Merchant Innovation

The Secret Sauce To Fighting Cyber Attacks

As the war against cybercriminals and their devastating attacks wages on, a new weapon in the fight has emerged to help merchants better protect themselves and the privacy of their consumers: data.

As the war against cybercriminals and their devastating attacks wages on, a new weapon in the fight has emerged to help merchants better protect themselves and the privacy of their consumers: data.

Billions of transactions were analyzed from April-June 2015, and in that time more than 75 million cyber attacks were detected and immobilized in real time via ThreatMetrix’s Digital Identity Network. Vince Lau, Senior Product Manager at ThreatMetrix, explained that combating cybercrime requires the power of shared knowledge, enabling payments players to not only prevent fraud, but also improve customer experience and boost revenue.

MPD CEO Karen Webster recently sat down with Lau for a digital discussion shedding light on the ever-growing shift in fraud to mobile eCommerce, how and where cybercriminals are evolving their attacks, and the critical need for greater insight into the unique digital identities of consumers.

Attacks Origin By Geography_ThreatMetrix Webinar

One of the most surprising results of ThreatMetrix’s Q2 2015 Cybercrime Trend Data Report was the change in two of the Top 5 attack originators for the period. The U.S., U.K. and Germany held the Top 3 spots for countries where cyber attacks originated, but the latest data found the Dominican Republic and India rounding out the list, replacing France and Canada.

Lau noted the shift in cybercriminals and suggested that this may be a trend we see more of going forward. Knowing the next moves of cybercriminals is always a challenge, as they are “very smart and don’t want to be predictable,” he added.

He cautioned that until the technology reaches a point where very powerful predictive models can be used to estimate where cyber attacks will come from next, the best approach merchants can take is to be proactive in their cybersecurity efforts.

“To keep up with cybercriminals, you have to continually fine-tune rules and policies. Knowing this information can potentially help you to control fraud if you see more attacks coming from these countries we’ve never seen before,” Lau said.

Cross-Border On The Rise_ThreatMetrix Webinar

Cross-border transactions remain a highly favored attack target for cybercriminals and ThreatMetrix’s data shows a significant increase in the rejection rates among these types of transactions.

“The range here is between two to three times higher than domestic rejection rates, so international or cross-border transactions are being rejected a lot more, which is indicative of the fraud that is occurring out in the wild,” Lau pointed out.

Webster then asked, are the high declines on cross-border transactions linked to a built-in assumption that merchants have that transactions coming from another country are fraudulent transactions?

Lau explained the ongoing trend of cybercriminals using a type of attack called spoofing, which hides their true identities, has contributed to the rising rejection rates. The ability to know who is a trusted consumer and who is a cybercriminal is critical and not something a merchant wants to confuse mistakenly.

“It’s very important to use technologies that can recognize returning customers and differentiate between them and the fraudsters. That is the real key takeaway,” Lau said.

Ecommerce Transactions And Attacks_ThreatMetrixWebinar

The transactions analyzed for ThreatMetrix’s report spanned eCommerce, financial services and media verticals, and covered three types of use cases: authentication, payments and account originations.

One of the most significant findings was the detection of 36 million attacks in eCommerce sector, a 20 percent increase over the previous year. Lau confirmed the amount of attacks roughly translates to $1 billion to as much as $3 billion in losses being stopped.

Lau also noted that when it came to eCommerce, the data show higher downloads of retailers’ mobile applications and a significant shift to transactions taking place on the mobile side.

Webster pointed out that this could suggest an area of vulnerability and risk associated with the use of retail-designed mobile apps that are used for shopping.

“The mobile side is a very new channel and even with some of the more secure platforms we are starting to see a lot of successful attacks. Cybercriminals are getting very creative and customers really need to up their game in adopting newer technologies introduced by vendors,” Lau said.

The combination of mobile still being a relatively new frontier in cybersecurity, along with increased privacy solutions being incorporated onto devices, makes the security of mobile transactions a challenge, Lau emphasized.


Mobile – Global Across Industries_ThreatMetrixWebinar

“People are favoring mobile and you can’t ignore that,” Lau stated.

The significant shift in consumers’ preference for mobile is underpinned by the steady increase in mobile phone ownership and the growing usage of mobile services in both developed and emerging economies. The proliferation of connected devices can be applied to all industries across the globe.

ThreatMetrix’s data show a 50 percent increase in mobile transactions from 2014.

But as mobile transactions grow, so do the number of attacks targeting the mobile channel.

Attacks on both iOS and Android mobile devices slightly dipped during Q2, while Windows attacks increased from 1.7 percent to 2.2 percent, despite iOS devices accounting for nearly two-thirds of total mobile transactions and Android’s dominance in the market.

Lau explained that merchants who are able to best protect themselves from cyber attacks on the mobile platform exhibit key behaviors:

  • Constantly fine-tuning policies and rule sets to keep up with evolving tactics of cybercriminals
  • Leveraging new mobile enhancements and technologies to their advantage

Recognition Is Key_ThreatMetrixWebinar

The recognition of a consumer’s device, identity and behavior is key if merchants want to be able to fight cybercriminals while avoiding causing inconveniences to their customers.

The ThreatMetrix Digital Identity Network enables customers to better recognize three key criteria:

  • Visitors across all the platforms and how consumers move between Web browsers to mobile apps
  • Accurate IP addresses and locations for users to determine if cloaking or spoofing technologies are being used, which can indicate a cybercriminal is at work
  • How devices interact with webpages, which can help identify the presence of a bot or man-in-the-browser injection attack

ThreatMetrix’s multi-layered solution attacks cybercriminals from all angles, analyzing devices, threats, personas and behavior.

But ultimately, Lau said the most critical aspect of combating cybercrime is the sharing of global intelligence.

“The secret sauce to making this work, no matter what vendor, is really that shared intelligence. It takes all of this information to really combat what cybercriminals are doing and without that there’s really not an effective way to handle it,” Lau concluded.

To watch the full digital discussion, please view the video below.



Banks, corporates and even regulators now recognize the imperative to modernize — not just digitize —the infrastructures and workflows that move money and data between businesses domestically and cross-border.

Together with Visa, PYMNTS invites you to a month-long series of livestreamed programs on these issues as they reshape B2B payments. Masters of modernization share insights and answer questions during a mix of intimate fireside chats and vibrant virtual roundtables.