paladin vendor report 2017

Similar documents
A Layered Approach to Fraud Mitigation. Nick White Product Manager, FIS Payments Integrated Financial Services

Accelerating growth and digital adoption with seamless identity trust

On the Radar: NuDetect uses behavioral biometrics to detect security violations and verify trusted users

The Revenue Mindset Shift Addressing false positives. Sam Hartung Whitepages Pro, Partnership Risk Manager

Office 365 Buyers Guide: Best Practices for Securing Office 365

Universal Representation of a Consumer's Identity Is it Possible? Presenter: Rob Harris, VP of Product Strategy, FIS

SOLUTION BRIEF RSA SECURID SUITE ACCELERATE BUSINESS WHILE MANAGING IDENTITY RISK

CyberArk Privileged Threat Analytics

RSA Fraud & Risk Intelligence Solutions

RiskSense Attack Surface Validation for Web Applications

RSA Web Threat Detection

ForeScout Extended Module for Splunk

AND RISK ASSESSMENT IDENTITY MANAGEMENT ONLINE/MOBILE

Privileged Account Security: A Balanced Approach to Securing Unix Environments

CYSE 411/AIT 681 Secure Software Engineering. Topic #6. Seven Software Security Touchpoints (III) Instructor: Dr. Kun Sun

4. Risk-Based Security Testing. Reading. CYSE 411/AIT 681 Secure Software Engineering. Seven Touchpoints. Application of Touchpoints

WHITE PAPER AUTHENTICATION YOUR WAY SECURING ACCESS IN A CHANGING WORLD

WHITEPAPER. Protecting Against Account Takeover Based Attacks

EBOOK. Stopping Fraud. How Proofpoint Helps Protect Your Organization from Impostors, Phishers and Other Non-Malware Threats.

Adaptive Authentication Adapter for Citrix XenApp. Adaptive Authentication in Citrix XenApp Environments. Solution Brief

ID THE RIGHT RECIPE. Discover the right mix of digital identity data to serve different business needs

WHITE PAPER. ENSURING SECURITY WITH OPEN APIs. Scott Biesterveld, Lead Solution Architect Senthil Senthil, Development Manager IBS Open APIs

VANGUARD WHITE PAPER VANGUARD INSURANCE INDUSTRY WHITEPAPER

How Next Generation Trusted Identities Can Help Transform Your Business

Maintaining Trust: Visa Inc. Payment Security Strategy

ADAPTIVE AUTHENTICATION ADAPTER FOR IBM TIVOLI. Adaptive Authentication in IBM Tivoli Environments. Solution Brief

Protecting Against Modern Attacks. Protection Against Modern Attack Vectors

WHITE PAPERS. INSURANCE INDUSTRY (White Paper)

WHAT IS MALICIOUS AUTOMATION? Definition and detection of a new pervasive online attack

University of Pittsburgh Security Assessment Questionnaire (v1.7)

Account Takeover: Why Payment Fraud Protection is Not Enough

Imperva Incapsula Website Security

Application management in Nokia: Getting the most from Company Apps

Compliance with CloudCheckr

Authentication and Fraud Detection Buyer s Guide

PALANTIR CYBERMESH INTRODUCTION

Machine-Powered Learning for People-Centered Security

Enhancing the Cybersecurity of Federal Information and Assets through CSIP

Integrated Access Management Solutions. Access Televentures

Vincent van Kooten, EMEA North Fraud & Risk Intelligence Specialist RSA, The Security Division of EMC

SIEMLESS THREAT DETECTION FOR AWS

Insurance Industry - PCI DSS

AUTHENTICATION. Do You Know Who You're Dealing With? How Authentication Affects Prevention, Detection, and Response

Sustainable Security Operations

Integrating Okta and Preempt Detecting and Preventing Threats With Greater Visibility and Proactive Enforcement

Threat Modeling. Bart De Win Secure Application Development Course, Credits to

Adopting Modern Practices for Improved Cloud Security. Cox Automotive - Enterprise Risk & Security


Evolution of Spear Phishing. White Paper

Ο ρόλος της τεχνολογίας στο ταξίδι της συμμόρφωσης με τον Γενικό Κανονισμό. Αντιγόνη Παπανικολάου & Νίκος Αναστόπουλος

NIST Revision 2: Guide to Industrial Control Systems (ICS) Security

IPS with isensor sees, identifies and blocks more malicious traffic than other IPS solutions

Survey Guide: Businesses Should Begin Preparing for the Death of the Password

RFP/RFI Questions for Managed Security Services. Sample MSSP RFP Template

Jason Clark CHIEF SECURITY AND STRATEGY OFFICER, OPTIV. Renee Guttmann CHIEF INFORMATION SECURITY OFFICER, ROYAL CARIBBEAN CRUISE LINES

Go mobile. Stay in control.

