Download Now - ThreatMetrix

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
Document related concepts

Link Motion Inc wikipedia , lookup

Carrier IQ wikipedia , lookup

Mobile device forensics wikipedia , lookup

Mobile security wikipedia , lookup

Transcript 
CASE STUDY
ThreatMetrix Streamlines Mobile App Experience for
Large Global Bank, Reducing Friction and Fraud
ThreatMetrix Mobile SDK provides end-to-end authentication, threat detection and fraud prevention
for bank’s mobile loan applications
OVERVIEW
AT A GLANCE
CUSTOMER
Large Global Bank
REQUIREMENTS
• Accurately authenticate legitimate customers
• Reduce bad agent activity on loan applications
• Effectively detect fraudulent account takeover
• Protect payment platform from fraudulent
money transfer
SOLUTION
Leveraging features from ThreatMetrix Mobile
SDK and intelligence from the Digital Identity
Network, this bank can correlate logins, loan
applications and money movement within their
mobile banking app. This accurately distinguishes
between fraudsters and legitimate customers in
real time.
BOTTOM LINE
• Dramatically improved detection rate of
fraudulent loan applications
• Reduced manual review burden for high-risk
loan applications
• Improved detection of device and location
spoofing by 70%
• ThreatMetrix facilitated real time transaction
processing and compliance with data
regulation requirements
160 W Santa Clara St
San Jose, CA, 95113
United States
Telephone: +1 408 200 5755
Fax: +1 408 200 5799
[email protected]
www.threatmetrix.com
This fast-growing, global bank has a philosophy that centers
around being customer-orientated, while driving change,
innovation and development across its suite of banking
services. As part of its product innovation, the bank developed
a mobile banking app which facilitates P2P money lending,
investment and mobile wallet services. Mobile banking
transactions continue to grow globally as consumers migrate
away from desktop-only banking, to the convenience,
immediacy and portability of mobile. Cybercriminals, however
are following suit, evolving their attacks to capitalize on
the increasing popularity of mobile banking apps. The bank
needed robust mobile app security that could accurately
detect fraudulent activity in real time, before loan applications
were approved or user accounts compromised.
With ThreatMetrix, it can:
•
•
•
•
Effectively authenticate new customers registering for the
app, detecting fraudsters registering using stolen or
synthetic identities.
Recognize returning customers and prevent fraudulent
account takeover.
Ensure fraudsters are prevented from applying for loans,
detecting instances of bad agent fraud.
Maintain the integrity of the payment platform, ensuring
money is transferred directly to the legitimate customer.
Mobile banking transactions continue to grow globally as
consumers migrate away from desktop-only banking, to the
convenience, immediacy and portability of mobile.
BUSINESS PROBLEM
This bank is at the forefront of mobile banking solutions,
offering end-to-end loan services, from application, through
to payment, solely on its mobile app. This became a prime
target for fraudsters looking to cash in on fast loans. The bank
began to see high instances of device and location spoofing as
fraudsters tried to infiltrate existing accounts or masquerade
as legitimate customers to take out a loan.
1
CASE STUDY
However, one of the key challenges was that the bank was
seeing high levels of bad agent activity on loan applications.
An agent was applying for a loan on behalf of the customer,
inflating the loan amount required and keeping half the
money. Legitimate customers were left with loan amounts they
couldn’t repay and the bank was losing money.
Malware Detection: Known, trusted apps are seamlessly
identified in real time, along with any app containing malware
or a poor associated reputation. All connecting Android
devices are analyzed to gain deep insight into the reputation
of each installed app. These same benefits also apply to the
host iOS app that the Mobile SDK is embedded in.
The bank’s existing solution was not able to effectively
detect instances of device and location spoofing, malware or
jailbroken / rooted devices. It needed a more effective way to
identify users attempting to bypass device fingerprinting, and
correlate this to other behavioral anomalies that could indicate
a high-risk transaction attempt.
Location Services: Latitude and longitude information is
gathered from GPS hardware and IP addresses are compared
with physical locations to detect the use of proxies and VPNs.
Existing application permission levels are leveraged to avoid
user inconvenience.
The ThreatMetrix Mobile SDK, in tandem with intelligence
from the ThreatMetrix Digital Identity Network, accurately
