores, and reputational damage, which all lead to decreased revenue. Today’s consumers expect seamless online experiences free of friction – causing eCommerce businesses to walk a fine line between fraud detection and overall customer experience.
Since online relationships are remote and data driven, eCommerce businesses need to find a way to ensure that the person logging in to purchase a product or service, redeem reward points, or change personal details is the legitimate, trusted customer and not a fraudster masquerading as the user. Account takeover can not only have detrimental effects on business growth, but it can also jeopardize customer loyalty, industry standing, regulatory compliance or intellectual property.
Static authentication methods, such as user IDs and passwords can easily be phished, hacked or guessed, and are no longer effective in a post-breach world. Although multi- factor authentication (MFA) methods provide an extra layer of security to verify user identity, they introduce friction and do not protect against malware or social engineering attacks, as fraudsters can hijack legitimate login sessions.
Static authentication methods, such as user IDs and passwords can easily be phished, hacked or guessed, and are no longer effective in a post- breach world.
Adopting a layered approach to security is vital to truly understand the digital identity of a connecting user. By passively authenticating trusted users and automatically flagging high-risk or anomalous events in real time, eCommerce businesses can detect fraudulent activities, such as account takeover and payments made using stolen identity credentials, without adding friction for legitimate users. Ultimately, customers expect merchants to keep their accounts and payments safe, while providing the best user expenence.
Authenticate Returning Customers Without Adding Friction
ThreatMetrix has a market leading fraud solution that can protect eCommerce businesses from account takeover, adopting a layered approach to effectively identify up to 95% of returning customers, reducing friction and fraud.
ThreatMetrix Digital Identity Network sees one out of every three dollars spent globally, and is relied on by the largest eCommerce marketplaces in the world. This empowers the ThreatMetrix platform to detect unusual customer behavior – scoring logins, payments and new account applications in real time based on global shared intelligence.
Leveraging the Largest Repository of Digital Identity Intelligence to Establish Trusted Customer Behavior
Knowing who your customers really are and how and when they transact, can detect suspicious behavior or compromised devices before accounts are in ltrated by cybercriminals. Built from crowdsourced intelligence from approximately 24 billion global transactions each year including logins, payments, and new account applications, ThreatMetrix Digital Identity Network provides a wealth of cross-industry intelligence related to devices, locations, identities and past behaviors.
Using this information, ThreatMetrix helps eCommerce businesses understand the true identity of a transacting user by going beyond just device-based analysis, grouping various other entities based on complex associations formed between events.
The ThreatMetrix solution can effectively identify up to 95% of returning customers, reducing friction and fraud.
With ThreatMetrix, ecommerce businesses can confidently approve transactions from legitimate users, reject transactions from known fraudsters or bots, detect multiple identities using a single device, and block transactions from devices compromised by malware. They can also detect key situations that put user accounts at risk including:
- Attempted logins using stolen credentials: Detect new devices for existing users, attempted logins from unusual locations or via hidden proxies / VPNs, and multiple account access using a single device.
- Logins from risky or compromised devices/users: Detect unusual device or user behavior that might suggest fraudulent takeover.
- Malware targeting logins: Detect evidence of malware on a legitimate user’s login session.
- Credential replay attacks or session hijacks: Detect when a device changes between a login and a transaction, or when cookies are copied between devices.
- Botnets automating password guessing: Detect high velocity password attempts, unusual packet fingerprints, known botnet participation, and other symptoms of a scripted attack.
- An Unparalleled Network: The ThreatMetrix Digital Identity Network protects 1.4 billion unique online accounts using intelligence harnessed from 2 billion monthly transactions.
- Privacy by Design: ThreatMetrix is unique in its ability to solve the challenge of providing dynamic risk assessment of identities while maintaining data privacy through the use of anonymization and encryption.
- An Integrated Approach to Authentication: Flexibly incorporate real-time event and session data, third-party signals and global intelligence into a single Smart Authentication framework, to deliver a consistent and low-friction experience with reduced challenge rates.
- Advanced Behavioral Analytics and A Clear-box Approach to Machine Learning: ThreatMetrix Smart Analytics analyzes dynamic user behavior to build more accurate, yet simpler, risk models. The result is a competitive edge in customer experience with reduced false positives, while maintaining the lowest possible fraud levels.