ThreatMetrix Launches TrustDefender™ Mobile to Help Identify Fraudulent Transactions Originating from Mobile Apps
Posted February 21, 2012
The New Software Development Kit, TrustDefender™ Mobile, Equips Companies with Risk-Based Fraud Screening for Mobile Applications
San Jose, CA – February 21, 2012 – ThreatMetrix™, the fastest-growing provider of integrated cybercrime prevention solutions, announced today the launch of a new mobile software development kit (SDK) that helps identify fraudulent transactions originating from mobile applications. The new product, called TrustDefender™ Mobile, expands on ThreatMetrix’s already established malware detection and cookieless device identification technology for laptops and desktop computers. The same risk-based fraud screening capability that is available to browser-based transactions is now available to mobile applications.
As an embeddable library for smartphone applications, TrustDefender Mobile creates cross- validating device fingerprints based on hardware, operating system and application parameters. It offers ThreatMetrix customers a frictionless experience by embedding risk intelligence into a company’s native mobile applications, and ultimately providing comprehensive fraud screening solution across both browser and mobile application transactions.
“The PC era is in its sunset years and unfortunately smartphones have more limited form factors that make remote device verification difficult,” said Alisdair Faulkner, chief products officer, ThreatMetrix. “The iPhone blocks third-party cookies by default and when Apple released iOS 5, gone was the ability to globally identify a device based on its UDID. TrustDefender Mobile ensures that trusted user device identification and reputation is tightly integrated into a single platform for reducing risk across all web transactions and applications. This additional anonymous machine-level intelligence helps identify suspicious activities, such as when a criminal jailbreaks an iPhone in order to wipe the device’s identity.”
TrustDefender Mobile is introduced during a time when the mobile channel is becoming a hotbed for fraudsters. Enterprise security organizations are still grappling with the increase in the number of unmanaged endpoint devices that are not owned and supported by internal IT. Since many companies are allowing employees to use their own personal mobile device today, confidential company information passes over an unprotected device. There are also personal transactions made on the same device used for work, which if not fully protected, can lead to hacked company information and infiltration, added Faulkner.
Mobile cybercrime is not only a concern for the workplace today, but in a variety of other instances – such as mobile banking and mobile commerce. ThreatMetrix found that over the past year, there has been a 500% increase in mobile transaction volumes.
The results of a joint study with The Ponemon Institute in 2011, “Mobile Payments & Online Shopping Survey of U.S. Consumers,” also revealed the growing popularly – and fraud threat – of mobile transactions. Only 21% of the survey respondents, U.S. consumers who self-reported they are active users of the Internet, said they felt they are completely protected against fraudsters when conducting mobile banking activities in particular.
“Part of the problem with mobile fraud is that consumers don’t treat their mobile devices as the tiny computers that they actually are,” said Julie Conroy McNelley, analyst with Aite Group. “Employees are often willing to download apps of completely unknown provenance. As a case in point, 88% of the top global risk executives said they believe the mobile channel represents the next big point of exposure in financial services fraud.”
The ThreatMetrix™ Cybercrime Defender Platform
In addition to TrustDefender Mobile, other product solutions of the ThreatMetrix™ Cybercrime Defender Platform include:
• TrustDefender™ ID — TrustDefender ID is a cloud-based, real-time device identification solution that protects companies against cybercriminals and helps validate valuable returning customers. TrustDefender ID provides businesses with a crucial first perimeter of defense to protect online transactions, including account creation, login authentication and payment authorization.
• TrustDefender™ Cloud — TrustDefender Cloud is a cloud-based, real-time solution that helps companies protect customer data and defend against fraud, malware, MitB and Trojan attacks, and data breaches. It mitigates the risk of hidden malware compromising authenticated sessions to steal data, identities or money.
• TrustDefender™ Client — TrustDefender Client is a client-based, real-time solution that mitigates the risk of hidden malware compromising authenticated sessions to steal data, identities or money. A small client component installed on end-user computers identifies and isolates malware, verifies legitimate websites, protects the online session with the business, and communicates with the business to identify potential fraud.
In conjunction with TrustDefender ID’s cloud-based device identification technology, TrustDefender Mobile provides bulletproof cross-platform authentication and fraud prevention without leaking personal information. TrustDefender Mobile is already offered for the iOS operating system, and is currently in the Beta stage for other devices, which will be offered later this year.
For more information about the state of mobile fraud today, visit “The Mobile Fraud Threat,” “Malware and Mobile: How Big of a Threat Is It?” and “Top Three Tactics to Consider for Mobile Fraud Detection.” To view a TrustDefender Mobile whitepaper, visit “TrustDefender Mobile: Fraud Screening for Mobile Devices.”
ThreatMetrix®, The Digital Identity Company®, is the market-leading cloud solution for authenticating digital personas and transactions on the Internet. Verifying more than 20 billion annual transactions supporting 30,000 websites and 4,000 customers globally through the ThreatMetrix Digital Identity Network®, ThreatMetrix secures businesses and end users against account takeover, payment fraud and fraudulent account registrations resulting from malware and data breaches. Key benefits include an improved customer experience, reduced friction, revenue gain and lower fraud and operational costs. The ThreatMetrix solution is deployed across a variety of industries, including financial services, e-commerce, payments and lending, media, government and insurance.