detected high-risk behavior (such as device / location
spoofing) before a transaction was processed.
END-TO-END MOBILE APP SECURITY POWERED BY
GLOBAL SHARED INTELLIGENCE
The ThreatMetrix Mobile SDK, in tandem with intelligence from
the ThreatMetrix Digital Identity Network, accurately detected
high-risk behavior (such as device / location spoofing) before a
transaction was processed.
ThreatMetrix Mobile is a lightweight software development
kit (SDK) for Google Android and Apple iOS mobile devices.
Devices showing high-risk anomalies can be flagged for
review while legitimate users are recognized in real time and
can conduct transactions without additional authentication
procedures.
Calls to ThreatMetrix Mobile were inserted at strategic points
within the bank’s mobile app—during initial registration, at
login, during a new loan application and at payments. The
connecting user’s mobile device is then profiled to provide the
following levels of protection:
Application Integrity Evaluation: This ensures that the host
application has not been tampered with or modified, either by
malware or by a malicious user and is validated every time the
app is launched to provide ongoing security.
Advanced Persistent Device Identification: Identifies individual
mobile devices for both iOS and Android platforms, even if
they have been reset or if the app has been reinstalled.
Jailbroken (iOS) and Rooted (Android) Devices: Dynamic
jailbreak and root detection technologies determine when
device security controls have been compromised.
Anomaly and Device Spoofing Detection: Detects device
emulation, tampering, root / jailbreak cloaking, and other
anomalies that may indicate fraud. Automatically detects
device and data spoofing by analyzing the network traffic
packet signatures originating from the device.
Dynamic Configuration and Updates: Configuration and threat
methods are updated via ThreatMetrix servers, mitigating the
need for the bank to re-release its app.
ThreatMetrix Mobile is underpinned by real time intelligence
from the ThreatMetrix Digital Identity Network. The Network
harnesses global shared intelligence from millions of daily
consumer interactions including logins, payments and new
account applications across all ThreatMetrix global clients.
Using this information, ThreatMetrix stitches together
a user’s true digital identity by analyzing the myriad
connections between devices, locations and anonymized
personal information. Transactions are verified in real time
against trusted patterns of behavior: high-risk anomalies
are accurately identified for review while genuine users
experience minimal friction.
ThreatMetrix®, The Digital Identity Company, is the market-leading cloud solution for
authenticating digital personas and transactions on the Internet. Verifying billions of annual
transactions supporting tens of thousands of websites and thousands of customers globally
through the ThreatMetrix® Digital Identity Network, ThreatMetrix secures businesses and end
users against account takeover, payment fraud and fraudulent account registrations resulting
from malware and data breaches. Key benefits include an improved customer experience,
reduced friction, revenue gain, and lower fraud and operational costs. The ThreatMetrix
solution is deployed across a variety of industries, including financial services, e-commerce,
payments and lending, media, government, and insurance.
For more information, or a demonstration of how the ThreatMetrix solution can work for your
business, contact [email protected].
© 2016 ThreatMetrix. All rights reserved. ThreatMetrix, TrustDefender ID, TrustDefender Client, TrustDefender Cloud, TrustDefender Mobile,
ThreatMetrix SmartID, ThreatMetrix ExactID, the TrustDefender Cybercrime Protection Platform, and the ThreatMetrix logo are trademarks or
registered trademarks of ThreatMetrix in the United States and other countries. All other brand, service or product names are trademarks or
registered trademarks of their respective companies or owners.
Related documents
Simple Interest Name Homework Period ______ Find the interest
Simple Interest Name Homework Period ______ Find the interest
Internet of Things: Discovering the Internet of Things in your home
Internet of Things: Discovering the Internet of Things in your home
Web Developer application exercise
Web Developer application exercise
PDF
PDF
Cancer Care Connect App
Cancer Care Connect App
Negative Numbers EDI
Negative Numbers EDI
Investment - Wauna Federal Credit Union
Investment - Wauna Federal Credit Union
Quiz 4A Fall 06 - Montgomery College
Quiz 4A Fall 06 - Montgomery College
1.06 Describe the nature of retail/business banking processes
1.06 Describe the nature of retail/business banking processes
Karen niemla ulm library
Karen niemla ulm library