Securing Privileged Access and the SWIFT Customer Security Controls Framework (CSCF)

ResponseTek Listening Platform Release Notes Q4 16

Beyond Blind Defense: Gaining Insights from Proactive App Sec

RSA INCIDENT RESPONSE SERVICES

SOLUTION BRIEF RSA NETWITNESS PLATFORM ACCELERATED THREAT DETECTION & AUTOMATED RESPONSE FROM THE ENDPOINT TO THE CLOUD

GDPR: An Opportunity to Transform Your Security Operations

Trending: Mobile Payments. Dan McLoughlin, VASCO Data Security Julian Sawyer, Starling Bank

2018 Edition. Security and Compliance for Office 365

RSA INCIDENT RESPONSE SERVICES

Behavioral Analytics A Closer Look

AUTHENTICATION IN THE AGE OF ELECTRONIC TRANSACTIONS

IBM Future of Work Forum

IDENTITY AND THE NEW AGE OF ENTERPRISE SECURITY BEN SMITH CISSP CRISC CIPT RSA FIELD CTO

Analytics Driven, Simple, Accurate and Actionable Cyber Security Solution CYBER ANALYTICS

Wayward Wi-Fi. How Rogue Hotspots Can Hijack Your Data and Put Your Mobile Devices at Risk

MITIGATE CYBER ATTACK RISK

Barracuda Advanced Threat Protection. Bringing a New Layer of Security for . White Paper

ASSESSMENT LAYERED SECURITY

CASE STUDY TOP 10 AIRLINE SOLVES AUTOMATED ATTACKS ON WEB & MOBILE

Protecting Against Online Fraud. F5 EMEA Webinar August 2014

Using Biometric Authentication to Elevate Enterprise Security

AAD - ASSET AND ANOMALY DETECTION DATASHEET

Adding Mobile App Payments at PacifiCorp

with Advanced Protection

White Paper

IBM Security Access Manager

FOR FINANCIAL SERVICES ORGANIZATIONS

Applying biometric authentication to physical access control systems

Intro to Niara. no compromise behavioral analytics. Tomas Muliuolis HPE Aruba Baltics Lead

EMERGING PAYMENTS. Breakout and Workshop

Monitise. RSA Adaptive Authentication On-Premise Implementation Guide. Partner Information. Monitise Mobile Banking Solution

Fighting Fraud with Behavioral Biometrics and Cognitive Fraud Detection. IBM Security s Brooke Satti Charles on the Power of These New Capabilities

White Paper. The North American Electric Reliability Corporation Standards for Critical Infrastructure Protection

Crash course in Azure Active Directory

Machine Learning and Advanced Analytics to Address Today s Security Challenges

Retail Security in a World of Digital Touchpoint Complexity

& Cross-Channel Customer Engagement RFP Guide

How technology changed fraud investigations. Jean-François Legault Senior Manager Analytic & Forensic Technology June 13, 2011

Nuno Pestana, WeDo Technologies

An Aflac Case Study: Moving a Security Program from Defense to Offense

PORTAL NOFRAUD GUIDE

Site Data Protection (SDP) Program Update

10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS

The SANS Institute Top 20 Critical Security Controls. Compliance Guide

Transcription:

