SlideShare a Scribd company logo

[Webinar] Does that device smell fishy? Why device risk is an essential element for your MFA strategy

TransUnion
TransUnion

Everyone knows that a layered approach to security is needed to protect your business. But how do you maintain strong security for both your business and the consumer while delivering authentication that your customers actually like to use? It’s never been easier to increase security without sacrificing the user experience. Did you know that before you employ multifactor authentication (MFA) that you can easily do a device check that gives you insight to the risk associated with a device? A device risk insight check should be your first line of defense, allowing you to quickly authenticate trusted customers while stopping cyber-criminals. It is instantaneous and allows your business to see if the device being used has been associated with fraud or other risky behaviors. In this webinar we will discuss: * The elements needed for an effective device insight risk check * How MFA and device risk insight checks work together * Best practices for MFA and risk checks throughout the customer journey Join us to learn how as cyber-criminals begin to widen their net, you can leverage risk-based multifactor authentication to improve the customer experience without compromising security.

Technology
1 of 34
WEBINAR DOES THIS DEVICE SMELL FISHY? HOW DEVICE INSIGHT IMPROVES MFA OCTOBER 2017 MICHAEL THELANDER / SR DIRECTOR PRODUCT MARKETING
2 YOUR HOST M I C H A E L T H E L A N D E R , D I R E C T O R P R O D U C T M K T G n Michael’s articles have appeared in IT Professional Magazine, CyberDefense Magazine, SoftwareCEO .com n 25 years in product management and product marketing, with the last 10 focused on cyber security n Currently drives market and customer research initiatives n Responsible for new product introductions and training n Facilitates the ongoing relationship between engineering, product management, and our iovation subscribers
AGENDA 3 THE PROMISED LAND OF MFA DEVICE RISK AND INSIGHT PUTTING THEM TOGETHER TAKEAWAYS
THE PROMISED LAND MULTIFACTOR AUTHENTICATION MATURES
5
6 MOBILE MULTIFACTOR AUTHENTICATION S T R O N G A N D F L E X I B L E A U T H E N T I C A T I O N Something you KNOW
7 MOBILE MULTIFACTOR AUTHENTICATION S T R O N G A N D F L E X I B L E A U T H E N T I C A T I O N Something you KNOW Something you ARE Identity verified
8 MOBILE MULTIFACTOR AUTHENTICATION S T R O N G A N D F L E X I B L E A U T H E N T I C A T I O N Something you KNOW Something you ARE Something you HAVE
9 MOBILE MULTIFACTOR AUTHENTICATION S T R O N G A N D F L E X I B L E A U T H E N T I C A T I O N Identity verified + +
10 MOBILE MULTIFACTOR AUTHENTICATION S T R O N G A N D F L E X I B L E A U T H E N T I C A T I O N
DEVICE RISK AND INSIGHT INVISIBLE ASSURANCE
12 DIFFERENT RULES FOR AUTHENTICATION & RISK EvidenceDevice & Age Risk Profile Geo- location Anomaly Watch ListsVelocity ISP Watch List Transactions per Account Timezone / Geo Mismatch Subscriber Evidence Exists Transaction Amount Range Geolocation Mismatch Device new to Subscriber IP Address Range List Global Trans Device Velocity Device Not Provided Evidence Exists Billing/Shipping Mismatch Proxy In Use New Device, Existing Acct Email Domain List Countries Per Acct or Device Suspect Device Data IP Address RiskCountry List Age of the Association Browser Language Trans per IP/Device/Acct TOR Exit Node IP Device Risk (Local or Global) Mobile Carrier Country List Registered Acct/Dev Pair ISP Organization List $S Value per Device or Acct VM in Use Language and Country Risk IP Address Distance Device Type List Devices per Account Mobile Emulator Detected Jailbreak/Root Detected IP Address Mismatch Accts (Created) per Device ISP Mismatch NO RISK DETECTED
13 THE DNA OF A DEVICE HUNDREDS OF DEVICE ATTRIBUTES COMBINE TO CREATE A DIGITAL FINGERPRINT
14 n WiFi (or Bluetooth) MAC Address n Network configuration n iOS Device Model n Battery level / AC mode n Device orientation n File system size n Physical memory n Number attached accessories n Has proximity sensor? n Screen brightness and resolution n System uptime n iOS Device Name (MD5 Hash) n OS Name and/or version n Device advertising UUID n Kernel version n iCloud Ubiquity Token n Application Vendor UUID /name/vers n Is Simulator? THE DNA OF A DEVICE HUNDREDS OF DEVICE ATTRIBUTES COMBINE TO CREATE A DIGITAL FINGERPRINT n Locale language / currency code n WiFi MAC Address n Bluetooth MAC Address n Network configuration n Is plugged in? n Device orientation n File system size n Physical memory n CPU Type n CPU count n CPU Speed n Screen brightness n Screen resolution n System uptime n iOS Device Name (MD5 Hash) n Device advertising UUID n Current latitude n Current longitude n Current altitude n Application Vendor UUID n Bundle ID n Application Version n Application name n Process name n Executable name n Application orientation n Locale language code n Locale currency code n Are location services enabled? n Time zone n Currently registered radio technology n Carrier name n Carrier ISO country code n Carrier mobile country code n Carrier mobile network code n Does carrier allow VOIP? Unique adaptive analytics are used to determine the combinations of attributes needed to achieve accurate device and risk recognition.
15 DIFFERENT RULES FOR AUTHENTICATION & RISK EvidenceDevice & Age Risk Profile Geo- location Anomaly Watch ListsVelocity ISP Watch List Transactions per Account Timezone / Geo Mismatch Subscriber Evidence Exists Transaction Amount Range Geolocation Mismatch Device new to Subscriber IP Address Range List Global Trans Device Velocity Device Not Provided Evidence Exists Billing/Shipping Mismatch Proxy In Use New Device, Existing Acct Email Domain List Countries Per Acct or Device Suspect Device Data IP Address RiskCountry List Age of the Association Browser Language Trans per IP/Device/Acct TOR Exit Node IP Device Risk (Local or Global) Mobile Carrier Country List Registered Acct/Dev Pair ISP Organization List $S Value per Device or Acct VM in Use Language and Country Risk IP Address Distance Device Type List Devices per Account Mobile Emulator Detected Jailbreak/Root Detected IP Address Mismatch Accts (Created) per Device ISP Mismatch SLIGHT RISK DETECTED
16 DIFFERENT RULES FOR AUTHENTICATION & RISK EvidenceDevice & Age Risk Profile Geo- location Anomaly Watch ListsVelocity ISP Watch List Transactions per Account Timezone / Geo Mismatch Subscriber Evidence Exists Transaction Amount Range Geolocation Mismatch Device new to Subscriber IP Address Range List Global Trans Device Velocity Device Not Provided Evidence Exists Billing/Shipping Mismatch Proxy In Use New Device, Existing Acct Email Domain List Countries Per Acct or Device Suspect Device Data IP Address RiskCountry List Age of the Association Browser Language Trans per IP/Device/Acct TOR Exit Node IP Device Risk (Local or Global) Mobile Carrier Country List Registered Acct/Dev Pair ISP Organization List $S Value per Device or Acct VM in Use Language and Country Risk IP Address Distance Device Type List Devices per Account Mobile Emulator Detected Jailbreak/Root Detected IP Address Mismatch Accts (Created) per Device ISP Mismatch MODERATE RISKS DETECTED
