ThreatMetrix ARRC 2016 presentation by Ted Egan

Asia Risk & Resilience Conference 2016

ThreatMetrix Q2 Cybercrime Report 2016


AreCybercriminalswinningthefight?

ThreatMetrixsawan50%increaseinfraudattackssinceQ22015

In Q2 2016 More than 112 million attacks were detected

and stopped in real time;

More than 450 million bot attacks were identified and stopped during this last quarter, a 50% increase over previous quarter.


What we know: Nearly 4 Billion User Records Stolen Since 2013

Emailaddressesstolen40McustomerrecordsfromAshleyMadisonmadeavailabletopublic

HealthCareDataBreached80MpatientrecordsstoleninAnthembreach

Creditbureaudatastolenhundredsofmillionsofrecordsinvariouscountriesstolene.g 27MinKoreain2014

GoogleandYahooBreach272.3millionstolenaccountsdetailsfromarebeingtradedinRussia


Data Breaches Continue To Grow

UserNames/PasswordsRIP:Thereisnowlongeranysecurityvalueintheageofthedatabreach

With278million+consumerrecordscompromisedin2015alone,theconceptofdataprivacy(andreliability)isnowanillusion


Customer Life Time Value Destruction


Getting Worse Not Better


We Need to Rethink Identity


What Can We Do?FirstSteps


Businesses are increasingly experiencing the

downstream effects of data breaches

We Now Live in a Post Data Breach World


Increased Friction


Band-Aid Solutions


Are your customers/employees

/partnersTrusted User

or Cyber Threats?


Understand: Cyber Threat Attack vectors and the new target

13

TrustisCritical

DigitalDebris

RiseofMachines

MobileFirstWorld

GlobalOrganizedCybercrime

DigitalIdentitiesarethenewtargetandtheyarecompromisedatalarmingrates:

Tomanageyourriskyouneedtounderstand:

• Howyour[employees,contractors,customers,partners]interactwithyourOmni-channels

• Whotheyreallyare• Howtheyarebehavingin

realtime


Understand The Cyber Threat: Predictions and Strategic Imperatives

• Botnetattacks:willcontinuetoriseandevolvetobypassratecontrolsecurity

• Identity/credentialtheft:willcontinuetobeakeyissueforallindustries

• Mobiletransactions:willincreaseparticularlyinthemobilebankingsector

• Globaltransactioncontext

• SingleOrchestrationPlatform

• BestinClassAnalytics


8am 10pm

PersonalPersona

BusinessPersona

Enroll in Insurancefrom Laptop

CheckEmail from Mobile Phone

Book a Flight from Tablet

CheckEmail from Tablet

PayBills from Laptop

Buy aShirt from Laptop

SurfFacebookfrom Mobile Phone

Account Origination Fraud Phishing CNP

CNP Social EngineeringPhishing Account Takeover

Understand your Vulnerability: We all have Multiple Personas, Credentials, Devices, Locations, but One Global Digital Identity - Your Digital DNA

https://vimeo.com/156917755


Apply Best Practice Cyber Threat Management: Where to start?

16

• GlobalSharedIntelligence:who,how,why,behavior?

• Identity: realtimedata,discerningtechnology,understandvulnerabilities,training.

• SocialEngineering/Phishing:badguyknowtheorgchartsandrelyoncarelesson-linebehavior

• GivetoGetmodel

• Identity/virtualpersonaamalgam

• InternalBestPractices


ThreatMetrix Unites the Facets of Digital Identities

Devices

Identity

Analytics

Associations

Behavior

CardIssuance

DigitalPayments

VideoStreaming

Insurance

MobilePayments

SocialNetworks

Global|Shared|Intelligence


ThreatMetrix has mapped the Digital Identity Graph.

Understandingmulti-variate relationships between a person and associated devices, credentials and threat behaviors…

Mapping Global Digital Identity Activity


…and more complex relationships between multiple personas now and over time = > vulnerability


Threat: Most Legacy Customer Authentication Methods are Insufficient and failing in the Mobile-First, Global Digital Age

ThreatMetrix Confidential Information – Do Not Copy or 20

Trusted forms of ID are mostly useless in a post-data breach world

✓ Credit Scores✓ AVS Checks✓ State Issued IDs✓ Step-up and OOB

Authentication✓ Cross-Border Credit Cards✓ Government Cyber Identity

ProgramsGlobal business is cross-border, 24/7


Threat: Our Behavior And Soft Targets Leave Us Vulnerable

Fraud Enablers The Players Soft Targets

• Unjustified Trust• Lack of Global

Intelligence • Social Network Impact• Common Passwords• Too Quick to Click

• Unwitting Insider • Colluding Insider• External Antagonists

• The Enterprise• Customers• Low Prep Enterprises


Real World Threat Scenarios: Our Behavior & Social Engineering

Emails or phone calls your employees will probably open/take with little to no pause…

• Email: Hi Ted, here is your 2016 compensation plan

• Email: Hi Ted, its Greg. I’m doing a deal in Australia and need you to wire 100K today

• Phone call: Hi Ted, it’s Joe at Dell checking on our outstanding AR…................can you give me a payment status? Thanks that was very helpful...

