March 15, 2019
Following FFIEC Statements on Compromised Credentials and Destructive Malware, ThreatMetrix Outlines Authentication Strategies for Financial Institutions
Posted April 9, 2015
Recent Data Breaches and Malware Attacks Have Fundamentally Changed the Risk Environment for Financial Institutions, Requiring a New Approach to Authentication
San Jose, CA – April 9, 2015 – ThreatMetrix®, the fastest-growing provider of context-based security and advanced fraud prevention solutions, today announces several strategies for financial institutions to accurately authenticate customers and employees in alignment with joint statements released by the Federal Financial Institutions Examination Council (FFIEC) on compromised credentials and destructive malware.
As a result of growing destructive malware attacks and recent successful data breaches directed at banks, retailers and health providers, the risk environment for businesses operating online has fundamentally changed. To help financial institutions navigate this change, the FFIEC released joint statements that address dealing with stolen identities and the heightened risks of destructive malware that, in combination, represent a credible threat to business operations and the financial system as a whole.
“We’re not even halfway through the year and we’ve already seen data breaches of two major healthcare providers, Anthem and Premera, compromise the information of more than 90 million people,” said Alisdair Faulkner, chief products officer at ThreatMetrix. “As the prevalence of personal data being breached continues to grow, financial institutions need a new approach to authentication and digital identity assessment.”
According to ThreatMetrix, the key takeaways for both FFIEC joint statements can be summarized as:
- Compromised Credentials – Banks can no longer trust static identities of a user attempting a login or transaction, whether it is an employee or administrator, and especially if it is a customer. Even if a bank’s own internal systems are impenetrable, their customers and employees are not.
- Destructive Malware – Banks need to continuously evaluate the health and risk of devices being used to access data or perform a transaction, irrespective of whether the device is an employee accessing services remotely from their tablet, or a sanctioned locked-down PC.
- Shared Intelligence – In order to proactively counter these two combined threats financial institutions need to look beyond their firewalls to share actionable threat intelligence about unauthorized account access attempts and attack patterns.
“Forget Bitcoin, our digital identities are the cyber currency that are powering the underworld” said Faulkner. “Unlike credit cards that can be replaced, stolen identities and compromised devices are the gift that keeps on giving – pieces of a user’s digital identity can be used over and over again, with each attack increasing in sophistication on a daily basis. Combining stolen identities, compromised devices and newer device spoofing tools like Anti Detect and Fraud Fox, hackers can routinely bypass first generation authentication technologies still installed at banks. Financial institutions need new ways of assessing digital identities by leveraging global shared intelligence to detect when personal information and devices are being used illegitimately. When one financial institution’s network is breached, every financial institution becomes the target of the digital debris.”
The ThreatMetrix® Global Trust Intelligence Network (The Network) includes several features to help financial institutions mitigate the two core risks of compromised credentials and destructive malware outlined by FFIEC:
- Persona ID – Persona ID enables financial institutions to use entity association to connect users with their related attributes and activity, such as email addresses, payment details, past transactions, accounts, devices, location, proxies etc., to tie these details to digital “personas.” Incoming transactions are evaluated against the corresponding digital identities in real-time, enabling ThreatMetrix to distinguish legitimate users and customers from cyber-attacks in real time.
- Layered Approach – Rather than providing “Bigger Data,” which creates too many alerts to act upon quickly, The Network uses pin-point decision analytics that assess devices, threats, personas and behavior across its anonymized digital identity network to accurately identify cybercriminals in real time without added customer friction.
In an environment where financial institutions must assume digital identities and devices are compromised before authenticating logins or transactions, The Network delivers real-time intelligence, providing businesses with consistent risk assessments of data and creating unique digital identities for users by mapping their online behaviors and devices to protect customers from fraudulent transactions.
- Guilty Until Proven Innocent: How Incorrectly Identifying Good Customers as Cybercriminals Damages Your Bottom Line
- Financial Institutions
- eBook: ThreatMetrix Cybercrime Report: Q4 2014
ThreatMetrix builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions leveraging a global shared digital identity network and real-time customer-driven analytics platform. These solutions help customers differentiate between trusted users and potential fraud resulting in reduced friction, incremental revenue and lower fraud and operational costs.
ThreatMetrix secures customers against account takeover, payment fraud, fraudulent account registrations resulting from malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes more than one billion monthly transactions and protects more than 250 million active user accounts across 3,000 customers and 15,000 websites and mobile applications. ThreatMetrix is deployed by industry leaders across financial services, e-commerce, payments, social networks, government and insurance.
For more information, visit www.threatmetrix.com or call 1-408-200-5755.
© 2015 ThreatMetrix. All rights reserved. ThreatMetrix, TrustDefender ID, TrustDefender Cloud, TrustDefender Mobile, TrustDefender Client, the TrustDefender Cybercrime Protection Platform, ThreatMetrix Labs, and the ThreatMetrix logo are trademarks or registered trademarks of ThreatMetrix in the United States and other countries. All other brand, service or product names are trademarks or registered trademarks of their respective companies or owners.