17 DIFFERENT RULES FOR AUTHENTICATION & RISK EvidenceDevice & Age Risk Profile Geo- location Anomaly Watch ListsVelocity ISP Watch List Transactions per Account Timezone / Geo Mismatch Subscriber Evidence Exists Transaction Amount Range Geolocation Mismatch Device new to Subscriber IP Address Range List Global Trans Device Velocity Device Not Provided Evidence Exists Billing/Shipping Mismatch Proxy In Use New Device, Existing Acct Email Domain List Countries Per Acct or Device Suspect Device Data IP Address RiskCountry List Age of the Association Browser Language Trans per IP/Device/Acct TOR Exit Node IP Device Risk (Local or Global) Mobile Carrier Country List Registered Acct/Dev Pair ISP Organization List $S Value per Device or Acct VM in Use Language and Country Risk IP Address Distance Device Type List Devices per Account Mobile Emulator Detected Jailbreak/Root Detected IP Address Mismatch Accts (Created) per Device ISP Mismatch RISK LEVELS EXCEEDED – DENY OR STEP-UP
18 CLEARKEY D E V I C E - B A S E D A U T H E N T I C A T I O N U S I N G M A C H I N E L E A R N I N G Machine learning compares returning devices Transparent authentication eliminates friction Turns the user’s device into a possession factor Adaptive, contextual response drives subsequent authentication strategies and actions MINIMUM THRESHOLD MAXIMUM THRESHOLD Original Device Print Returning Device Print
19 CLEARKEY A N E N G I N E F O R C O N T E X T A N D R I S K DEVICE ID GEO LOCATION DEVICE INTEGRITY ADDITIONAL DEVICE CONTEXT ASSOCIATIONS & REPUTATION USER 1 ACCESS Globally unique identifier for this device Detect for rooted, jailbroken, compromised What does iovation know about this device? Session risk? TOR browser or emulator? Geo and IP information with anomaly detection
PUTTING THEM TOGETHER ADDING DEVICE INSIGHT TO MFA WORKFLOWS
21 F R A U D F O R C E N E W Y O R K DEVICE ID GEO LOCATION DEVICE INTEGRITY ADDITIONAL DEVICE CONTEXT ASSOCIATIONS & REPUTATION
22
23 DEVICE ID GEO LOCATION DEVICE INTEGRITY ADDITIONAL DEVICE CONTEXT ASSOCIATIONS & REPUTATION
24 “Fraud Risk: Review.” DEVICE ID GEO LOCATION DEVICE INTEGRITY ADDITIONAL DEVICE CONTEXT ASSOCIATIONS & REPUTATION
25 THE DNA OF A DEVICE EvidenceDevice & Age Risk Profile Geo- location Anomaly Watch ListsVelocity ISP Watch List Transactions per Account Timezone / Geo Mismatch Subscriber Evidence Exists Transaction Amount Range Geolocation Mismatch Device new to Subscriber IP Address Range List Global Trans Device Velocity Device Not Provided Evidence Exists Billing/Shipping Mismatch Proxy In Use New Device, Existing Acct Email Domain List Countries Per Acct or Device Suspect Device Data IP Address RiskCountry List Age of the Association Browser Language Trans per IP/Device/Acct TOR Exit Node IP Device Risk (Local or Global) Mobile Carrier Country List Registered Acct/Dev Pair ISP Organization List $S Value per Device or Acct VM in Use Language and Country Risk IP Address Distance Device Type List Devices per Account Mobile Emulator Detected Jailbreak/Root Detected IP Address Mismatch Accts (Created) per Device ISP Mismatch NO RISK DETECTED +1000
26 THE DNA OF A DEVICE EvidenceDevice & Age Risk Profile Geo- location Anomaly Watch ListsVelocity ISP Watch List Transactions per Account Timezone / Geo Mismatch Subscriber Evidence Exists Transaction Amount Range Geolocation Mismatch Device new to Subscriber IP Address Range List Global Trans Device Velocity Device Not Provided Evidence Exists Billing/Shipping Mismatch Proxy In Use New Device, Existing Acct Email Domain List Countries Per Acct or Device Suspect Device Data IP Address RiskCountry List Age of the Association Browser Language Trans per IP/Device/Acct TOR Exit Node IP Device Risk (Local or Global) Mobile Carrier Country List Registered Acct/Dev Pair ISP Organization List $S Value per Device or Acct VM in Use Language and Country Risk IP Address Distance Device Type List Devices per Account Mobile Emulator Detected Jailbreak/Root Detected IP Address Mismatch Accts (Created) per Device ISP Mismatch SLIGHT RISK DETECTED +200
27 THE DNA OF A DEVICE EvidenceDevice & Age Risk Profile Geo- location Anomaly Watch ListsVelocity ISP Watch List Transactions per Account Timezone / Geo Mismatch Subscriber Evidence Exists Transaction Amount Range Geolocation Mismatch Device new to Subscriber IP Address Range List Global Trans Device Velocity Device Not Provided Evidence Exists Billing/Shipping Mismatch Proxy In Use New Device, Existing Acct Email Domain List Countries Per Acct or Device Suspect Device Data IP Address RiskCountry List Age of the Association Browser Language Trans per IP/Device/Acct TOR Exit Node IP Device Risk (Local or Global) Mobile Carrier Country List Registered Acct/Dev Pair ISP Organization List $S Value per Device or Acct VM in Use Language and Country Risk IP Address Distance Device Type List Devices per Account Mobile Emulator Detected Jailbreak/Root Detected IP Address Mismatch Accts (Created) per Device ISP Mismatch MODERATE RISKS DETECTED -500 +
28 THE DNA OF A DEVICE EvidenceDevice & Age Risk Profile Geo- location Anomaly Watch ListsVelocity ISP Watch List Transactions per Account Timezone / Geo Mismatch Subscriber Evidence Exists Transaction Amount Range Geolocation Mismatch Device new to Subscriber IP Address Range List Global Trans Device Velocity Device Not Provided Evidence Exists Billing/Shipping Mismatch Proxy In Use New Device, Existing Acct Email Domain List Countries Per Acct or Device Suspect Device Data IP Address RiskCountry List Age of the Association Browser Language Trans per IP/Device/Acct TOR Exit Node IP Device Risk (Local or Global) Mobile Carrier Country List Registered Acct/Dev Pair ISP Organization List $S Value per Device or Acct VM in Use Language and Country Risk IP Address Distance Device Type List Devices per Account Mobile Emulator Detected Jailbreak/Root Detected IP Address Mismatch Accts (Created) per Device ISP Mismatch RISK LEVELS EXCEEDED – DENY OR STEP-UP -1,000 Call Customer Service
TAKEAWAYS
30 RISK MITIGATION FraudForce Real time fraud prevention based on world class device intelligence. ClearKey Transparent device-based authentication for outstanding user experience. DEVICE-BASED AUTHENTICATION TRUST INSIGHT SureScore Machine learning identifies valuable customers, reduces review and accelerates revenue. MULTIFACTOR AUTHENTICATION LaunchKey On-demand multifactor authentication that’s strong, usable, and fully customizable.
31
32 iovation.com/dummies Go to to register for a free copy!
Q&A
CONTACT US www.iovation.com @TheOtherMichael SENIOR DIRECTOR OF PRODUCT MARKETING MICHAEL THELANDER michael.thelander@iovation.com

Recommended

Gartner IAM Summit 2017 | Critical Insight: How Device Insight Drives Dynami...
Gartner IAM Summit 2017 | Critical Insight: How Device Insight Drives Dynami...Gartner IAM Summit 2017 | Critical Insight: How Device Insight Drives Dynami...
Gartner IAM Summit 2017 | Critical Insight: How Device Insight Drives Dynami...
Michael Thelander
 
Critical Insight: How Device Risk Delivers Dynamic MFACharlotte 20
Critical Insight: How Device Risk Delivers Dynamic MFACharlotte 20Critical Insight: How Device Risk Delivers Dynamic MFACharlotte 20
Critical Insight: How Device Risk Delivers Dynamic MFACharlotte 20
Michael Thelander
 
Reduce Friction and Risk with Device Authentication
Reduce Friction and Risk with Device AuthenticationReduce Friction and Risk with Device Authentication
Reduce Friction and Risk with Device Authentication
TransUnion
 
