May 2017 ONLINE/MOBILE IDENTITY MANAGEMENT AND …ONLINE/MOBILE IDENTITY MANAGEMENT AND RISK...
Transcript of May 2017 ONLINE/MOBILE IDENTITY MANAGEMENT AND …ONLINE/MOBILE IDENTITY MANAGEMENT AND RISK...
IACA
Jay Johns –Global Partner Manager
May 2017
ONLINE/MOBILEIDENTITY MANAGEMENT AND RISK ASSESSMENT
2
ABOUT US
SOLUTIONS:Fraud Prevention and Authentication
CUSTOMERS: 600+, 6 Continents, 18 Time Zones
FOUNDED:2004
HEADQUARTERS: Portland, Oregon
EMPLOYEES:150
COMMUNITY: 3,500 Fraud Professionals
TRANSACTIONS MONITORED: 35B and climbing
BRANDS WE PROTECT: 1,500+
TRANSACTIONS PER DAY: 20+ million
SYSTEM DOWNTIME 3+ YEARS: 0 min
AboutUs
3
ABOUT US
98% customer retention and industry-leading customer satisfaction
67.5Net
PromoterScore
0
+50 -50
9 U.S. patents for device recognition, detection,
and authentication
4
iovation…
…. unites your fraud, security, and business teams with a common platform
for customer authentication and fraud prevention while ensuring an
outstanding customer experience.
5
6
WHERE DOES ONLINE/MOBILE FRAUD BEGIN?CREDIT CARD THEFT
7
WHERE DOES ONLINE/MOBILE FRAUD BEGIN?IDENTITY THEFT
8
WHERE DOES ONLINE/MOBILE FRAUD BEGIN?MALWARE
9
WHERE DOES ONLINE/MOBILE FRAUD BEGIN?SKIMMING
10
WHERE DOES ONLINE/MOBILE FRAUD BEGIN?PHISHING
11
HOW HACKERS SELL DATADARK WEB
12
HOW HACKERS SELL DATADARK WEB
13
DATABREACHES
$5Bin 2014$8Bin 2018
Data breaches will drive a 60% increase in Account Takeover
andNew Account Fraud.
60%
SOURCE: JAVELIN, 2015
INCREASE
14
GROWTH OF ONLINE FRAUDACCOUNT TAKEOVERS
15
GROWTH OF ONLINE FRAUDAPPLICATION FRAUD
16
PROJECTED IMPACTS IN THE U.S.CNP FRAUD
A potentially disastrous increase in Card Not Present fraud
CNP fraud is projectedto see a 80% increase over the next 4+ years
Source AiteGroup“EMV: Issuance Trajectory and Impact on Account Takeover and CNP,” May 2015
17
The Power of Device Intelligence.Every device tells a story.
Is device authorizedfor this account?
Where is device located?
Does device have a fraud history?
What other devices are related to this device?
How many accounts has device accessed?
Is device hiding from detection?
18
MD5 Hash of the full font list Random sample of 15 fonts Flash SharedObjectsnot writable Flash socket 843 based ip(real IP) Boolean indicator: flash took longer than expected to execute Accepted Char Sets in HTTP headerAccepted languages in HTTP header Browser user agent comment string Browser name / OS / Ver/ languageCookie writes excluded Boolean indicator, javascriptenabled Count of fonts in the full list Flash 3-part version (16.0.0) Flash 4-part version (16.0.0.305) List of browser plugins JavaScript screen resolutionSimbartoolbar GUID from HTTP hdrTimezoneoffset in minutes ... and more
WiFi(or Bluetooth) MAC AddressNetwork configurationiOS Device ModelBattery level / AC modeDevice orientationFile system sizePhysical memoryCPU Type / Count /SpeedNumber attached accessories Has proximity sensor?Screen brightness and resolutionSystem uptimeiOS Device Name (MD5 Hash) OS Name and/or versionDevice advertising UUIDKernel versioniCloud Ubiquity Token Application Vendor UUID /name/versLocale language / currency code… and more
Model and Device ModelBuild.DEVICE& Build.HARDWAREBuild.HOST& Build.IDManufacturerBuild.PRODUCT& Build.TIMENetwork Operator ID & Name SimOperator ID & CountrySystem Uptime in SecondsIs the device plugged inCPU TypePhysical memoryUnique build fingerprint of appAndroid SDK LevelAndroid Build Number (DISPLAY)Android Device System VersionDetected attempt at hiding root detect Kernel Version (was AKV) Android Locale Country Code Desktop Wallpaper Hash … and more
DEVICE RECOGNTIONHUNDREDS OF DEVICE ATTRIBUTES COLLECTED
Web Device PrintiOS SDKAndroid SDK
Unique adaptive analyticsare used to determine the combinations of attributes needed to achieve the most accurate device recognition.
19
GRANULAR DEVICE AND TRANSACTION DETAILS
RETURNED IN OUR REAL-TIME RESPONSE AND SEARCHABLE IN THE INTELLIGENCE CENTER
20
Your view
DeviceAssociations
Between your usersAcross other subscribersAcross industriesTo other devices and accounts
21
DETAILED FRAUD REPORTSUNDERSTAND WHY THE TRANSACTION WAS DENIED
FINANCIAL•Credit Card Fraud•ACH/Debit Fraud•Friendly Chargeback•Insufficient Funds•Fraud -Other•Potential Fraud•Shipping Fraud•Counterfeit Money Order•Click Fraud•Affiliate Fraud•First Party Fraud•Loan Default
MISCONDUCT•Chat Abuse•Spam•Abusive to Support•Promotion Abuse•Policy /License Violations
•Customer Harassment•Inappropriate Content•Profile Misrepresentation•Scammer/Solicitation•Code Hacking•Arbitrage Betting•Gold Farming
CHEATING•Collusion•Chip Dumping•All-in Abuse•Trading Restriction
ID THEFT•True Identify Theft•Synthetic Identity Theft•ID Mining/Phishing•Account Takeover•Failed Multi-Factor
Authentication
POLICY FRAUD•Application Fraud –1st Party•Application Fraud –3rdParty•Claims Fraud –1st Party•Claims Fraud –3rdParty
B2B FINANCIAL•Business Identify Theft•Fictitious Business•Business Takeover•Dealer Fraud•Payment Evasion•Business Misrepresentation
OTHER•High Risk•Under or Over Age•Requested Exclusion
22
Within 100ms, iovation...
CHECKS FOREVASION
LOOKS FORASSOCIATIONS
CHECKS FORANOMOLIES
LOOKS FORPAST FRAUD
and returns a transaction result based on factors that you’ve defined
Device has history of fraud, other serious risk factors, or
violates your policies
DENY
Nothing negative was associated with the device
ALLOW
Risk or new device seen, may want to manually review or challenge
REVIEW ORCHALLENGE
RECOGNIZESDEVICE
23
Device Reputation/Device AnalyticsProcess Analytics ToolsBureau DataPhone Number Data BureausCVV2Address VerificationCustom Developed Knowledge Based AuthenticationPush ACHMachine LearningMaintain internal block lists and cross-channel alerts
PROCESSES TO CONSIDER
24
Build a defense in depth waterfall strategyMaintain Fraud Manager PositionDevelop a toolset that addresses each area of risk individuallyConsider constituent user experience Utilize transparent technologies that doesn’t expose fraud prevention practicesCollaborate with peersEngage Law EnforcementMonitor performance of toolsAdjust rules to adapt to emerging threatsProvide strong defenses on high value accountsShare Online/Mobile threat data with processing personnelLimit export of Personally Identifiable Information
BUILDING A STRONG DEFENSE
IACAMAY 2017
THANK YOU