Interview with ThreatMetrix on cybercrime, digital transactions and authentication

On May 14-15, ThreatMetrix hosted their Digital Identity Summit in Paris, where topics such as the future of online identity, identity technologies, and regulations around identity were discussed in detail. Accompanying this, ThreatMetrix published their Q1 2018 Cybercrime report. We interviewed Rebekah Moody (product marketing director) and Michael Yeardley (Senior Director Product Strategy) about the key take-aways for the Q1 Cybercrime report.

What can you tell us about the top 3 takeaways from the Q1 2018 Cybercrime report?

The first takeaways from the report are the regional disparities in cybercrime, which we started to look at in more detail in the last four quarters. The second is the increase in attacks on ecommerce merchants, which have become more lucrative targets with the increased popularity of saving cards and personal details in online accounts. And the third main topic of the report is the interesting mobile trend that we continue to see in the network.

When we first started the report in 2015, we were not really looking at regional disparities, but rather looking for global trends. But in time we gained more insight in a wider spread of transactions, which leads to insights on how Europe differs from North America, the impact of South America on the market, and how countries like Russia, Vietnam and the Philippines are becoming key bot originators, for example. The most interesting region disparities from this quarter were found around South America, which has become the hotbed of account creation: a third of new account creation fraud originates from South America. One of the reasons for this is that there is a greater dissemination of stolen identity data around the globe. Traditionally, we tended to see the biggest economies; the UK, US, Germany, being the top attackers, but recently we have seen the emergence of Russia, Brazil, and Vietnam as top attackers, so it seems that stolen identity data reaches further across the world than it ever has before. Europe is also an interesting area, as it used to be a cybercrime hub, and is still a riskier area than North America, specifically in Ireland and central/eastern Europe.

Looking at the mobile trend, one of the conclusions is that desktop transactions are riskier than mobile transactions. What is the explanation for this?

The key difference between mobile and desktop is that the mobile tends to have more options for authentication: you register your phone, you create a unique connection between you and your phone, you often use authentication to unlock your phone. There is a lot of trust when a corporation can connect your identity to your phone. With a desktop, however, it becomes much more anonymous. Normally, you do not have the same connection to your computer as you do to a mobile device. On top of that, there exists a lot of desktop takeover software, available to anyone, e.g. TeamViewer, which leaves desktops more vulnerable to takeover fraud. This means the identity is less trusted by a corporation when someone uses their desktop to log in. We are trying to create that same unique link between user identity and device that mobile has on desktop. We have introduced newer technologies that replicate the principles of strong device authentication and device binding on the desktop as we do with mobiles. In other words, we are trying to reverse-engineer authentication methods from mobile for desktops, making them more secure.

In online banking, particularly in Europe, banks have made their apps so seamless we see customers logging into their bank account about six times a week from their mobile app. In contrast, customers only log in three times a week on their desktop. This strengthens the trust in Europe between banks and customers. Every time you log in, you are driving the trust that the bank has in your identity and your device, which could then be used in other channels as a trust mechanism. However, when looking at the US, there is still some reticence towards mobile banking, where customers felt nervous about doing their banking on a mobile device, even though it is in fact safer. We had the same in the UK about three years ago, but now everyone there uses mobile banking, so we believe that the US will also fully adopt mobile banking over time. Trust is something that builds over time.

How do PSD2 and stronger customer authentication play into this?

If you look at banking apps, they are already improved by stronger authentication, because a lot of banks use the push notification + fingerprint authentication, which is very user-friendly. All the infrastructure for stronger authentication is there, so it does not add a lot of friction for the customer. And customers do not mind some friction as long as it is ‘familiar friction’, like thumbprints, which comes naturally to most. This ‘familiar friction’ actually increases the trust that customers have in their banking app.

About Michael Yeardley

Mike Yeardley joined ThreatMetrix in 2017 having worked at Lloyds Banking Group for 11 years, and other UK Banks prior to that. Initially, responsible for managing small teams in the Credit Risk and Collections functions, but for the last 7 years he was leading teams across the Fraud division. Mike has held leadership roles, initially as Head of Fraud Control Design, and most recently as the Head of Transaction Fraud and Fraud Analytics - both roles had a remit spanning all customer channels across the Retail Consumer, SME, and Commerical divisions. Mike joined ThreatMetrix as Senior Director, Product Strategy and is working closely with clients globally to leverage the capability of ThreatMetrix to target current, new and emerging threats across the Fraud landscape, as well as help drive our future product roadmap and strategy.

About Rebekah Moody

Rebekah Moody brings 12 years of marketing expertise to ThreatMetrix, with a proven track record of delivering strategic multi-channel campaigns. At ThreatMetrix she is part of the core Product Marketing team, driving thought leadership, sales enablement, product positioning and messaging. She has penned numerous thought leadership articles and whitepapers that demonstrate her clear, strategic thinking.

About ThreatMetrix

ThreatMetrix, A LexisNexis Risk Solutions Company, empowers the global economy to grow profitably and securely without compromise. With deep insight into 1.4 billion anonymized digital identities, ThreatMetrix ID delivers the intelligence behind 110 million daily authentication and trust decisions, to differentiate legitimate customers from fraudsters in real time.