PaymentsJournal
SUBSCRIBE
  • Analysts Coverage
  • Truth In Data
  • Podcasts
  • Videos
  • Industry Opinions
  • News
  • Resources
No Result
View All Result
PaymentsJournal
  • Analysts Coverage
  • Truth In Data
  • Podcasts
  • Videos
  • Industry Opinions
  • News
  • Resources
No Result
View All Result
PaymentsJournal
No Result
View All Result

Is Device Intelligence Enough to Keep Bad Actors at Bay?

PaymentsJournal by PaymentsJournal
September 2, 2021
in Featured Content, Fraud Risk and Analytics, Security, The PaymentsJournal Podcast
0
Is Device Intelligence Enough to Keep Bad Actors at Bay?

Is Device Intelligence Enough to Keep Bad Actors at Bay?

0
SHARES
0
VIEWS
Share on FacebookShare on TwitterShare on LinkedIn
https://media.blubrry.com/paymentsjournal/paymentsjournal.com/wp-content/uploads/2021/09/Nudata-002-003_mixdown2.mp3

Podcast: Play in new window | Download

The concept of fraud risk is nothing new, but the amount of fraud happening in an increasingly digital world certainly is. In recent years, and especially since the new normal that emerged in the wake of the global pandemic and the subsequent increase in on-demand technology, nearly every consumer has developed a digital footprint. While life online has made many lives simpler and everyday tasks more convenient, it has also opened up avenues for bad actors to carry out cyberattacks.

To further discuss the pros and cons of device intelligence and how companies can most effectively mitigate fraud risk, PaymentsJournal sat down with Jonathan McGrandle, Director of Market Delivery, and Luis Pontes, Director of Market Development Management, both of NuData Security, a Mastercard company, and Tim Sloane the VP, of Payments Inn

PaymentsJournal
PaymentsJournal
PaymentsJournal

Can device intelligence get rid of most risk?

According to NuData, 97% of all fraud comes from an anomalous device or network. Historically, device intelligence has been a key component to fraud strategies and handled a large portion of the fraud. However, fraudsters have picked up on this strategy and are subsequently going to great lengths to try to spoof or mask their devices.

Today, there is a lot of spoofing as well as attribute-modification and other strategies being used in an attempt to avoid device identification altogether. Attempts to avoid device identification take place in both one-off fraud instances and automated mass scale attacks. For example, a fraudster may figure out the credentials for a user’s account before actually going in and trying to exploit that account. This fraudster will go to extensive lengths to mask their device, perhaps through an emulator. They will do some research, learning basic information like the victim’s geo location. They will then try to find a similar IP address and set the device to the same time zone as the real account holder.

“Within the NuData network, 45% of the attacks that we see these days are going to extensive lengths to cycle through IP addresses,” explained McGrandle. “And what I mean by that is, they’ll only use an IP address one or two times within their attack, and then they’ll discard it completely.” The fraudster won’t use the IP address again because they know it is something companies look at as part of their fraud strategy, and they are going a step further by making sure these IPs are stemming from legitimate companies like Comcast and AT&T.

Device intelligence tools aren’t always enough

Fraudsters try to make their devices look as similar as possible to those of real users. They use techniques, such as wiping cookies from the device and changing the settings, to make the device appear legitimate. Additionally, focusing only on the device may lead to false positives.

Another technique used by bad actors relates to malware. “When you remotely access a user’s account, it’s still that same user’s device that’s being used,” elaborated Pontes. “If you’re only focusing on the device, you see the real device that a user is expected to use, while being handled by the fraudster who is doing all the actions in the background, so they try as much as possible to emulate the real device.” This is where device intelligence comes in short.

By capitalizing on new online services bad actors are also using the extreme digitization that has occurred during COVID-19 to their advantage. Focusing solely on the device might not work to protect against social engineering attacks – that are prone to collecting critical information by abusing legitimate services. Additionally, human farming, or the opening of as many accounts as possible in one environment, is another attack in which fraudsters are spreading across multiple devices to bypass those security tools. Because there are so many different devices being used, device intelligence tools have a hard time picking up on it.

What is device intelligence good for?

Device intelligence can be used to recognize legitimate consumers. Even with a swiftly evolving privacy landscape, consumers are not intentionally working to mask or spoof their devices; they might be withholding some device information, but not changing device attributes or engaging in other sophisticated tactics used by fraudsters.

