Relentless organized crime rings are launching increasingly sophisticated cyberattacks to steal online consumers’ personal or payment card data. And these attacks come as no surprise to those tasked with preventing fraud because “organized” suggests plenty of collaboration or partnerships to plot crimes.
Taking a cue from that strength-in-numbers mentality, ThreatMetrix Inc. plans to make the best of its recent acquisition of Australia-based TrustDefender Inc. by adding malicious software detection to its fraud-prevention software menu for banks and retailers.
The San Jose, Calif.-based cybersecurity software provider announced Jan. 10 it had acquired TrustDefender, a company also specializing in online fraud protection. Before the TrustDefender purchase, ThreatMetrix had developed a reputation as a company emphasizing collaboration of data and partnerships with other risk-management companies to help merchants layer their defenses against online fraud (see story).
One fraud-protection industry analyst suggests the two companies have created a perfect match.
“This is a very complementary acquisition for both companies, along the lines of a ‘one plus one equals four’ because each company contributes so much value to the other,” Julie Conroy McNelley, senior analyst and fraud expert with Boston-based Aite Group, tells PaymentsSource.
The development of a malware-detection software resulting from the two companies becoming one represents “a great fraud-prevention step that banks are starting to adopt and can be equally adaptable to merchant retail,” McNelley says.
Constructing layers of fraud-prevention defenses for customers was “the underlying impetus” for the acquisition of TrustDefender, Bert Rankin, ThreatMetrix vice president of marketing, tells PaymentsSource.
“We know there is no silver bullet to stopping fraud, but a layered approach can plug in as many holes as you can while allowing good customers to still purchase products on a merchant’s website,” Rankin says.
Merchants consistently told ThreatMetrix that malware detection was a key need in the fight against fraud, Rankin adds. “It was the next obvious direction for us to come up with a remedy, and it has become the foundation for our offerings as a result of the TrustDefender acquisition,” he adds.
ThreatMetrix kept the TrustDefender name on the software offered as part of what the company calls its Cybercrime Defender Platform.
TrustDefender ID is cloud-based software that provides device identification of the computer being used to make an online purchase. “If the fraudster tries to hide his identity and is going to multiple sites, the device identification can detect that while also determining if the computer is a Russian device, yet the order is being made in English,” Rankin explains.
TrustDefender Cloud is cloud-based malware-detection software, alerting merchants to the existence of malware, “man-in-the-browser” attacks in which the fraudster can watch everything an online shopper is doing on a website, or other potential data breaches.
TrustDefender Client represents fraud-detection software installed on the client’s computer system to serve as the alert mechanism when potential cyber attacks unfold.
“The client would download this software to ensure secure browsing for its good customers because it locks down the browser from malware, so the malware can’t execute through the system,” Rankin notes.
The fraud-prevention tools represent the best aspects of both companies’ previous offerings, Rankin says. “Independently, they are very valuable protections,” he adds. “But deploy them together, and it makes for a very strong, layered approach.”
A consumer visiting a merchant website using ThreatMetrix protection would not be aware fraud-prevention software was at work, Rankin says.
When an online shopper moves onto the payment page of a merchant website, ThreatMetrix begins collecting data about the shopper’s device and protecting against malware downloads, Rankin notes. When the shopper fills out the payment page information and hits the pay button, ThreatMetrix analyzes the data and sends the results to the merchant terminal in less than a half-second, Rankin adds.
The merchant determines whether to accept the transaction based on the information provided, Rankin says.
ThreatMetrix provides protection for well-known online sites like Stub Hub and Best Buy, but it also serves smaller merchant websites, Rankin says.
Rankin did not disclose financial details of the TrustDefender purchase. He also did not provide specifics about the pricing of services, saying prices remain consistent with what the companies offered in the past and depend largely on the size of the client and how much protection they request.
Initial cyberattacks years ago were simplistic, and merchants could figure out how to protect themselves, Rankin contends. “But when fraudsters went into round two of the battle in cyberspace, it got to the point if you did not have sophisticated defenses, you were in trouble,” he adds.
McNelley agrees with the assessment that fraud prevention is an ongoing battle.
“It’s a fight that is all about the journey, not the destination,” she says.
What do you think about this? Send us your feedback. Click Here.