To Stop Online Fraud...
March 2009
Device fingerprinting aims to stop online fraud. Device ID, the practice of fingerprinting the means by which an account is accessed, is seen as a growth security industry in 2009. The market for Device ID is currently dominated by financial institutions aiming to curb ID fraud and credit card account theft, but the chief executive of Threatmetrix said he sees social networking as an emerging growth space as well. He also said there is a market for retail sites both in affiliate programs and in processing Card Not Present purchases online. Threatmetrix, which is sold as a SaaS solution, provides a deep inspection of the TCIP packet so that when someone logs into a bank online, over 150 parameters are inspected in real time. Among these are use of a proxy, using a known compromised PC, and turning off java_script or cookies. Threatmetrix scores these and delivers that final score to the enterprise customer. New in this version are tools to determine whether this is a single computer concurrently logging into several different account names, or one username being logged in by multiple PCs, activity say from a botnet. Additionally, the service looks at how fast a given account is accessed (humans can react only so fast). In most cases the abnormalities are fraud scenarios. Threatmetrix knows of about 200 million compromised machines worldwide, but he said his company only keeps an active database of about 12 million.
Device fingerprinting aims to stop online fraud. Device ID, the practice of fingerprinting the means by which an account is accessed, is seen as a growth security industry in 2009. The market for Device ID is currently dominated by financial institutions aiming to curb ID fraud and credit card account theft, but the chief executive of Threatmetrix said he sees social networking as an emerging growth space as well. He also said there is a market for retail sites both in affiliate programs and in processing Card Not Present purchases online. Threatmetrix, which is sold as a SaaS solution, provides a deep inspection of the TCIP packet so that when someone logs into a bank online, over 150 parameters are inspected in real time. Among these are use of a proxy, using a known compromised PC, and turning off java_script or cookies. Threatmetrix scores these and delivers that final score to the enterprise customer. New in this version are tools to determine whether this is a single computer concurrently logging into several different account names, or one username being logged in by multiple PCs, activity say from a botnet. Additionally, the service looks at how fast a given account is accessed (humans can react only so fast). In most cases the abnormalities are fraud scenarios. Threatmetrix knows of about 200 million compromised machines worldwide, but he said his company only keeps an active database of about 12 million.
posted by arkietechs at 7:14 AM
0 Comments:
Post a Comment
<< Home