Digital Transactions Authoritative, insightful and timely information for payments professionals
There’s nothing new about identifying e-commerce customers through the device they use, but now the proliferation of mobile devices has data scientists hatching new ways to thwart fraudsters. One way authenticates users through not-so-obvious links between the many devices they may rely on day-to-day. The other takes a close look at how consumers use those devices and isolates forms of usage that strongly indicate fraud.
Sensing that identifying a single user by a single device he uses is no longer enough to stop fraudsters, San Jose, Calif.-based ThreatMetrix Inc. recently rolled out its Digital Identity Graph. This is an ambitious effort, three years in the making, to map consumers with all the devices they use and the relationships they have with related people and the devices they use. If a user logs in with an iPhone and then later comes to the same site on an iPad, the Graph can make the association and recognize and score the consumer for risk.
Indeed, the Graph boasts a recognition rate in North America that hovers around 95%, meaning ThreatMetrix fails to identify the user or misidentifies him 5% of the time, according to Armen Najarian, the company’s chief marketing officer. The key, he tells Digital Transactions News, is the ability to authenticate the various personas users create when they use multiple devices. “It’s multiple personas, but one digital identity,” Najarian says.
That ability must also extend to other persons known to the user and who might have access to the same devices. “There are connections to other personas that have threats associated with them,” he says. These associations change constantly, so the Graph, he says, is “a living thing.”
ThreatMetrix generates a score indicating the threat probability and leaves it up the e-commerce client to decide whether to go ahead with the transaction. All of this, Najarian says, happens within 100 milliseconds.
The authentication can happen at account creation, at each log in, and with each payment. ThreatMetrix works with 4,000 clients, including merchants like Netflix, marketplaces like eBay, and processors like Alibaba, CyberSource, and PayPal. It sees between 60 million and 80 million transactions daily.
Meanwhile, Palo Alto, Calif.-based Simility Inc. is working a somewhat different angle. Founded less than two years ago by veterans of Google Inc., Simility is identifying hundreds of characteristics associated with device usage and with a high probability of fraud.
For example, in a test it ran in January on some 500,000 known browser-based devices, a few of which were used by fraudsters, it determined criminals have some standout habits. They tend to clear their cookies much more frequently than honest users. They tend to flush their referrer history five times more often. And they install far fewer plug-ins and extensions.
These are just some of the so-called signals the startup has found. Most of the others are confidential. The ones the company has revealed “don’t give anyone our secret sauce,” Kedar Samant, co-founder and chief technology officer, tells Digital Transactions News.
“Fraudsters are smart, they keep changing,” he says. When it became known that criminals favored using private browsers, he says, fraudsters changed their preferences and private-browser use no longer stood out as a defining characteristic of suspicious behavior. In fact, he adds, so-called private mode is much more indicative now of a legitimate user.
For now, Simility is in beta with “a handful of clients,” says founder and chief executive Rahul Pangam. It plans to launch a commercial service this spring.
