December 5, 2018
ThreatMetrix Data Finds Bank Accounts Are Accessed by an Average of 2.4 Unique Devices, While Overall Customers Across Industries Use 1.79 Unique Devices
Posted September 26, 2013
In a One-Month Period, Online Bank Accounts Show the Highest Number of Unique Devices of All Industries Analyzed, Including Some Bank Accounts Being Accessed by Up to 20 Devices Per Month
San Jose, Calif. – September 26, 2013 – ThreatMetrix™, the fastest-growing provider of integrated cybercrime solutions, today announces data from the ThreatMetrix Digital Identity Network showing the average number of devices customers use to access online accounts – including personal computers, work computers, smartphones and tablets – with banking customers taking the top spot for most devices used. Each month, The Network screens more than 500 million site visitors, across more than 1,900 customers and 9,000 websites and uses predictive analytics to differentiate between legitimate and fraudulent behavior, personas and devices.
In a recent snapshot from May 1 through July 31, 2013, The Network found that the average online bank account is accessed by 2.4 unique devices. The data was compiled across a diverse set of industries – including banking, e-commerce, enterprise, insurance, social networks, government and healthcare – and found that bank accounts are accessed by a significantly higher number of unique devices than other industries.
In July 2013, ThreatMetrix data shows that 55 percent of bank accounts are accessed by one device, 26 percent are accessed by two devices, 11 percent are accessed by three devices, and 4 percent are accessed by four devices. While there is a significant drop-off after four devices, the data shows a very small percentage of accounts being accessed by as many as twenty devices in a one-month period, which raises some red flags.
“Online bank accounts are likely accessed by several unique devices because consumers often check their balances or process transactions several times per week, or as often as several times per day,” said Peter Liske, vice president of product management, ThreatMetrix. “However, accessing highly sensitive banking information across multiple devices poses a severe fraud and malware risk to both consumers and financial service providers – more so than for other industries.”
All Industries Combined Show Lower Number of Unique Devices than Banking
Compared to banking, all industries analyzed show a significantly lower number of unique devices per account. In the same three-month period from May 1 through July 31, all industries combined are accessed by an average of 1.79 devices per account, compared to bank accounts being accessed by 2.4 devices on average.
According to data from July 2013, 68 percent of accounts across industries are accessed by only one device each month, 19 percent are accessed by two devices and 7 percent are accessed by three devices. After three devices, the data shows a significant drop off.
“While it isn’t uncommon for some consumers to access online accounts from multiple devices, any business operating online must have a collective device and persona screening process in place to determine suspicious activity,” said Liske. “The risk of a malware-infected device transacting with a site goes up when visitors use a number of devices. Preventative screening enables online banks, retailers and other businesses to authenticate returning users and their associated devices so they can have a seamless experience while ensuring suspicious account logins require additional screening processes.”
How Businesses Can Accurately Determine Unique Devices
While most online businesses determine the number of devices accessing accounts by cookies, which identify a user’s activity on Web browsers, this is not the most accurate way to identify unique devices. Due to private browsing modes and common knowledge of deleting cookies, identifying unique devices with this method shows a higher number of devices, because each time users clear cookies, they are counted as a new device when returning to a website.
Rather than using cookies to determine unique devices, ThreatMetrix uses SmartID™, which can identify unique visitors that have wiped their cookies, used private browsing and changed IP addresses. This provides a more accurate number of unique devices and enables customers to better measure which devices and activity may be considered suspicious and require additional screening.
“Looking at unique devices and persona behavior by cookies has become more and more problematic in the cybersecurity industry. ThreatMetrix technology enables businesses across industries to better protect their authentic customers by not relying strictly on cookies,” said Liske. “Rather, the enhanced functionality of ThreatMetrix Smart ID improves the capability to authenticate returning visitors, especially those trying to elude identification or wipe their cookies.”
Leveraging data from the ThreatMetrix Global Trust Intelligence Network, ThreatMetrix examined all account logins over a three-month period – from May 1 through July 31, 2013. Logins were reviewed without capturing personally identifiable information to determine the number of unique device identifiers associated with the encrypted value of the account. The number of unique devices was determined by counting the number of unique device fingerprints (SmartID) per login. Organizations were categorized into different broad categories for comparison: banking, retail, and other.
ThreatMetrix is the fastest-growing provider of integrated web fraud and cybersecurity solutions. The ThreatMetrix Platform helps companies prevent unauthorized access to web and mobile applications, protect sensitive data, and secure transactions against account takeover, payment fraud, identity spoofing, malware, and data breaches. ThreatMetrix protects more than 1,900 customers and 9,000 websites across a variety of industries, including financial services, enterprise, e-commerce, payments, social networks, government, and insurance. For more information, visit www.threatmetrix.com or call 1-408-200-5755.
To join in the cybersecurity conversation, follow us on Twitter @ThreatMetrix.
© 2013 ThreatMetrix. All rights reserved. ThreatMetrix, TrustDefender ID, TrustDefender Cloud, TrustDefender Mobile, TrustDefender Client, the TrustDefender Cybercrime Protection Platform, ThreatMetrix Labs, and the ThreatMetrix logo are trademarks or registered trademarks of ThreatMetrix in the United States and other countries. All other brand, service or product names are trademarks or registered trademarks of their respective companies or owners.