March 18, 2010, 12:00 AM

ThreatMetrix digs more deeply to identify fraudulent online transactions

ThreatMetrix has launched a new version of its fraud-detection system designed to dig more deeply into the Internet technology behind criminal transactions by identifying the computers used to conduct fraudulent transactions.


ThreatMetrix, an online fraud-detection company, this week launched a new version of its ThreatMetrix Fraud Network, which it designed to dig more deeply into the Internet technology behind the sources of fraudulent online transactions.

“We’ve spent a lot of time building an Internet fraud-prevention network that doesn’t require personally identifiable information,” says Alisdair Faulkner, chief product officer of ThreatMetrix. “We can identify the computer operating system as well as the Internet protocol used to support a transaction.”

If a criminal is trying to masquerade by working through a captive proxy computer in the U.S., for example, the ThreatMetrix system is designed to identify enough of the criminal’s source computer and IP address to identify its geographic location, Faulkner says. A proxy computer is one that a criminal uses to conduct the final leg of a transaction before it hits a targeted web site, in an effort to mask the original computer a criminal is using to conduct fraud.

In some cases, for example, the ThreatMetrix system may identify that a transaction is actually coming from a Linux operating system based overseas instead of a Windows system in the U.S. as indicated by an initial review of the web browser used to access a web site. That discrepancy can alert a web site operator that the transaction is suspicious.

ThreatMetrix would then match information about past transactions determined to have been fraudulent from similar geographic locations and technology systems to score each new transaction for the level of potential fraud. “We can say if a particular computer was involved in five fraudulent transactions in the last hour across five to 10 different web sites,” Faulkner says.

This also enables ThreatMetrix to identify the sources of suspicious transaction activity without having to rely on consumers’ personal information, such as a mother’s maiden name, to verify legitimate transactions. This can enable online retailers to request less of such personal information, providing for a more streamlined and less intrusive checkout policy, Faulkner notes.

Although other fraud-detection technology systems also are designed to identify potentially fraudulent transactions based on information about the type and location of source computers, the ThreatMetrix system, which is deployed in a software-as-a-service environment, appears to dig further into the Internet Protocol and technology behind source computers and proxy computers used in fraudulent attacks, says Avivah Litan, a security technology analyst at research and advisory firm Gartner Inc.

Although she wasn’t free to identify the company, she says that a retailer that has been using an earlier version of ThreatMetrix to identify online criminal activity has found the application to be effective, and that she expects the new version to support a higher level of fraud detection. Although it still needs to be proven in the market, “it could be very powerful,” she says.

ThreatMetrix notes that its technology can identify about 200 characteristics of the source computer behind fraudulent transactions, such as the particular form of Internet Protocol it uses to transmit data.



comments powered by Disqus




From The IR Blog


Roy Erez / E-Commerce

How to overcome shopper hesitations to buying gifts online

Many shoppers worry about size and color, or being unsure of the recipient’s address. Here ...


Ari Weil / Mobile Commerce

The big mobile commerce opportunity in rural Asia Pacific

Despite only moderate wireless speeds, rural consumers flock to m-commerce.