CIS14: Mobile SSO using NAPPS: OpenID Connect Profile for Native Apps-jain
CIS14: Mobile SSO using NAPPS: OpenID Connect Profile for Native Apps-jainCIS14: Mobile SSO using NAPPS: OpenID Connect Profile for Native Apps-jain
CIS14: Mobile SSO using NAPPS: OpenID Connect Profile for Native Apps-jain
CloudIDSummit
 
Mobile SSO using NAPPS
Mobile SSO using NAPPSMobile SSO using NAPPS
Mobile SSO using NAPPS
Ashish Jain
 
Securing Your Wearable Tech Brand
Securing Your Wearable Tech BrandSecuring Your Wearable Tech Brand
Securing Your Wearable Tech Brand
Simon Loe
 
MDM/MAM/MIM Workshop - CIS 2013
MDM/MAM/MIM Workshop - CIS 2013MDM/MAM/MIM Workshop - CIS 2013
MDM/MAM/MIM Workshop - CIS 2013Ashish Jain
 
Lunch and Learn: Recognising the Good Guys
Lunch and Learn: Recognising the Good GuysLunch and Learn: Recognising the Good Guys
Lunch and Learn: Recognising the Good Guys
TransUnion
 

Recommended

Gartner IAM Summit 2017 | Critical Insight: How Device Insight Drives Dynami...
Gartner IAM Summit 2017 | Critical Insight: How Device Insight Drives Dynami...Gartner IAM Summit 2017 | Critical Insight: How Device Insight Drives Dynami...
Gartner IAM Summit 2017 | Critical Insight: How Device Insight Drives Dynami...
Michael Thelander
 
Critical Insight: How Device Risk Delivers Dynamic MFACharlotte 20
Critical Insight: How Device Risk Delivers Dynamic MFACharlotte 20Critical Insight: How Device Risk Delivers Dynamic MFACharlotte 20
Critical Insight: How Device Risk Delivers Dynamic MFACharlotte 20
Michael Thelander
 
Reduce Friction and Risk with Device Authentication
Reduce Friction and Risk with Device AuthenticationReduce Friction and Risk with Device Authentication
Reduce Friction and Risk with Device Authentication
TransUnion
 
CIS14: Mobile SSO using NAPPS: OpenID Connect Profile for Native Apps-jain
CIS14: Mobile SSO using NAPPS: OpenID Connect Profile for Native Apps-jainCIS14: Mobile SSO using NAPPS: OpenID Connect Profile for Native Apps-jain
CIS14: Mobile SSO using NAPPS: OpenID Connect Profile for Native Apps-jain
CloudIDSummit
 
Mobile SSO using NAPPS
Mobile SSO using NAPPSMobile SSO using NAPPS
Mobile SSO using NAPPS
Ashish Jain
 
Securing Your Wearable Tech Brand
Securing Your Wearable Tech BrandSecuring Your Wearable Tech Brand
Securing Your Wearable Tech Brand
Simon Loe
 
MDM/MAM/MIM Workshop - CIS 2013
MDM/MAM/MIM Workshop - CIS 2013MDM/MAM/MIM Workshop - CIS 2013
MDM/MAM/MIM Workshop - CIS 2013Ashish Jain
 
Lunch and Learn: Recognising the Good Guys
Lunch and Learn: Recognising the Good GuysLunch and Learn: Recognising the Good Guys
Lunch and Learn: Recognising the Good Guys
TransUnion
 
Multi-factor Authentication for dummies part 2: Adaptive Risk-Based MFA
Multi-factor Authentication for dummies part 2: Adaptive Risk-Based MFAMulti-factor Authentication for dummies part 2: Adaptive Risk-Based MFA
Multi-factor Authentication for dummies part 2: Adaptive Risk-Based MFA
TransUnion
 
Feeding the Beast-How Fraud Tools Bring Context into Authentication (Gartner ...
Feeding the Beast-How Fraud Tools Bring Context into Authentication (Gartner ...Feeding the Beast-How Fraud Tools Bring Context into Authentication (Gartner ...
Feeding the Beast-How Fraud Tools Bring Context into Authentication (Gartner ...
TransUnion
 
Authentifusion: Clarifying the Future of User Authentication
Authentifusion: Clarifying the Future of User AuthenticationAuthentifusion: Clarifying the Future of User Authentication
Authentifusion: Clarifying the Future of User Authentication
TransUnion
 
Authentifusion: Clarifying the Future of User Authentication
Authentifusion: Clarifying the Future of User AuthenticationAuthentifusion: Clarifying the Future of User Authentication
Authentifusion: Clarifying the Future of User Authentication
Kelly Colbert
 
Fraud Prevention Strategies to Fight First-Party Fraud and Synthetic Identity...
Fraud Prevention Strategies to Fight First-Party Fraud and Synthetic Identity...Fraud Prevention Strategies to Fight First-Party Fraud and Synthetic Identity...
Fraud Prevention Strategies to Fight First-Party Fraud and Synthetic Identity...
TransUnion
 
Dynamic authentication rollin'
Dynamic authentication rollin'Dynamic authentication rollin'
Dynamic authentication rollin'
TransUnion
 
Creating a Winning Experience While Battling Online Fraud
Creating a Winning Experience While Battling Online FraudCreating a Winning Experience While Battling Online Fraud
Creating a Winning Experience While Battling Online Fraud
TransUnion
 
(Pdf) yury chemerkin balccon_2013
(Pdf) yury chemerkin balccon_2013(Pdf) yury chemerkin balccon_2013
(Pdf) yury chemerkin balccon_2013STO STRATEGY
 
Countering mobile malware in CSP’s network. Android honeypot as anti-fraud so...
Countering mobile malware in CSP’s network. Android honeypot as anti-fraud so...Countering mobile malware in CSP’s network. Android honeypot as anti-fraud so...
Countering mobile malware in CSP’s network. Android honeypot as anti-fraud so...
Denis Gorchakov
 
apidays LIVE Singapore 2021 - Why verifying user identity Is not enough In 20...
apidays LIVE Singapore 2021 - Why verifying user identity Is not enough In 20...apidays LIVE Singapore 2021 - Why verifying user identity Is not enough In 20...
apidays LIVE Singapore 2021 - Why verifying user identity Is not enough In 20...
apidays
 
Losant craig baldwin cwin18_toulouse
Losant craig baldwin cwin18_toulouseLosant craig baldwin cwin18_toulouse
Losant craig baldwin cwin18_toulouse
Capgemini
 
Lunch and Learn: Fraud Trends in Financial Services
Lunch and Learn: Fraud Trends in Financial ServicesLunch and Learn: Fraud Trends in Financial Services
Lunch and Learn: Fraud Trends in Financial Services
TransUnion
 
Guarding the guardian’s guard: IBM Trusteer - SEP326 - AWS re:Inforce 2019
Guarding the guardian’s guard: IBM Trusteer - SEP326 - AWS re:Inforce 2019 Guarding the guardian’s guard: IBM Trusteer - SEP326 - AWS re:Inforce 2019
Guarding the guardian’s guard: IBM Trusteer - SEP326 - AWS re:Inforce 2019
Amazon Web Services
 
Internet of Things Security & Privacy
Internet of Things Security & PrivacyInternet of Things Security & Privacy
Internet of Things Security & Privacy
Chris Adriaensen
 
Authentifusion: Clarifying the Future of Customer Authentication
Authentifusion: Clarifying the Future of Customer AuthenticationAuthentifusion: Clarifying the Future of Customer Authentication
Authentifusion: Clarifying the Future of Customer Authentication
Michael Thelander
 
Splunk conf2014 - Operationalizing Advanced Threat Defense
Splunk conf2014 - Operationalizing Advanced Threat DefenseSplunk conf2014 - Operationalizing Advanced Threat Defense
Splunk conf2014 - Operationalizing Advanced Threat Defense
Splunk
 
