ThreatMetrix, a provider of fraud prevention solutions that do not require personally identifiable information (PII), today announced the availability of the ThreatMetrix Cloud-Based Fraud Prevention Platform, which incorporates cookieless device identification and enhanced mobile authentication that makes it easy for banks, merchants, online businesses, payment gateways and payment providers to detect and screen for fraud. The comprehensive fraud platform helps companies fight online fraud during account creation, login authentication and payment authorization regardless of the device. With the growth of mobile commerce and mobile banking, there is a growing need for fraud solutions in this channel.
“The ThreatMetrix Cloud-Based Fraud Prevention Platform provides companies with the ability to authenticate payments, new accounts and returning customers online regardless of the device involved — be it a smartphone, personal or tablet computer — without requiring a forklift install of hardware or software,” said Reed Taussig, president and CEO, ThreatMetrix. “A smarter approach to device identification combined with aggregated fraud intelligence in the cloud allows customers to benefit from proactive protection without needing to share personally identifiable information.”
ThreatMetrix’s solution to cookieless device identification, called ThreatMetrix SmartID, goes beyond traditional device identification solutions by incorporating device fingerprint attributes instead of cookies, which can be wiped or blocked. ThreatMetrix SmartID, which incorporates unique TCIP/IP packet intelligence, cross correlates and scores device attributes and behavior with session and browser cookies to more accurately establish and authenticate a device identity.
“Using ThreatMetrix SmartID, ThreatMetrix provides the most effective first perimeter of defense for transaction security from cybercrime, hidden proxies, scripted attacks and cookie and browser manipulation by fraudsters,” said Taussig.
The ThreatMetrix Cloud-Based Fraud Prevention Platform
The ThreatMetrix Cloud-Based Fraud Prevention Platform includes several new features including:
- Enterprise Risk Engine: ThreatMetrix provides real-time contextual scoring based on device, customer and transaction attributes and historic analysis through a customer configurable rules engine. Default rules and algorithms will detect many anomalies such as hidden proxies, high-risk geographies, anomalous language and time settings, potential cookie wiping and blacklisted attributes. More advanced rules allow for correlation of other transaction data such as detecting multiple identities, payment accounts or shipping addresses used by the same device, or an unusually high volume of transactions from a device across the ThreatMetrix network. ThreatMetrix rules can be updated by analysts and activated immediately to respond to changing threats.
- Global Network Intelligence: ThreatMetrix customers benefit from anonymous and aggregated device and transaction behavior seen across the global ThreatMetrix network through both automated scoring as well as customizable fraud filters. The ThreatMetrix Cloud-Based Fraud Prevention Platform provides proactive protection that gets smarter with every customer and transaction without, requiring extensive manual input.
- Queue Management: Manual review of transactions is time consuming and expensive. To address this, ThreatMetrix allows for custom tuning of rules to reduce false positives, and also automated assignment of transactions to analyst queues by configurable rules. This enables analysts to focus on the highest risk transactions, based on score, transaction amount, or criteria such as geographical origin, for instance. When a transaction is reviewed, it can be marked as rejected/accepted to improve the ability of ThreatMetrix to score transactions through predictive scoring.
- Customizable Alerting: ThreatMetrix supports automated alert rules to notify an analyst by email when a transaction meets specified criteria. These alerts can be set based on risk, transaction or device attributes, or associated with specific fraud behavior. Alert content can be customized and linked directly back to the transaction for review.
- Online Portal and Dashboard for Transaction Monitoring and Link Analysis: In addition to a real-time API that immediately returns device identifiers, anomaly indicators and risk scores, ThreatMetrix provides an online portal to review past transactions. It includes a dashboard that shows recent high-risk transactions and trends, as well as advanced search capabilities to assist fraud analysts in finding related transactions and discovering links between suspicious activities.
- Bulletproof Security and Privacy Protection: ThreatMetrix provides advanced device identification technology to detect and alert based on suspicious device anomalies. For even more powerful fraud detection, transaction identifiers (such as an email address, payment account hash, phone number, etc.) can be passed to allow for more correlation. When provided, ThreatMetrix protects these identifiers with encryption and one-way hashing so the data is never exposed or shared. In addition, power role-based permissions and full auditing meet and exceed enterprise security compliance requirements.