Page 48 - index
P. 48
While these fraud statistics are significant and can lead to vast financial losses without
preventative measures in place, online channel friction, or in other terms customer harassment,
can be just as detrimental to the bottom line.
Such friction leads to lost revenues due to increased but necessary security measures resulting
unintended consequence of combating global cyber-terrorists.
Passive, context-based authentication based on shared global intelligence is a much more
effective way to proactively authenticate customers without arduous step-up authentication.
Rather than interrupting the customer experience with an out-of-band SMS message or direct
telephone call, which absolutely will impact retailers’ and other businesses’ top line revenue and
reduce customer satisfaction, businesses can now passively identify and authenticate each
online customer based on the recent experiences of thousands of other enterprise companies
who have successfully conducted online transactions with that customer.
Such technology can reduce your use of step-up and out-of-band authentications by as much as
70 percent with no increase in fraud, therefore greatly improving both the bottom line and the
customer experience.
Passive context-based authentication using global shared intelligence is completely transparent
to the customer experience, can be processed in real time and costs less than a penny per
transaction. It also provides much broader and better security than businesses currently receive
from proactive, customer-disruptive solutions.
Context based authentication includes the detection of malware, hidden proxies, the history,
number and velocity of user credentials, and customers’ actual behavior.
ThreatMetrix passive authentication uses four layers of defense to identify in real time good
customers and criminal actors. These include:
• Device Analytics examine the attributes, location and reputation of a customer’s
endpoint device regardless of whether it is a desktop or mobile device. Such analytics
identify whether or not that device is behind a hidden proxy or unregistered VPN,
determine whether that device has been infected with malware such as a Man-in-the-
Browser (MitB) Trojan and informs the business whether or not that customer is using
private browsing to hide their true identity.
• Identity Analytics informs the business about related devices and user credentials an
individual customer regularly uses (this capability precludes the use of more invasive
forms of two-factor authentication simply because a customer elected to use a different
device), and the authenticity of a customer’s credentials (for example, shipping and
billing addresses).
• Behavioral Analytics correlate related events and customer activities across e-
commerce, financial services and enterprise customer-facing websites around the world.
Rather than proactively calling that customer and interrupting thee online experience,
behavioral analytics deliver to you the meta history of each consumer so businesses can
48 Cyber Warnings E-Magazine – November 2014 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
