November 13, 2018
Persona DB is part of the TrustDefender™ Cybercrime Prevention Platform from ThreatMetrix. It’s an extensible, enterprise-accessible database that allows an organization to privately and securely store and retrieve identifying attributes, characteristics, and behaviors associated with its users and customers. Information relevant to customers or employees can be stored in the database. This can include data such as the exact devices customers use, their access habits, normal locations, IDs, accounts, shipping addresses, and data necessary for step-up authentication such as mobile phone numbers or email addresses. The database may also contain IP or email addresses that have been compromised, previous associations with cybercrime or fraud, compliance data such as OFAC-banned countries, and countless other data elements.
Data stored by organizations within the Persona DB, along with information available from ThreatMetrix device profiling and the shared Digital Identity Network, is used to establish a unique Persona ID for each user or customer. This comprehensive data set allows ThreatMetrix to perform detailed user, device, and behavior analytics for every access and transaction in real time, resulting in an unprecedented level of actionable intelligence and visitor risk-scoring capabilities. Armed with this information, application policies can be created to allow/deny access or approve/disapprove transactions with higher levels of accuracy and confidence.
Extensible Solution – Easily Deployed
Because Persona DB is built into ThreatMetrix’s SaaS-based solution, organizations can access private data at every login or transaction in real time from a highly scalable, managed solution without significant deployment/integration effort – or the expenses associated with provisioning and maintaining on-premises solutions. Data can be dynamically managed, including the ability to add, remove and return data during live end-user sessions or administrative functions.
The data that organizations elect to store in the Persona DB can originate from their own business-critical systems, or from data available from ThreatMetrix.
Common Use Cases
Persona DB can be used in a multitude of ways, enabling organizations to easily aggregate and store any data that’s needed for customizable, state-of-the-art fraud prevention and context-based authentication.
Here are some practical applications for Persona DB:
- Data Aggregation: Pulling together related user or customer data from different business areas. These might include new account origination, user or customer authentication, human resources, rewards programs, purchase history, payment and fraud data, compliance, mobile device channels, and more. Data aggregation allows isolated business units to freely share relevant data and intelligence for the benefit of all.
- Improved Customer or User Experience: Good customers or users can be identified as “trusted,” allowing them to bypass step-up authentication procedures.
- Expanded Customer/User Information: Persona DB allows organizations to easily add data relevant to user authentication and fraud prevention. Shipping and billing addresses, multiple email addresses, phone numbers – essentially any data desired can be used to enhance the authentication process.
- Fraud or Cybercrime Associations: Accessing previously stored fraud-related incidents, high-risk device associations, ties to fraud rings, etc., can assist with the rapid identification of known bad actors or suspicious attempts to gain access.
- Step-Up Authentication: Data for supplemental or out-of-band authentication procedures may be stored within Persona DB. Examples include phone numbers, email addresses, or challenge questions and answers such as the last four digits of a customer’s social security number, or the name of their first pet.
- Trusted Locations: Typical user or customer geolocations such as their home and office can be stored within Persona DB to indicate trusted locations. Temporary trusted locations like confirmed travel destinations can also be stored.
- User or Customer Segmentation: Persona DB may be used to identify various groups of individuals. Examples include VIP customers, frequently returning consumers, frequent buyers, etc.
- Transaction Queries and Augmentation: Persona DB may be used to enable real-time queries to locate specific transactions – identified by Stock Keeping Unit (SKU)/Category, Merchant Category Codes, or other product and transaction identifiers.
- Membership or Rewards Information: Membership program status and rewards data may be stored, making it accessible across business channels.
- Catalog of Recent Purchases: Businesses can use Persona DB to store specific customer information pertaining to owned products or recent purchases.
- Data Mining to Identify Good Customers: Easily access lists of customers with specific attributes and trust levels in order to offer them specific promotions or incentives.
- Compromised Account Identification: Organizations can identify user accounts that have been compromised or phished, either in real time or in the past, and store them within Persona DB.
- Compliance: Data to help comply with company, industry, or legislative requirements may be stored. For example, recent user or customer localities may be preserved, along with lists of banned regions to help comply with OFAC or other government-mandated requirements.
Security and Privacy
Like all personally identifiable information (PII) submitted to ThreatMetrix, data stored in the Persona DB is encrypted and isolated from other organizations, enabling enterprises to easily and confidently secure their data. Only organizations storing data in the Persona DB are allowed access to that data – not even ThreatMetrix can access Persona DB in the clear
The ThreatMetrix system automatically generates a new private/public encryption key pair for each new organization. Public keys are associated with the user accounts of the respective enterprise. Private keys are securely stored in the ThreatMetrix FIPS 140-2 validated Key Management Server. Strong, 1,024-bit, asymmetric encryption is utilized to secure the system.
Implementation and Integration Overview
Persona DB is an integral part of the highly scalable, TrustDefender Cybercrime Prevention Platform. The entire solution is SaaS based, greatly simplifying its implementation and management, and eliminating the costs and complexity of traditional on-premise solutions.
Persona DB utilizes the standard, predefined fields and custom attributes used by the TrustDefender Cybercrime Prevention Platform. This streamlines development and enables rules and policies to be easily created that act on both custom Persona DB data and on the comprehensive data available from the Digital Identity Network.
Database Structure and Data Types
Persona DB allows each organization to create multiple, privately encrypted, custom databases. These custom databases can be used for separate functions. For example, product data may be stored in one database, user device or authentication data stored in another, and compliance data kept in a third database.
All data values are stored as strings, and may be up to 28 characters in length. A hashed value of each string is also stored, and can be referenced at any time for full string-oriented operations and matching.
Data Insertion and Retrieval
Persona DB uses ThreatMetrix Entities to reference data. Entities can be thought of as entire collections of individual attributes. Since multiple entities can be stored in a single record, queries can be extremely efficient and powerful. Individual entities or any combination of entities can be queried to access all associated data.
Data is stored and referenced using ThreatMetrix Rules, which are added to policies defined in the ThreatMetrix Portal. A number of new rules have been added to fully support Persona DB, enabling data operations such as set, check, remove, and return. When policies execute at transaction time, any triggered Persona DB rule will cause the intended action to be carried out against the specified Persona DB database.
ThreatMetrix builds trust on the Internet by offering market leading advanced fraud prevention and frictionless context based security solutions. These solutions authenticate consumer and workforce access to mission critical applications using real-time identity and access analytics that leverage the world’s largest trusted identity network.
ThreatMetrix secures enterprise applications against account takeover, payment fraud, fraudulent account registrations, malware, and data breaches. Underpinning the solution is the ThreatMetrix Digital Identity Network, which analyzes billions of transactions and protects hundreds of millions of active user accounts across tens of thousands of websites and mobile applications. The ThreatMetrix solution is deployed across a variety of industries, including financial services, enterprise, e-commerce, payments, social networks, government and insurance.