paladin vendor report 2017

Introduction At Paladin Group, we re deeply immersed in the fraud solution landscape. It s our day-to-day work to understand the latest solution providers, services, and tools. As the number of solution providers and services grow, merchants options become complex and varied. As experts, we believe it s our job to serve as an authority on these products and their strengths, areas of opportunity, and enhancements. Together, we can help service providers and merchants do a better, more well-informed job mitigating the risks that come with accepting payments in an omni-channel, card-not-present (CNP) world. With that said, the 2017 Paladin Vendor Report is purely informational. Paladin has not written any opinions, given any reviews, or is displaying any thumbs-up (or down) about the information contained in the report. Paladin focused on several key areas during the discovery process. (Not all are applicable to every vendor, but for consistency, we examined each of the following wherever relevant.) PRODUCT - The vendor s current functionality. SERVICES - Available offerings to help merchants during integration and throughout their client lifecycle, including reporting. BUSINESS DEVELOPMENT - Current partnerships and channels for direct and indirect customers. MARKETING - The verticals vendors are focusing on and messaging SALES - A breakdown of market segments. TECHNOLOGY - How the product works from a technical perspective. 2 info@paladingroup.com

User Behavior & Behavioral Biometrics The solution providers in this industry segment offer logic designed to track users and prevent malicious activity by capturing and analyzing behavioral characteristics across the entire session, from login to check out and everything in between. These solutions compare known customer behavior in the case of an existing account as well as low- to high-risk behavior relative to overall order volume. Merchants can use these additional data points as an added layer in the overall decision process or decision on them specifically. 3 info@paladingroup.com

Machine Learning Vendor Overview NuData is a Mastercard-owned company headquartered in Vancouver, Canada that specializes in passive behavioral biometrics. Since their inception in 2008, they have 3rd Party API 3rd Party Payment API Gateway Payment Account/Client Operational Gateway Management Support Device Operational Fingerprint Support H maintained a heavy focus on research and development, looking for better and more sophisticated ways to distinguish automation from human and good users from bad. Their flagship platform, NuDetect (launched in 2013), marries enhanced device, connection, behavior, and passively collected biometric data to analyze and protect Machine Learning Machine Learning At a Glance: 3rd Party Professional API ATO Detection Payment ATO User Detection Behavior Gateway high-risk touchpoints throughout merchant and financial institution environments. In 2016 alone, the platform processed 97 billion of these touchpoint interactions. The company s recent acquisition by Mastercard provides additional stability and brand recognition, as well as potential for increased data volume and visibility into 3rd Party Account/Client API Management 3rd Account/Client Payment Party Device Professional API Gateway Fingerprint Management Device Machine Fraud Payment Historical Operational Fingerprint Engine/ Learning Gateway Sandbox Platform Functionality Support Testing Historical Non-Production Operational Sandbox Real Time Testing Support Rules Testing Gua the Mastercard ecosystem. Solutions & Functionality NuData uses a multi-layered approach to understand a user s digital interactions, Machine Professional Learning Machine Professional User Learning Behavior Account/Client User ATO Pre-Authorization Behavior Detection Management Functionality Device Pre-Authorization ATO Fingerprint Detection Functionality H analyzing the user across device and connection, behavioral analytics, passive biometrics, and the NuData Behavioral Trust Consortium. This behavioral data is continually aggregated as users interact with key touchpoints like login, online account origination, or transaction to create complex behavioral user profiles in real time. Account/Client Fraud Engine/ Platform Management Functionality Fraud Device Account/Client Non-Production Engine/ Fingerprint Platform Real Management Functionality Time Rules Testing Non-Production Guaranteed Historical Device Professional Fingerprint Sandbox Chargeback Real Time Rules Testing Liability Testing Guaranteed User Historical Behavior Chargeback Sandbox Liability Testing NuData continually analyzes this data to identify anomalies, spoofing, or unexpected user behavior. Professional User Professional Behavior Fraud Pre-Authorization User Engine/ Behavior Platform Functionality Non-Production Pre-Authorization Real Time Functionality Rules Testing Gua 4 info@paladingroup.com