How to Determine Your Attack Surface in the Healthcare Sector
How to Determine Your Attack Surface in the Healthcare SectorHow to Determine Your Attack Surface in the Healthcare Sector
How to Determine Your Attack Surface in the Healthcare Sector
Jeremiah Grossman
 
Secure crime identification system
Secure crime identification systemSecure crime identification system
Secure crime identification system
Sameer Telikicherla
 
CIS14: FIDO 101 (What, Why and Wherefore of FIDO)
CIS14: FIDO 101 (What, Why and Wherefore of FIDO)CIS14: FIDO 101 (What, Why and Wherefore of FIDO)
CIS14: FIDO 101 (What, Why and Wherefore of FIDO)
CloudIDSummit
 
Big Data and Internet of Things: Creating Customer Value for the Internet of ...
Big Data and Internet of Things: Creating Customer Value for the Internet of ...Big Data and Internet of Things: Creating Customer Value for the Internet of ...
Big Data and Internet of Things: Creating Customer Value for the Internet of ...
Red Bend Software
 
Leverage Gartner’s Insight for Assessing the Total Cost of Fraud in Your Paym...
Leverage Gartner’s Insight for Assessing the Total Cost of Fraud in Your Paym...Leverage Gartner’s Insight for Assessing the Total Cost of Fraud in Your Paym...
Leverage Gartner’s Insight for Assessing the Total Cost of Fraud in Your Paym...
TransUnion
 
A New Imperative: Global Privacy and Data Strategies
A New Imperative: Global Privacy and Data StrategiesA New Imperative: Global Privacy and Data Strategies
A New Imperative: Global Privacy and Data Strategies
TransUnion
 

More Related Content

Similar to [Webinar] Does that device smell fishy? Why device risk is an essential element for your MFA strategy

Multi-factor Authentication for dummies part 2: Adaptive Risk-Based MFA
Multi-factor Authentication for dummies part 2: Adaptive Risk-Based MFAMulti-factor Authentication for dummies part 2: Adaptive Risk-Based MFA
Multi-factor Authentication for dummies part 2: Adaptive Risk-Based MFA
TransUnion
 
Feeding the Beast-How Fraud Tools Bring Context into Authentication (Gartner ...
Feeding the Beast-How Fraud Tools Bring Context into Authentication (Gartner ...Feeding the Beast-How Fraud Tools Bring Context into Authentication (Gartner ...
Feeding the Beast-How Fraud Tools Bring Context into Authentication (Gartner ...
TransUnion
 
Authentifusion: Clarifying the Future of User Authentication
Authentifusion: Clarifying the Future of User AuthenticationAuthentifusion: Clarifying the Future of User Authentication
Authentifusion: Clarifying the Future of User Authentication
TransUnion
 
Authentifusion: Clarifying the Future of User Authentication
Authentifusion: Clarifying the Future of User AuthenticationAuthentifusion: Clarifying the Future of User Authentication
Authentifusion: Clarifying the Future of User Authentication
Kelly Colbert
 
Fraud Prevention Strategies to Fight First-Party Fraud and Synthetic Identity...
Fraud Prevention Strategies to Fight First-Party Fraud and Synthetic Identity...Fraud Prevention Strategies to Fight First-Party Fraud and Synthetic Identity...
Fraud Prevention Strategies to Fight First-Party Fraud and Synthetic Identity...
TransUnion
 
Dynamic authentication rollin'
Dynamic authentication rollin'Dynamic authentication rollin'
Dynamic authentication rollin'
TransUnion
 
Creating a Winning Experience While Battling Online Fraud
Creating a Winning Experience While Battling Online FraudCreating a Winning Experience While Battling Online Fraud
Creating a Winning Experience While Battling Online Fraud
TransUnion
 
(Pdf) yury chemerkin balccon_2013
(Pdf) yury chemerkin balccon_2013(Pdf) yury chemerkin balccon_2013
(Pdf) yury chemerkin balccon_2013STO STRATEGY
 
Countering mobile malware in CSP’s network. Android honeypot as anti-fraud so...
Countering mobile malware in CSP’s network. Android honeypot as anti-fraud so...Countering mobile malware in CSP’s network. Android honeypot as anti-fraud so...
Countering mobile malware in CSP’s network. Android honeypot as anti-fraud so...
Denis Gorchakov
 
apidays LIVE Singapore 2021 - Why verifying user identity Is not enough In 20...
apidays LIVE Singapore 2021 - Why verifying user identity Is not enough In 20...apidays LIVE Singapore 2021 - Why verifying user identity Is not enough In 20...
apidays LIVE Singapore 2021 - Why verifying user identity Is not enough In 20...
apidays
 
Losant craig baldwin cwin18_toulouse
Losant craig baldwin cwin18_toulouseLosant craig baldwin cwin18_toulouse
Losant craig baldwin cwin18_toulouse
Capgemini
 
Lunch and Learn: Fraud Trends in Financial Services
Lunch and Learn: Fraud Trends in Financial ServicesLunch and Learn: Fraud Trends in Financial Services
Lunch and Learn: Fraud Trends in Financial Services
TransUnion
 
Guarding the guardian’s guard: IBM Trusteer - SEP326 - AWS re:Inforce 2019
Guarding the guardian’s guard: IBM Trusteer - SEP326 - AWS re:Inforce 2019 Guarding the guardian’s guard: IBM Trusteer - SEP326 - AWS re:Inforce 2019
Guarding the guardian’s guard: IBM Trusteer - SEP326 - AWS re:Inforce 2019
Amazon Web Services
 
Internet of Things Security & Privacy
Internet of Things Security & PrivacyInternet of Things Security & Privacy
Internet of Things Security & Privacy
Chris Adriaensen
 
Authentifusion: Clarifying the Future of Customer Authentication
Authentifusion: Clarifying the Future of Customer AuthenticationAuthentifusion: Clarifying the Future of Customer Authentication
Authentifusion: Clarifying the Future of Customer Authentication
Michael Thelander
 
Splunk conf2014 - Operationalizing Advanced Threat Defense
Splunk conf2014 - Operationalizing Advanced Threat DefenseSplunk conf2014 - Operationalizing Advanced Threat Defense
Splunk conf2014 - Operationalizing Advanced Threat Defense
Splunk
 
How to Determine Your Attack Surface in the Healthcare Sector
How to Determine Your Attack Surface in the Healthcare SectorHow to Determine Your Attack Surface in the Healthcare Sector
How to Determine Your Attack Surface in the Healthcare Sector
Jeremiah Grossman
 
Secure crime identification system
Secure crime identification systemSecure crime identification system
Secure crime identification system
Sameer Telikicherla
 
CIS14: FIDO 101 (What, Why and Wherefore of FIDO)
CIS14: FIDO 101 (What, Why and Wherefore of FIDO)CIS14: FIDO 101 (What, Why and Wherefore of FIDO)
CIS14: FIDO 101 (What, Why and Wherefore of FIDO)
CloudIDSummit
 
Big Data and Internet of Things: Creating Customer Value for the Internet of ...
Big Data and Internet of Things: Creating Customer Value for the Internet of ...Big Data and Internet of Things: Creating Customer Value for the Internet of ...
Big Data and Internet of Things: Creating Customer Value for the Internet of ...
Red Bend Software
 

Similar to [Webinar] Does that device smell fishy? Why device risk is an essential element for your MFA strategy (20)

Multi-factor Authentication for dummies part 2: Adaptive Risk-Based MFA
Multi-factor Authentication for dummies part 2: Adaptive Risk-Based MFAMulti-factor Authentication for dummies part 2: Adaptive Risk-Based MFA
Multi-factor Authentication for dummies part 2: Adaptive Risk-Based MFA
 
Feeding the Beast-How Fraud Tools Bring Context into Authentication (Gartner ...
Feeding the Beast-How Fraud Tools Bring Context into Authentication (Gartner ...Feeding the Beast-How Fraud Tools Bring Context into Authentication (Gartner ...
Feeding the Beast-How Fraud Tools Bring Context into Authentication (Gartner ...
 
