As digital transactions grow apace, recognizing returning trusted customers is pivotal to business success.

Online relationships are remote and data-driven; trust is critical to ensure that customers can be validated effectively in real time.

When customer accounts are compromised by fraudsters, damage is not purely restricted to financial loss. Account takeover can severely hinder business growth and for some organizations, it can also jeopardize public reputation, industry standing, regulatory compliance or intellectual property.

The challenge for businesses is how to validate customer identities without introducing friction. Passwords alone are no longer sufficient protection for online accounts; they can be cracked in minutes by experienced hackers, or bought on the dark web as a result of an earlier breach. Although two-factor authentication (2FA) provides an extra security layer to verify user identity, it doesn’t protect against malware or social engineering attacks, as fraudsters can hijack legitimate login sessions.

The Value of Establishing Trusted Customer Behavior

Knowing who your customers really are and how and when they transact, can detect suspicious behavior or compromised devices before accounts are infiltrated by cybercriminals. The challenge for businesses is how to continually recognize returning customers without adding unnecessary friction at login.

Organizations must adopt layers of defense, for example profiling the precise behavior on an account (including any change of details), accessing shared intelligence of known fraud, as well as detecting the presence of malware or remote access control.

Using the ThreatMetrix Digital Identity Network to Passively Authenticate Returning Customers

ThreatMetrix has a market leading fraud solution that can protect your business from account takeover by passively authenticating returning customers. The ThreatMetrix Dynamic Decision Platform adopts a layered approach to effectively identify up to 95 percent of returning customers, reducing friction and fraud.

The ThreatMetrix Digital Identity Network

This network underpins the ThreatMetrix solution and leverages global shared intelligence from millions of daily consumer interactions including logins, payments and new account originations. Using this information, ThreatMetrix stitches together a customer’s true digital identity by analyzing the myriad connections between devices, locations and anonymized personal information.

Defining User Identity and Behavior Patterns to Identify Threats

Digital Identities within the ThreatMetrix Digital Identity Network show a pattern of trusted behavior by incorporating anonymized non-regulated personal information such as user name, password and email address with device identifiers, connection and location characteristics. At the same time ThreatMetrix profiles all devices accessing a website (desktops, laptops, smartphones, or tablets), to identify the presence of malware or other anomalies that might indicate a high-risk login attempt. High-risk anomalies can be easily identified and flagged for review or automatic rejection. Businesses can confidently detect key situations that put user accounts at risk including:

  • Attempted logins using stolen credentials: Detect new devices for existing users, attempted logins from unusual locations or via hidden proxies / VPNs, and multiple account access using a single device.
  • Logins from risky or compromised devices/users: Detect unusual device or user behavior that might suggest fraudulent takeover.
  • Malware targeting logins: Detect evidence of malware on a legitimate user’s login session.
  • Credential replay attacks or session hijacks: Detect when a device changes between a login and a transaction, or when cookies are copied between devices.
  • Botnets automating password guessing: Detect high velocity password attempts, unusual packet fingerprints, known botnet participation, and other symptoms of a scripted attack.

Personalizing the ThreatMetrix Solution to Your Business

ThreatMetrix offers a powerful yet easily customizable Policy Engine that allows you to incorporate your own business processes and tolerance for risk. This allows your business to fine tune and automate responses to login sessions. Every business faces different exposure to fraud risk; with ThreatMetrix you have the ability to tailor the solution to meet these varying and evolving business needs. For example, you may:

  • Allow account access from known good customers on known devices with no evidence of malware or compromise.
  • Deny logins from highly suspicious situations or known botnet participants.
  • Implement step-up, “out-of-band” authentication or manual reviews only for suspicious and high-risk logins.

What Gives ThreatMetrix the Advantage?

ThreatMetrix offers the broadest combination of defenses against account takeover in a solution that imposes little burden on your IT resources or your customers:

  • Rapid, lightweight deployment: The ThreatMetrix Cybercrime Protection Platform is a cloud-based solution, meaning you don’t need to add servers or additional infrastructure to protect account logins.
  • Up-to-date global insight: Integration with the ThreatMetrix Digital Identity Network gives you constant access to current fraud intelligence, including known botnets, global device behavior, and the identity of known fraudsters.
  • Real-time responsiveness: ThreatMetrix delivers real-time insight, so you can identify fraudsters before they breach accounts and compromise your business.
  • All logins protected without adding friction: Unlike strong authentication solutions that require token deployments and extra user steps to log in, the ThreatMetrix solution easily secures all logins without unnecessary friction.
  • Integration with third-party services: The ThreatMetrix solution has a number of fully integrated third-party services, such as 2FA and Carrier ID, providing additional verification for high-risk or anomalous login attempts. Businesses can onboard relevant services without friction, streamlining end- to-end fraud management.
  • Detailed analysis and reporting: ThreatMetrix provides visualizations and analytical reports that allow your security and fraud analysts to see and understand enterprise application activity, and take proactive steps to improve security and reduce fraud.

Schedule a Consultation

Start Today
close btn