January 10, 2019
- Protects platforms from fraud and associated risk to brand reputation
- Supports new account registrations with friction-free identity certainty
- Prevents new account fraud using identity proofing and the Digital Identity Network
- Protects against account takeover with account set-up and transaction processing
- Identifies money transfer fraud
Mobile money transfer platforms have capitalized on the the exponential growth of mobile technology. They provide flexible and efficient money transfer options to consumers who may not have access to traditional banking or credit options. Given that money is often sent abroad to family and friends, mobile transfer streamlines a process that was previously restricted to specific agents or banks.
Fraudsters have been quick to capitalize on the rapid adoption of mobile money transfer technology, exploiting opportunities to take over accounts or hack devices. Without tight fraud protection, the reputation of this emerging market could be irreparably damaged by the negative associations of fraud breaches.
Money transfer providers have to protect against the universe of all possible attacks. A single vulnerability can quickly damage user acquisition numbers and growth as businesses attempt to solidify their market position. Yet organizations are faced with an ever-evolving fraud arena. The availability of stolen credentials, advanced cyber tools and full exploits for sale or rent on the dark web, has made it easier for the less technically astute to commit fraud.
Key vulnerabilities for mobile money transfer include:
- Identity theft, key loggers and spoofing
- Remote access Trojans (RAT), malware and replay attacks
- Reverse engineering of mobile apps and malicious third-party apps
- Web exploits, man-in-the-middle (MITM) attacks and session hijacking
Leveraging Digital Identities
ThreatMetrix uses machine learning and adaptive analytics to build a unique picture of device identity, user persona and behavioral patterns. Real-time insight and risk scores help organizations secure accounts and transactions of legitimate users while detecting fraudulent behavior more accurately, and with less friction. Underpinning this solution is the world’s largest Digital Identity Network built on shared intelligence from over 1 billion transactions per month from more than 4,000 of the world’s most trusted brands.
ThreatMetrix for Money Transfer Services
ThreatMetrix processes money transfer requests in real time and enables instant insight into user persona, device identity and associated reputations. ThreatMetrix also identifies web exploits, malware and spoofing attacks. In addition ThreatMetrix prevents fraud, phishing and remote access attacks that may result from reverse engineering of money transfer apps. The ThreatMetrix platform is easy to integrate, has a low footprint and is transparent to the end user.
Stop Fraudulent New Account Registrations: New account fraud occurs when stolen or synthetic identities are used to open new accounts. Fraudulent accounts are frequently leveraged for bust-out fraud or may lie dormant, to be used later for multi-stage money transfer fraud. ThreatMetrix can see beyond false online identities, providing risk-based fraud detection to prevent this type of fraud.
Protect Against Account Takeover: ThreatMetrix can help prevent account takeover by detecting fraudsters attempting to access an existing account using credentials obtained through phishing attacks, keylogging, breaches or brute force techniques.
Money Transfer Transaction Fraud: Fraudsters have access to advanced exploits which can compromise legitimate accounts. Money transfer providers require full contextual intelligence on all transactions and the ability to quantify risk in real-time in order to:
- Stop session hijacking through signature and evidence based detection of malware and web attacks including MITM, man-in-the browser (MITB), BOTs, RATs, hidden VPNs and proxies.
- Uncover transaction anomalies in real time. ThreatMetrix adaptive analytics, deep link analysis and advance packet/network path forensics help identify transaction anomalies.
Since implementation, ThreatMetrix has helped money transfer providers reduce fraud, reduce losses and deliver an enhanced experience for trusted users. This is supported by the following key capabilities:
- Strong device identity enables money transfer providers to see beyond fictitious online identities and stop cybercriminals before they can commit fraud. This strong device identity is persistent across cookie wiping, device resets and device cloning to persistently differentiate between trusted users and fraudsters.
- ThreatMetrix Trust Tags represent previous known good associations between users and nodes. Nodes can include: devices, email addresses, card numbers, phone numbers and accounts or any other pertinent attributes. Trust Tags enable money transfer providers to leverage previous good behavior and reduce false positives.
- The ThreatMetrix Digital Identity Network processes billions of transactions per month and continuously analyses transactions and context to build determinist behavioral and persona profiles. ThreatMetrix uses machine learning and adaptive analytics to establish a unique Digital Identity for each customer.
- ThreatMetrix has advanced packet forensics and network path profiling which enable money transfer providers to identify the use of location and identity cloaking services such as hidden VPNs, proxies and the TOR browser. Using these techniques ThreatMetrix can identify true IP address and owners associated with that address.