Authentifusion: Clarifying the Future of User Authentication
Authentifusion: Clarifying the Future of User AuthenticationAuthentifusion: Clarifying the Future of User Authentication
Authentifusion: Clarifying the Future of User Authentication
 
Authentifusion: Clarifying the Future of User Authentication
Authentifusion: Clarifying the Future of User AuthenticationAuthentifusion: Clarifying the Future of User Authentication
Authentifusion: Clarifying the Future of User Authentication
 
Fraud Prevention Strategies to Fight First-Party Fraud and Synthetic Identity...
Fraud Prevention Strategies to Fight First-Party Fraud and Synthetic Identity...Fraud Prevention Strategies to Fight First-Party Fraud and Synthetic Identity...
Fraud Prevention Strategies to Fight First-Party Fraud and Synthetic Identity...
 
Dynamic authentication rollin'
Dynamic authentication rollin'Dynamic authentication rollin'
Dynamic authentication rollin'
 
Creating a Winning Experience While Battling Online Fraud
Creating a Winning Experience While Battling Online FraudCreating a Winning Experience While Battling Online Fraud
Creating a Winning Experience While Battling Online Fraud
 
(Pdf) yury chemerkin balccon_2013
(Pdf) yury chemerkin balccon_2013(Pdf) yury chemerkin balccon_2013
(Pdf) yury chemerkin balccon_2013
 
Countering mobile malware in CSP’s network. Android honeypot as anti-fraud so...
Countering mobile malware in CSP’s network. Android honeypot as anti-fraud so...Countering mobile malware in CSP’s network. Android honeypot as anti-fraud so...
Countering mobile malware in CSP’s network. Android honeypot as anti-fraud so...
 
apidays LIVE Singapore 2021 - Why verifying user identity Is not enough In 20...
apidays LIVE Singapore 2021 - Why verifying user identity Is not enough In 20...apidays LIVE Singapore 2021 - Why verifying user identity Is not enough In 20...
apidays LIVE Singapore 2021 - Why verifying user identity Is not enough In 20...
 
Losant craig baldwin cwin18_toulouse
Losant craig baldwin cwin18_toulouseLosant craig baldwin cwin18_toulouse
Losant craig baldwin cwin18_toulouse
 
Lunch and Learn: Fraud Trends in Financial Services
Lunch and Learn: Fraud Trends in Financial ServicesLunch and Learn: Fraud Trends in Financial Services
Lunch and Learn: Fraud Trends in Financial Services
 
Guarding the guardian’s guard: IBM Trusteer - SEP326 - AWS re:Inforce 2019
Guarding the guardian’s guard: IBM Trusteer - SEP326 - AWS re:Inforce 2019 Guarding the guardian’s guard: IBM Trusteer - SEP326 - AWS re:Inforce 2019
Guarding the guardian’s guard: IBM Trusteer - SEP326 - AWS re:Inforce 2019
 
Internet of Things Security & Privacy
Internet of Things Security & PrivacyInternet of Things Security & Privacy
Internet of Things Security & Privacy
 
Authentifusion: Clarifying the Future of Customer Authentication
Authentifusion: Clarifying the Future of Customer AuthenticationAuthentifusion: Clarifying the Future of Customer Authentication
Authentifusion: Clarifying the Future of Customer Authentication
 
Splunk conf2014 - Operationalizing Advanced Threat Defense
Splunk conf2014 - Operationalizing Advanced Threat DefenseSplunk conf2014 - Operationalizing Advanced Threat Defense
Splunk conf2014 - Operationalizing Advanced Threat Defense
 
How to Determine Your Attack Surface in the Healthcare Sector
How to Determine Your Attack Surface in the Healthcare SectorHow to Determine Your Attack Surface in the Healthcare Sector
How to Determine Your Attack Surface in the Healthcare Sector
 
Secure crime identification system
Secure crime identification systemSecure crime identification system
Secure crime identification system
 
CIS14: FIDO 101 (What, Why and Wherefore of FIDO)
CIS14: FIDO 101 (What, Why and Wherefore of FIDO)CIS14: FIDO 101 (What, Why and Wherefore of FIDO)
CIS14: FIDO 101 (What, Why and Wherefore of FIDO)
 
Big Data and Internet of Things: Creating Customer Value for the Internet of ...
Big Data and Internet of Things: Creating Customer Value for the Internet of ...Big Data and Internet of Things: Creating Customer Value for the Internet of ...
Big Data and Internet of Things: Creating Customer Value for the Internet of ...
 

More from TransUnion

Leverage Gartner’s Insight for Assessing the Total Cost of Fraud in Your Paym...
Leverage Gartner’s Insight for Assessing the Total Cost of Fraud in Your Paym...Leverage Gartner’s Insight for Assessing the Total Cost of Fraud in Your Paym...
Leverage Gartner’s Insight for Assessing the Total Cost of Fraud in Your Paym...
TransUnion
 
A New Imperative: Global Privacy and Data Strategies
A New Imperative: Global Privacy and Data StrategiesA New Imperative: Global Privacy and Data Strategies
A New Imperative: Global Privacy and Data Strategies
TransUnion
 
The Business Imperative for Identity, Trust and Data Stewardship
The Business Imperative for Identity, Trust and Data StewardshipThe Business Imperative for Identity, Trust and Data Stewardship
The Business Imperative for Identity, Trust and Data Stewardship
TransUnion
 
2020 i gaming report webinar
2020 i gaming report webinar 2020 i gaming report webinar
2020 i gaming report webinar
TransUnion
 
Financial services report webinar v4
Financial services report webinar v4Financial services report webinar v4
Financial services report webinar v4
TransUnion
 
Webinar: Roll Out the VIP Path to Play
Webinar: Roll Out the VIP Path to PlayWebinar: Roll Out the VIP Path to Play
Webinar: Roll Out the VIP Path to Play
TransUnion
 
PSD2, SCA and the EBA’s Opinion on SCA – Decoded
PSD2, SCA and the EBA’s Opinion on SCA – DecodedPSD2, SCA and the EBA’s Opinion on SCA – Decoded
PSD2, SCA and the EBA’s Opinion on SCA – Decoded
TransUnion
 
Combating Social Engineering and Account Takeover by a Former U.S. Cybercriminal
Combating Social Engineering and Account Takeover by a Former U.S. CybercriminalCombating Social Engineering and Account Takeover by a Former U.S. Cybercriminal
Combating Social Engineering and Account Takeover by a Former U.S. Cybercriminal
TransUnion
 
How Confused.com and iovation Fight Ghost Broking
How Confused.com and iovation Fight Ghost BrokingHow Confused.com and iovation Fight Ghost Broking
How Confused.com and iovation Fight Ghost Broking
TransUnion
 
Keeping Your Customers Happy and Safe: Authentication and Authorization Strat...
Keeping Your Customers Happy and Safe: Authentication and Authorization Strat...Keeping Your Customers Happy and Safe: Authentication and Authorization Strat...
Keeping Your Customers Happy and Safe: Authentication and Authorization Strat...
TransUnion
 
The Insurance Digital Revolution Has a Fraud Problem
The Insurance Digital Revolution Has a Fraud ProblemThe Insurance Digital Revolution Has a Fraud Problem
The Insurance Digital Revolution Has a Fraud Problem
TransUnion
 
PSD2: The Advent of the New Payments Market in Europe
PSD2: The Advent of the New Payments Market in EuropePSD2: The Advent of the New Payments Market in Europe
PSD2: The Advent of the New Payments Market in Europe
TransUnion
 