• Calls back 15 minutes later: Hi Ted, Joe again, I forgot to give you our new ACH paymemt instructions....... can you update these in your ERP?

• On payment...the ACH goes out to the wrong vendor...

• A week or two later: Hi Ted, its AR team at Dell, you are normally a quick payer, is there any reason you have not paid the outstanding invoice due last month?

• Email: Hi Ted, its Mark from the board…would you have a look at this presentation from one of my protfolio companies?


Impact: Today’s Cross-Border, Digital Business RealityComplicates Fraud, Threat, and Authentication Decisions

Source:ThreatMetrixQ4,2015CybercrimeReport


Impact: Attacks are Growing in Size, Frequency and Complexity

DailyRejectedTransactions

IdentityAbuseIndex

AnIdentityAbuseIndexlevelofHigh(showninred)representsanattackrateoftwostandarddeviationsfromthemediumtermtrend.Aggregatedoverallglobaltransactions,itclearlyshowsthattheexploitation

ofdatabreachesandstolenidentitiesisautomated,globalandcoordinated


Integrated Database

Integration Hub

Impact: Identity Spoofing Continues to Rise Globally


Impact: Bot attacks are more constant and increasing


ThreatMetrix Global Intelligence Network


Recognition is key

Persona(device,identity,behaviour)recognitioniskeytoensuringthatbusinessesareabletoeffectivelydifferentiatebetweentrustedusersandpotentialthreats


Integration: Integrating Digital Intelligence For True Digital Identity Assessment is the Key to Prevention


The Reality: Global Markets RequireFrictionless, Secure Digital Experiences

Fraud Prevention Authentication Threat Detection

“I want to pinpoint fraudsters using a stolen or synthetic identity the moment they apply.”

“I want to Accurately distinguish returning users from fraudsters.”

“Help me stop costly Botnet attacks from happening as customers are accessing my systems.”


DigitalIdentityNetwork

>2 billiontransactionsanalyzedpermonth 15billionin2015

Coveragein240countries

Upto98%recognitionrate

Over 4,000brands

Protecting30,000websites&apps

3ofthetop4creditcardnetworks

400milliondeployedmobileSDKs

+25Mpermonth

Leverage Global Shared Intelligence

>500,000 dailytransactionsanalysedforFrance


Global Real-Time Decisioning

Global Digital Identity

Global Shared Intelligence

70% reduction in false-positive rates; 90% reduction in fraud

• Buildaglobalsharedintelligencenetworktobeataglobalfraudnetwork

• KeepSecurityinvisiblefromyourCustomers(andCybercriminals)

• ProvidetheBest-in-ClassOnline&MobileExperience• Combine:


Digital Intelligence

Integration & Orchestration

Real-TimeAnalytics

DecisionManagement

Machine Learning

BehaviorAnalytics

Business Rules

Case Management

Reporting

Search & Link Analysis

Implement


Improve security together with the customer experience?

95%oftransactionsarefromgenuineusers


Summary1. Data Breaches and Bots driving cybercrime surge2. User Names / Passwords are no longer any security value in the age

of the data breach3. Mobile transactions are surging ahead of other online methods4. We see an emergence of mobile bot attacks targeting mobile apps5. Legacy Customer Authentication Methods are Insufficient and failing

in the Mobile-First, Global Digital Age6. Cybercriminals are targeting our Behavior & Social Engineering7. We need to build a global shared intelligence network to beat a global

fraud network 8. Keep Security invisible while anonymising, securing and encrypting

data9. Provide the Best-in-Class Online & Mobile Experience 10. Integrating Digital Intelligence For True Digital Identity Assessment is

the Key to Prevention


Stop Fraud, not Customers


Questions

Ted Egan ([email protected])Vice President Asia PacificThreatMetrix Inc.The Digital Identity Company

Technology

ThreatMetrix ARRC 2016 presentation by Ted Egan