When a device is recognized as having the same IP address, geolocation, screen resolution, and type of MacBook as one that has repeatedly been on the server, device intelligence software can give that device the green light and allow for a frictionless experience.

When you rely on device intelligence and see a new device, the application of more friction becomes necessary. From a fraud risk strategy, the device needs further analysis, for example a physical biometrics request. “You want to treat it almost a little bit more aggressively because you don’t have the confidence that this is a returning device,” said McGrandle. Additional fraud strategies should be applied to make sure that what this new user is doing is not going to result in fraud.

Device intelligence is also useful to detect suspicious device but, instead of at the individual level, at the population level. Pontes shared an example of these population-level anomalies that can be detected with device intelligence:

NuData saw traffic where, “individually, these logins do not seem very high risk because they don’t show any stark activity or repetitive inputs. “When we look at that singular level, it doesn’t show any fraud,” added Pontes. “But when we compare it to the population, we are able to identify patterns on this specific use case. We have identified that one single parameter, the user agent, [where the] last digit was changed for each login, but there were similarities when we compared and clustered all the information together.”

In short, device intelligence can help to detect population-level changes and legitimate returning users, but is not as strong at flagging the individual risk events. The rest is the gray area where device intelligence falls short.

How to avoid attacks that seem legitimate

This gray area is where companies need to add tools in addition to their device intelligence. There are a few layers of protection that can be added to decrease the success of bad actors that companies are rapidly implementing as attacks increase sophistication. Solutions that introduce passive biometrics and behavioral analytics play a crucial role in sorting out areas of uncertainty because the focus of these methods is not solely on the device.

With behavioral analysis, the focus shifts from singular devices to comparing that device to the population to identify similarities and anomalies, making it easier to address fraud even when it is a first-time attack from a specific user. It also recognizes the recurrent users by gradually attaining more confidence in who they are based on their behavior. The idea is not to create a bond between the user and the device, but to create intelligence about the user and how they are interacting with a platform.

For example, NuData hosts an enormous number of events with a high login count.

The idea behind using device solutions is finding anomalies among these attacks. Having more behavioral information to compare the devices to the population is the key to stronger fraud mitigation and bridge the gap of that gray area.

Tags: BiometricsDigital TransformationFraud PreventionNudata
0
SHARES
0
VIEWS
Share on FacebookShare on TwitterShare on LinkedIn

    Analyst Coverage, Payments Data, and News Delivered Daily

    Sign up for the PaymentsJournal Newsletter to get exclusive insight and data from Javelin Strategy & Research analysts and industry professionals.

    Must Reads

    5 Ways to Protect Your Financial Institution from a Cyberattack

    5 Ways to Protect Your Financial Institution from a Cyberattack

    May 26, 2023
    traditional banks

    How Traditional Banks Can Modernize Without Risk

    May 25, 2023
    identity fraud

    Javelin’s Identity Fraud Study Highlights the Changing Nature of Fraud

    May 24, 2023
    SASE, security-as-a-service

    Security-as-a-Service Secures
    Distributed IT Models

    May 23, 2023
    mule. real-time

    Early Detection of Mule Activity Requires Real-Time Solutions

    May 22, 2023
    embedded finance, ecommerce

    How Retailers Can Enter the World of Embedded Finance Confidently 

    May 19, 2023
    cross-border

    Cross-Border Trade is a Cinch with the Right Payments Partner

    May 18, 2023
    debit

    5 Reasons Merchants See Debit As
    Top-of-Mind for In-Store Sales

    May 17, 2023

    Linkedin-in Twitter

    Advertise With Us | About Us | Terms of Use | Privacy Policy | Subscribe
    ©2023 PaymentsJournal.com

    • Analysts Coverage
    • Truth In Data
    • Podcasts
    • Videos
    Menu
    • Analysts Coverage
    • Truth In Data
    • Podcasts
    • Videos
    • Industry Opinions
    • Recent News
    • Resources
    Menu
    • Industry Opinions
    • Recent News
    • Resources
    • Analysts Coverage
    • Truth In Data
    • Podcasts
    • Industry Opinions
    • Faster Payments
    • News
    • Jobs
    • Events
    No Result
    View All Result