How E-Commerce Providers Can Remove ATO from Their Carts
How E-Commerce Providers Can Remove ATO from Their CartsHow E-Commerce Providers Can Remove ATO from Their Carts
How E-Commerce Providers Can Remove ATO from Their Carts
TransUnion
 
2019 iovation Gambling Industry Report Highlights
2019 iovation Gambling Industry Report Highlights2019 iovation Gambling Industry Report Highlights
2019 iovation Gambling Industry Report Highlights
TransUnion
 
Nice Try, ATO: Use Customers’ Devices to Transparently Enhance Account Security
Nice Try, ATO: Use Customers’ Devices to Transparently Enhance Account SecurityNice Try, ATO: Use Customers’ Devices to Transparently Enhance Account Security
Nice Try, ATO: Use Customers’ Devices to Transparently Enhance Account Security
TransUnion
 
Definitive Guide to Next-generation Fraud Prevention: Techniques for the Mobi...
Definitive Guide to Next-generation Fraud Prevention: Techniques for the Mobi...Definitive Guide to Next-generation Fraud Prevention: Techniques for the Mobi...
Definitive Guide to Next-generation Fraud Prevention: Techniques for the Mobi...
TransUnion
 
Battling Credit Write-Offs by Identifying Synthetic Identity (Gartner Report ...
Battling Credit Write-Offs by Identifying Synthetic Identity (Gartner Report ...Battling Credit Write-Offs by Identifying Synthetic Identity (Gartner Report ...
Battling Credit Write-Offs by Identifying Synthetic Identity (Gartner Report ...
TransUnion
 
Working at the Margins: Change Agents in the Converged World (Gartner Report ...
Working at the Margins: Change Agents in the Converged World (Gartner Report ...Working at the Margins: Change Agents in the Converged World (Gartner Report ...
Working at the Margins: Change Agents in the Converged World (Gartner Report ...
TransUnion
 
Gartner Offers a Converged and Compelling Future (Gartner Report Part 1)
Gartner Offers a Converged and Compelling Future (Gartner Report Part 1)Gartner Offers a Converged and Compelling Future (Gartner Report Part 1)
Gartner Offers a Converged and Compelling Future (Gartner Report Part 1)
TransUnion
 
4 GDPR Hacks to Mitigate Breach Risks Post GDPR
4 GDPR Hacks to Mitigate Breach Risks Post GDPR4 GDPR Hacks to Mitigate Breach Risks Post GDPR
4 GDPR Hacks to Mitigate Breach Risks Post GDPR
TransUnion
 

More from TransUnion (20)

Leverage Gartner’s Insight for Assessing the Total Cost of Fraud in Your Paym...
Leverage Gartner’s Insight for Assessing the Total Cost of Fraud in Your Paym...Leverage Gartner’s Insight for Assessing the Total Cost of Fraud in Your Paym...
Leverage Gartner’s Insight for Assessing the Total Cost of Fraud in Your Paym...
 
A New Imperative: Global Privacy and Data Strategies
A New Imperative: Global Privacy and Data StrategiesA New Imperative: Global Privacy and Data Strategies
A New Imperative: Global Privacy and Data Strategies
 
The Business Imperative for Identity, Trust and Data Stewardship
The Business Imperative for Identity, Trust and Data StewardshipThe Business Imperative for Identity, Trust and Data Stewardship
The Business Imperative for Identity, Trust and Data Stewardship
 
2020 i gaming report webinar
2020 i gaming report webinar 2020 i gaming report webinar
2020 i gaming report webinar
 
Financial services report webinar v4
Financial services report webinar v4Financial services report webinar v4
Financial services report webinar v4
 
Webinar: Roll Out the VIP Path to Play
Webinar: Roll Out the VIP Path to PlayWebinar: Roll Out the VIP Path to Play
Webinar: Roll Out the VIP Path to Play
 
PSD2, SCA and the EBA’s Opinion on SCA – Decoded
PSD2, SCA and the EBA’s Opinion on SCA – DecodedPSD2, SCA and the EBA’s Opinion on SCA – Decoded
PSD2, SCA and the EBA’s Opinion on SCA – Decoded
 
Combating Social Engineering and Account Takeover by a Former U.S. Cybercriminal
Combating Social Engineering and Account Takeover by a Former U.S. CybercriminalCombating Social Engineering and Account Takeover by a Former U.S. Cybercriminal
Combating Social Engineering and Account Takeover by a Former U.S. Cybercriminal
 
How Confused.com and iovation Fight Ghost Broking
How Confused.com and iovation Fight Ghost BrokingHow Confused.com and iovation Fight Ghost Broking
How Confused.com and iovation Fight Ghost Broking
 
Keeping Your Customers Happy and Safe: Authentication and Authorization Strat...
Keeping Your Customers Happy and Safe: Authentication and Authorization Strat...Keeping Your Customers Happy and Safe: Authentication and Authorization Strat...
Keeping Your Customers Happy and Safe: Authentication and Authorization Strat...
 
The Insurance Digital Revolution Has a Fraud Problem
The Insurance Digital Revolution Has a Fraud ProblemThe Insurance Digital Revolution Has a Fraud Problem
The Insurance Digital Revolution Has a Fraud Problem
 
PSD2: The Advent of the New Payments Market in Europe
PSD2: The Advent of the New Payments Market in EuropePSD2: The Advent of the New Payments Market in Europe
PSD2: The Advent of the New Payments Market in Europe
 
How E-Commerce Providers Can Remove ATO from Their Carts
How E-Commerce Providers Can Remove ATO from Their CartsHow E-Commerce Providers Can Remove ATO from Their Carts
How E-Commerce Providers Can Remove ATO from Their Carts
 
2019 iovation Gambling Industry Report Highlights
2019 iovation Gambling Industry Report Highlights2019 iovation Gambling Industry Report Highlights
2019 iovation Gambling Industry Report Highlights
 
Nice Try, ATO: Use Customers’ Devices to Transparently Enhance Account Security
Nice Try, ATO: Use Customers’ Devices to Transparently Enhance Account SecurityNice Try, ATO: Use Customers’ Devices to Transparently Enhance Account Security
Nice Try, ATO: Use Customers’ Devices to Transparently Enhance Account Security
 
Definitive Guide to Next-generation Fraud Prevention: Techniques for the Mobi...
Definitive Guide to Next-generation Fraud Prevention: Techniques for the Mobi...Definitive Guide to Next-generation Fraud Prevention: Techniques for the Mobi...
Definitive Guide to Next-generation Fraud Prevention: Techniques for the Mobi...
 
Battling Credit Write-Offs by Identifying Synthetic Identity (Gartner Report ...
Battling Credit Write-Offs by Identifying Synthetic Identity (Gartner Report ...Battling Credit Write-Offs by Identifying Synthetic Identity (Gartner Report ...
Battling Credit Write-Offs by Identifying Synthetic Identity (Gartner Report ...
 
Working at the Margins: Change Agents in the Converged World (Gartner Report ...
Working at the Margins: Change Agents in the Converged World (Gartner Report ...Working at the Margins: Change Agents in the Converged World (Gartner Report ...
Working at the Margins: Change Agents in the Converged World (Gartner Report ...
 
