Governance & Risk Management , Incident & Breach Response , Managed Detection & Response (MDR)
How to Check a Device's 'Reputation'
iovation's Max Anhoury on Fraud-Fighting TechniquesOne key fraud-prevention strategy for card issuers is to check the "reputation" of the device behind a transaction, says Max Anhoury of iovation.
See Also: Corelight's Brian Dye on NDR's Role in Defeating Ransomware
Fraudsters are commonly using personal information obtained from data breaches to impersonate consumers so they can gain access to complete credit reports and then apply for new credit cards, Anhoury says. "We can no longer count on our information being a secret," he contends.
To avoid issuing credit cards to these fraudsters, financial institutions should check the reputation of the device used for the credit application, he suggests. Iovation has a database of 3 billion devices worldwide that issuers can use to check in real time whether a particular device has been previously used for an account takeover or synthetic identity theft or has other indicators of risk.
In an interview with Information Security Media Group at the Fraud Summit Chicago, Anhoury describes:
- The process fraudsters use to obtain new credit cards;
- How investigating the reputation of a device works to help prevent fraud;
- Other key elements of a defense-in-depth strategy, including risk-based authentication and behavioral analytics.
Anhoury is vice president of global partnerships at iovation. He has more than 20 years of sales and operational experience. Before iovation, he was co-founder of CommerePath Inc., which was acquired by Captaris in 1999. He also served as president of TOPLINE Performance, which was involved in the general aviation field.