This intelligence is generated and shared with NuDetect clients in real time, enabling them to do two key things: (1) identify higher risk activities before the submission point to apply friction or modify the risk profile and (2) provide a better experience to legitimate customers. 1. Passive biometric verification: NuData s passive biometric analysis looks at how the user inputs into the device. This includes the collection of hundreds of features like typing speed, keystroke deviations, keystroke up/down analysis, pressure settings, accelerometer data, and how the device is spatially oriented. Passive biometric data allows NuData to do three key things. First, NuDetect is able to determine if the user interacting is human or non-human based on how the user is physically interacting with the device. Second, NuDetect is able to identify if an anomalous human is interacting with the device. Third, if the user is authenticated, NuDetect can build out passive biometric profiles, allowing NuDetect to provide a confidence score to see if it is the correct human authenticating into the trusted environment or an incorrect human who may have compromised a user s authentication credentials. 2. Behavioral analysis: NuData looks to understand how the data being analyzed relates back to historical data linked to that user. For example, if a user has always historically interacted on a Mac using the Safari browser, it would be an expected behavior of the user that they would be using a Mac with the Safari browser during future interactions. At the full population level, NuData looks to understand how the ratios of data are passing through the overall environment. For example, if the environment traditionally sees its overall user-base interacting via Chrome 20% of the time and Internet Explorer 35% of the time, it would be expected that these ratios would remain relatively stable at all times. If NuDetect starts to see deviations in the expected data ratios, it can identify these anomalous sub-populations to better understand if risk is present. NuDetect analyzes hundreds of data points in real time across both the individual user and full population to identify anomalous or risky behavioral interactions. 3. Device and connection intelligence: NuData analyzes the user s device, connection, and location during each behavioral profiling event. This data is used to understand how the user is connecting to the environment and what device type is being used to interact within the environment. This enables NuData to understand if the user being profiled is coming from a device/connection that is expected for the environment or if the device/connection is attempting to spoof or obfuscate its true identity. As part of this analysis, NuData creates a token-based device ID and a configuration-based device fingerprint to continually identify the device each time it 5 info@paladingroup.com

returns to the environment. Along with profiling the device, NuData analyzes the connection and geolocation data linked to the behavioral event to identify various types of anomalies or risk. The technology is fully proprietary and not reliant on a third-party provider. 4. NuData Behavioral Trust Consortium: The NuData Behavioral Trust Consortium brings together the billions of data points collected across the full NuData customer base to create a positive and negative data consortium. This allows NuData to identify when previously identified data may create a level of risk or validity within the client s environment. During each profiling event, NuData collects and anonymizes key data points that are promoted into the NuData Trust Consortium. Positive and negative quintile rankings are assigned to these data points based on the level of risk or validity identified. This intelligence is then used to further identify the status of a behavioral profiling event. NuDetect Core Monitoring Placements: The NuDetect solution is designed to monitor user behavior and interaction at any form field interaction point throughout a web, mobile, native app, or Application Program Interface (API) environment. The examples below are the most common touchpoints where the NuDetect solution is integrated within a client environment. 1. Account creation (ATO): NuDetect identifies and mitigates malicious and non-human account creation events by identifying and analyzing the underlying behavioral interaction as well as using the vast dataset in the NuData Behavioral Trust Consortium. The solution can identify and mitigate malicious automation, and it can identify directed human automation (also known as human farming ) and the use of synthetic and stolen identities. 2. Login/Authentication: In real time, NuDetect monitors every authentication event to identify if a valid human user is accessing their account or if a malicious entity is attempting to take unauthorized control of an account. At login, the solution mitigates against account takeover, brute-force access, and various types of account credential testing. Implementation on this placement allows for the passive recognition of good returning users, allowing for a better/reduced-friction customer experience, while still protecting the account against misuse. 6 info@paladingroup.com