Gartner Offers a Converged and Compelling Future (Gartner Report Part 1)
Gartner Offers a Converged and Compelling Future (Gartner Report Part 1)Gartner Offers a Converged and Compelling Future (Gartner Report Part 1)
Gartner Offers a Converged and Compelling Future (Gartner Report Part 1)
 
4 GDPR Hacks to Mitigate Breach Risks Post GDPR
4 GDPR Hacks to Mitigate Breach Risks Post GDPR4 GDPR Hacks to Mitigate Breach Risks Post GDPR
4 GDPR Hacks to Mitigate Breach Risks Post GDPR
 

Recently uploaded

Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Product School
 
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
UiPathCommunity
 
UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
DianaGray10
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
Guy Korland
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
KatiaHIMEUR1
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
Kari Kakkonen
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Albert Hoitingh
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance
 
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Nexer Digital
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
James Anderson
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
ControlCase
 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
BookNet Canada
 
Free Complete Python - A step towards Data Science
Free Complete Python - A step towards Data ScienceFree Complete Python - A step towards Data Science
Free Complete Python - A step towards Data Science
RinaMondal9
 
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfSAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
Peter Spielvogel
 
Quantum Computing: Current Landscape and the Future Role of APIs
Quantum Computing: Current Landscape and the Future Role of APIsQuantum Computing: Current Landscape and the Future Role of APIs
Quantum Computing: Current Landscape and the Future Role of APIs
Vlad Stirbu
 
Accelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish CachingAccelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish Caching
Thijs Feryn
 
How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...
Product School
 
Leading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdfLeading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdf
OnBoard
 
PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)
Ralf Eggert
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
Jemma Hussein Allen
 

Recently uploaded (20)

Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
 
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
 
UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
 
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
 
Free Complete Python - A step towards Data Science
Free Complete Python - A step towards Data ScienceFree Complete Python - A step towards Data Science
Free Complete Python - A step towards Data Science
 
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfSAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
 
Quantum Computing: Current Landscape and the Future Role of APIs
Quantum Computing: Current Landscape and the Future Role of APIsQuantum Computing: Current Landscape and the Future Role of APIs
Quantum Computing: Current Landscape and the Future Role of APIs
 
Accelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish CachingAccelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish Caching
 
How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...
 
Leading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdfLeading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdf
 
PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
 

[Webinar] Does that device smell fishy? Why device risk is an essential element for your MFA strategy

  • 1. WEBINAR DOES THIS DEVICE SMELL FISHY? HOW DEVICE INSIGHT IMPROVES MFA OCTOBER 2017 MICHAEL THELANDER / SR DIRECTOR PRODUCT MARKETING
  • 2. 2 YOUR HOST M I C H A E L T H E L A N D E R , D I R E C T O R P R O D U C T M K T G n Michael’s articles have appeared in IT Professional Magazine, CyberDefense Magazine, SoftwareCEO .com n 25 years in product management and product marketing, with the last 10 focused on cyber security n Currently drives market and customer research initiatives n Responsible for new product introductions and training n Facilitates the ongoing relationship between engineering, product management, and our iovation subscribers
  • 3. AGENDA 3 THE PROMISED LAND OF MFA DEVICE RISK AND INSIGHT PUTTING THEM TOGETHER TAKEAWAYS
  • 4. THE PROMISED LAND MULTIFACTOR AUTHENTICATION MATURES
  • 5. 5
  • 6. 6 MOBILE MULTIFACTOR AUTHENTICATION S T R O N G A N D F L E X I B L E A U T H E N T I C A T I O N Something you KNOW
  • 7. 7 MOBILE MULTIFACTOR AUTHENTICATION S T R O N G A N D F L E X I B L E A U T H E N T I C A T I O N Something you KNOW Something you ARE Identity verified
  • 8. 8 MOBILE MULTIFACTOR AUTHENTICATION S T R O N G A N D F L E X I B L E A U T H E N T I C A T I O N Something you KNOW Something you ARE Something you HAVE
  • 9. 9 MOBILE MULTIFACTOR AUTHENTICATION S T R O N G A N D F L E X I B L E A U T H E N T I C A T I O N Identity verified + +
  • 10. 10 MOBILE MULTIFACTOR AUTHENTICATION S T R O N G A N D F L E X I B L E A U T H E N T I C A T I O N
  • 12. 12 DIFFERENT RULES FOR AUTHENTICATION & RISK EvidenceDevice & Age Risk Profile Geo- location Anomaly Watch ListsVelocity ISP Watch List Transactions per Account Timezone / Geo Mismatch Subscriber Evidence Exists Transaction Amount Range Geolocation Mismatch Device new to Subscriber IP Address Range List Global Trans Device Velocity Device Not Provided Evidence Exists Billing/Shipping Mismatch Proxy In Use New Device, Existing Acct Email Domain List Countries Per Acct or Device Suspect Device Data IP Address RiskCountry List Age of the Association Browser Language Trans per IP/Device/Acct TOR Exit Node IP Device Risk (Local or Global) Mobile Carrier Country List Registered Acct/Dev Pair ISP Organization List $S Value per Device or Acct VM in Use Language and Country Risk IP Address Distance Device Type List Devices per Account Mobile Emulator Detected Jailbreak/Root Detected IP Address Mismatch Accts (Created) per Device ISP Mismatch NO RISK DETECTED
  • 13. 13 THE DNA OF A DEVICE HUNDREDS OF DEVICE ATTRIBUTES COMBINE TO CREATE A DIGITAL FINGERPRINT
  • 14. 14 n WiFi (or Bluetooth) MAC Address n Network configuration n iOS Device Model n Battery level / AC mode n Device orientation n File system size n Physical memory n Number attached accessories n Has proximity sensor? n Screen brightness and resolution n System uptime n iOS Device Name (MD5 Hash) n OS Name and/or version n Device advertising UUID n Kernel version n iCloud Ubiquity Token n Application Vendor UUID /name/vers n Is Simulator? THE DNA OF A DEVICE HUNDREDS OF DEVICE ATTRIBUTES COMBINE TO CREATE A DIGITAL FINGERPRINT n Locale language / currency code n WiFi MAC Address n Bluetooth MAC Address n Network configuration n Is plugged in? n Device orientation n File system size n Physical memory n CPU Type n CPU count n CPU Speed n Screen brightness n Screen resolution n System uptime n iOS Device Name (MD5 Hash) n Device advertising UUID n Current latitude n Current longitude n Current altitude n Application Vendor UUID n Bundle ID n Application Version n Application name n Process name n Executable name n Application orientation n Locale language code n Locale currency code n Are location services enabled? n Time zone n Currently registered radio technology n Carrier name n Carrier ISO country code n Carrier mobile country code n Carrier mobile network code n Does carrier allow VOIP? Unique adaptive analytics are used to determine the combinations of attributes needed to achieve accurate device and risk recognition.
  • 15. 15 DIFFERENT RULES FOR AUTHENTICATION & RISK EvidenceDevice & Age Risk Profile Geo- location Anomaly Watch ListsVelocity ISP Watch List Transactions per Account Timezone / Geo Mismatch Subscriber Evidence Exists Transaction Amount Range Geolocation Mismatch Device new to Subscriber IP Address Range List Global Trans Device Velocity Device Not Provided Evidence Exists Billing/Shipping Mismatch Proxy In Use New Device, Existing Acct Email Domain List Countries Per Acct or Device Suspect Device Data IP Address RiskCountry List Age of the Association Browser Language Trans per IP/Device/Acct TOR Exit Node IP Device Risk (Local or Global) Mobile Carrier Country List Registered Acct/Dev Pair ISP Organization List $S Value per Device or Acct VM in Use Language and Country Risk IP Address Distance Device Type List Devices per Account Mobile Emulator Detected Jailbreak/Root Detected IP Address Mismatch Accts (Created) per Device ISP Mismatch SLIGHT RISK DETECTED
  • 16. 16 DIFFERENT RULES FOR AUTHENTICATION & RISK EvidenceDevice & Age Risk Profile Geo- location Anomaly Watch ListsVelocity ISP Watch List Transactions per Account Timezone / Geo Mismatch Subscriber Evidence Exists Transaction Amount Range Geolocation Mismatch Device new to Subscriber IP Address Range List Global Trans Device Velocity Device Not Provided Evidence Exists Billing/Shipping Mismatch Proxy In Use New Device, Existing Acct Email Domain List Countries Per Acct or Device Suspect Device Data IP Address RiskCountry List Age of the Association Browser Language Trans per IP/Device/Acct TOR Exit Node IP Device Risk (Local or Global) Mobile Carrier Country List Registered Acct/Dev Pair ISP Organization List $S Value per Device or Acct VM in Use Language and Country Risk IP Address Distance Device Type List Devices per Account Mobile Emulator Detected Jailbreak/Root Detected IP Address Mismatch Accts (Created) per Device ISP Mismatch MODERATE RISKS DETECTED
  • 17. 17 DIFFERENT RULES FOR AUTHENTICATION & RISK EvidenceDevice & Age Risk Profile Geo- location Anomaly Watch ListsVelocity ISP Watch List Transactions per Account Timezone / Geo Mismatch Subscriber Evidence Exists Transaction Amount Range Geolocation Mismatch Device new to Subscriber IP Address Range List Global Trans Device Velocity Device Not Provided Evidence Exists Billing/Shipping Mismatch Proxy In Use New Device, Existing Acct Email Domain List Countries Per Acct or Device Suspect Device Data IP Address RiskCountry List Age of the Association Browser Language Trans per IP/Device/Acct TOR Exit Node IP Device Risk (Local or Global) Mobile Carrier Country List Registered Acct/Dev Pair ISP Organization List $S Value per Device or Acct VM in Use Language and Country Risk IP Address Distance Device Type List Devices per Account Mobile Emulator Detected Jailbreak/Root Detected IP Address Mismatch Accts (Created) per Device ISP Mismatch RISK LEVELS EXCEEDED – DENY OR STEP-UP
  • 18. 18 CLEARKEY D E V I C E - B A S E D A U T H E N T I C A T I O N U S I N G M A C H I N E L E A R N I N G Machine learning compares returning devices Transparent authentication eliminates friction Turns the user’s device into a possession factor Adaptive, contextual response drives subsequent authentication strategies and actions MINIMUM THRESHOLD MAXIMUM THRESHOLD Original Device Print Returning Device Print
  • 19. 19 CLEARKEY A N E N G I N E F O R C O N T E X T A N D R I S K DEVICE ID GEO LOCATION DEVICE INTEGRITY ADDITIONAL DEVICE CONTEXT ASSOCIATIONS & REPUTATION USER 1 ACCESS Globally unique identifier for this device Detect for rooted, jailbroken, compromised What does iovation know about this device? Session risk? TOR browser or emulator? Geo and IP information with anomaly detection
  • 20. PUTTING THEM TOGETHER ADDING DEVICE INSIGHT TO MFA WORKFLOWS
  • 21. 21 F R A U D F O R C E N E W Y O R K DEVICE ID GEO LOCATION DEVICE INTEGRITY ADDITIONAL DEVICE CONTEXT ASSOCIATIONS & REPUTATION
  • 22. 22
  • 23. 23 DEVICE ID GEO LOCATION DEVICE INTEGRITY ADDITIONAL DEVICE CONTEXT ASSOCIATIONS & REPUTATION
  • 24. 24 “Fraud Risk: Review.” DEVICE ID GEO LOCATION DEVICE INTEGRITY ADDITIONAL DEVICE CONTEXT ASSOCIATIONS & REPUTATION
  • 25. 25 THE DNA OF A DEVICE EvidenceDevice & Age Risk Profile Geo- location Anomaly Watch ListsVelocity ISP Watch List Transactions per Account Timezone / Geo Mismatch Subscriber Evidence Exists Transaction Amount Range Geolocation Mismatch Device new to Subscriber IP Address Range List Global Trans Device Velocity Device Not Provided Evidence Exists Billing/Shipping Mismatch Proxy In Use New Device, Existing Acct Email Domain List Countries Per Acct or Device Suspect Device Data IP Address RiskCountry List Age of the Association Browser Language Trans per IP/Device/Acct TOR Exit Node IP Device Risk (Local or Global) Mobile Carrier Country List Registered Acct/Dev Pair ISP Organization List $S Value per Device or Acct VM in Use Language and Country Risk IP Address Distance Device Type List Devices per Account Mobile Emulator Detected Jailbreak/Root Detected IP Address Mismatch Accts (Created) per Device ISP Mismatch NO RISK DETECTED +1000
  • 26. 26 THE DNA OF A DEVICE EvidenceDevice & Age Risk Profile Geo- location Anomaly Watch ListsVelocity ISP Watch List Transactions per Account Timezone / Geo Mismatch Subscriber Evidence Exists Transaction Amount Range Geolocation Mismatch Device new to Subscriber IP Address Range List Global Trans Device Velocity Device Not Provided Evidence Exists Billing/Shipping Mismatch Proxy In Use New Device, Existing Acct Email Domain List Countries Per Acct or Device Suspect Device Data IP Address RiskCountry List Age of the Association Browser Language Trans per IP/Device/Acct TOR Exit Node IP Device Risk (Local or Global) Mobile Carrier Country List Registered Acct/Dev Pair ISP Organization List $S Value per Device or Acct VM in Use Language and Country Risk IP Address Distance Device Type List Devices per Account Mobile Emulator Detected Jailbreak/Root Detected IP Address Mismatch Accts (Created) per Device ISP Mismatch SLIGHT RISK DETECTED +200
  • 27. 27 THE DNA OF A DEVICE EvidenceDevice & Age Risk Profile Geo- location Anomaly Watch ListsVelocity ISP Watch List Transactions per Account Timezone / Geo Mismatch Subscriber Evidence Exists Transaction Amount Range Geolocation Mismatch Device new to Subscriber IP Address Range List Global Trans Device Velocity Device Not Provided Evidence Exists Billing/Shipping Mismatch Proxy In Use New Device, Existing Acct Email Domain List Countries Per Acct or Device Suspect Device Data IP Address RiskCountry List Age of the Association Browser Language Trans per IP/Device/Acct TOR Exit Node IP Device Risk (Local or Global) Mobile Carrier Country List Registered Acct/Dev Pair ISP Organization List $S Value per Device or Acct VM in Use Language and Country Risk IP Address Distance Device Type List Devices per Account Mobile Emulator Detected Jailbreak/Root Detected IP Address Mismatch Accts (Created) per Device ISP Mismatch MODERATE RISKS DETECTED -500 +
  • 28. 28 THE DNA OF A DEVICE EvidenceDevice & Age Risk Profile Geo- location Anomaly Watch ListsVelocity ISP Watch List Transactions per Account Timezone / Geo Mismatch Subscriber Evidence Exists Transaction Amount Range Geolocation Mismatch Device new to Subscriber IP Address Range List Global Trans Device Velocity Device Not Provided Evidence Exists Billing/Shipping Mismatch Proxy In Use New Device, Existing Acct Email Domain List Countries Per Acct or Device Suspect Device Data IP Address RiskCountry List Age of the Association Browser Language Trans per IP/Device/Acct TOR Exit Node IP Device Risk (Local or Global) Mobile Carrier Country List Registered Acct/Dev Pair ISP Organization List $S Value per Device or Acct VM in Use Language and Country Risk IP Address Distance Device Type List Devices per Account Mobile Emulator Detected Jailbreak/Root Detected IP Address Mismatch Accts (Created) per Device ISP Mismatch RISK LEVELS EXCEEDED – DENY OR STEP-UP -1,000 Call Customer Service
  • 30. 30 RISK MITIGATION FraudForce Real time fraud prevention based on world class device intelligence. ClearKey Transparent device-based authentication for outstanding user experience. DEVICE-BASED AUTHENTICATION TRUST INSIGHT SureScore Machine learning identifies valuable customers, reduces review and accelerates revenue. MULTIFACTOR AUTHENTICATION LaunchKey On-demand multifactor authentication that’s strong, usable, and fully customizable.
  • 31. 31
  • 33. Q&A
  • 34. CONTACT US www.iovation.com @TheOtherMichael SENIOR DIRECTOR OF PRODUCT MARKETING MICHAEL THELANDER michael.thelander@iovation.com