3. Transaction: At the transaction, NuDetect builds upon intelligence generated from account opening, login, and prior transactions (both in-session and historically) to identify elevated risks from session hijacking, man-in-the-browser attacks, and other malicious threats. This intelligence can be used to enhance existing risk controls to minimize friction and potential false positives, as well as optimization of fraud review queues using behavioral intelligence. Use of this product has shown positive results in the identification of awards abuse, unauthorized resellers, and the overall optimization of existing transactional review models. In conjunction with these core monitoring placements, NuDetect can analyze and provide intelligence at a variety of other interaction points across the digital landscape based on the client s needs and use-cases. NuDetect Real-Time Intelligence: At each behavioral profiling point interaction, NuData generates a score array consisting of a set of behavioral scoring elements which are returned to the client environment in real time. The score is generated based on the analysis of the user s device, connection, behavior, and passive biometric data collected during each behavioral profiling event. The following section provides an overview of the types of intelligence provided by NuDetect. Components of that decision can include the following: Real-time scoring intelligence: At each behavioral profiling point interaction, NuData generates a score array consisting of a set of behavioral scoring elements which are returned to the client environment in real time. This analysis uses intelligence anchors such as IP, email, account, phone, device, or credit card number to analyze current and historical behavioral interactions across the full NuDetect network to identify anomalies and solve specific client use-cases. The platform also allows clients to return real-time feedback allowing the NuDetect models to further learn in real time. Score NuData generates a numeric score that provides a risk value for the event profiled. Score band NuData passes back a Green/Yellow/Red score band identifier based on the total score generated for the event. Device ID NuData will create a token-based Device ID that provides an exact device identifier to determine when a previously profiled device is returning to the client s environment. Device fingerprint NuData will provide a configurationbased device fingerprint that offers a lower-resolution device identifier that can be used to group similar device configuration types. 7 info@paladingroup.com

Behavioral intelligence signals NuData generates Behavioral Intelligence Signals at each event profiling. Behavioral Intelligence Signals provide additional context into the risk or lack of risk identified during each profiling event. Real-time evaluation: Real-time rules and policy explanations using NScript (an easy-to-use rule language) gives users insight into the specific rule combinations triggered. NScript can also let users create and manage their own rules in house. The functionality includes preview mode, as well as revision history by user. These rules can stand alone or be placed in rule families, which can be focused on specific attack types, automation, account takeover, etc. Real-time policy enforcement: NuDetect can facilitate real-time policy enforcement though the NuDetect policy enforcement engine. It can dynamically display interdictions such as an SMS, Push to Mobile, or captcha. Along with providing the full enforcement solution, NuDetect can intelligently alert when inhouse client interdiction enforcement policies should be triggered. Client Analysis Portal: The Client Analysis Portal provides the client with a full realtime visualization of behavioral intelligence data collected on the web, mobile, native app, or API environments. The portal displays the environment at multiple levels spanning from the full aggregate view, individual user profiles, session interaction analysis, and aggregate behavioral analysis visualization. The interface can drill down and provide extensive details for each activity, pivoting on signals (or rules) and placement (touchpoints mentioned above). CUSTOMER TESTIMONIAL (NuData) allows us to understand what customers are doing before we take their money. We can establish a baseline of what were seeing and introduce or remove friction points based on this intelligence. CUSTOMER TESTIMONIAL (NuData) allows us to break down friction for good users while preventing the fraud. Treat good customers with white gloves and bad customers like criminals. Service levels for availability are guaranteed at 99.99 percent, with a 300MS processing time Service Level Agreement (SLA) for API calls. 8 info@paladingroup.com

Services Offered: Customer service prioritization follows a three-tier process: 1. 24/7 emergency support: A 15-minute response SLA, including outages, major performance issues, etc. 2. Non-production impacting: A 24-hour response SLA 3. Success manager: Offered as needed, such as for a long-term strategy. Prior to integration, the Customer Success team is engaged with merchant clients and maintains that support through the growth phase. The key focus centers on identification of pain-points, specific handoffs, and management of the 30-day modeling period. 2. Integration and coding: This can take as few as two weeks, but the average timeframe is 90 days depending on the number of touchpoints and teams involved. 3. Post-coding analysis and optimization: This stage includes implementing models in silent monitoring mode to allow analysis and model behavior. Next is a collaborative tuning phase, and a 30-day learning period is typically required for high-probability performance. A typical project track would progress through a threephase process. 1. Project scope and kickoff: Customer success is engaged throughout this process, with emphasis on success and implementation criteria. It includes one to two days of scoping meetings to identify the use cases, placement mapping, ID success criteria, technical site walk-through, and review of the integration documentation. 9 info@paladingroup.com

Paladin would like to thank all of the participating vendors for their time and availability during the discovery and post-writing processes. We also would like to remind all readers of this report that they can email us at info@paladinfraud.com to let us know which vendors they would like to see participate in the refresh of this report which will be published in early 2018. Again, anyone who downloads the report will automatically be emailed the refreshed version upon publication.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback