KuppingerCole Report
Executive View
By John Tolbert

HID Global Fraud Prevention Offering

HID Global offers robust and secure solutions for identity and access management, including a highly scalable authentication platform, physical access controls, smart identity card manufacturing and credential issuance, biometric authentication, and fraud prevention in the form of mobile/remote identity proofing, real time threat detection and strong security protocols and cryptographic standards to secure digital channels. HID Global presents each of these elements into a full fraud prevention offering suitable for helping customers reduce the risk and costs associated with Account Take Over, New Account Fraud, and many other types of digital threats.
By
jt@kuppingercole.com

1 Introduction

Fraud is a major cost to businesses worldwide. Multiple reporting sources estimate that total related cybercrime costs will reach \$10.5 trillion by 2025 globally. Banking, finance, payment services, and retail are some of the most frequent objectives of fraudsters, as expected. However, insurance, gaming, telecommunications, health care, cryptocurrency exchanges, travel and hospitality, and real estate are increasingly targeted as cybercriminals have realized that most online services trade in monetary equivalents. Moreover, after years in the sights of cybercriminals, banking and finance in general are better secured than other industries, so fraudsters attack any potentially lucrative target of opportunity. Fraud perpetrators also continually diversify their Tactics, Techniques, and Procedures (TTPs).

Three of the most prevalent types of fraud businesses experience today are:

Account Takeover Fraud (ATO) - Often occurs when fraudsters use breached passwords and credential stuffing attacks to execute unauthorized transactions. Additional means for account takeover fraud are malware attacks (man in the middle and man in the browser) as well as the use of Remote Access Tools via Trojan or social engineering scams.

New Account Fraud (NAF) -- Fraud that occurs at the time of account opening, also called Synthetic Fraud or Account Opening Fraud. This often happens as a result of using stolen personal information to create a synthetic digital ID, can be more difficult to detect and has advantages for attackers. This type involves gathering bits of PII (Personally Identifiable Information) on legitimate persons to construct illegitimate accounts. Educational, financial, and medical records can be sources of PII used for assembling fake accounts, which are then often used to abuse promotions and instant loans and/or used as mule accounts to move money around.

Social Engineering Voice Scams -- In this scam, also known as Authorized Push Payment fraud, fraudsters call up victims, pretending to be from a bank or other business, and ask them to perform fraudulent actions such as transferring funds immediately in response to a non-existent condition. Fraudsters may claim that the victim's accounts have been compromised and they need to move their funds as soon as possible to protect their money.

One of the chief mitigation strategies against these types of fraud is risk-based multi-factor authentication (MFA). Strong authentication or MFA can eliminate a substantial portion of ATOs by increasing authentication assurance levels. Risk-based MFA often utilizes mechanisms to increase identity assurance, such as identity proofing, user behavioral analytics, and behavioral/passive biometrics.

Risk-based MFA is characterized by transaction-time evaluation of multiple factors, including information about users, their devices, and the environments from which requests emanate. There are cases where legitimate users are being scammed (social engineering voice scams, for instance) and can pass the tests involved in various forms of MFA. The presence and action of malware like Remote Access Trojans (RATs) may also taint the results of MFA risk analyses. Thus, it is important to be able to have deeper insights into the context of each transaction. Risk-based MFA solutions operate optimally when integrated with or informed by Fraud Reduction Intelligence Platforms (FRIPs). FRIPs provide to risk-based MFA and transaction processing systems the information needed to make more accurate decisions on whether or not transactions should execute. FRIP solutions generally provide up to six major functions:

  • Identity proofing/vetting

  • Credential intelligence

  • Device intelligence

  • User behavioral analysis

  • Behavioral/passive biometrics

  • Bot detection & management

To detect and mitigate ATO fraud techniques, FRIP solutions interoperate with transaction processing systems, evaluating the context of each transaction request against pre-determined policies (similarly to authentication decisions in risk-based authentication systems) and then outputting risk scores. In these use cases, customers of FRIP solutions usually must write a bit of code to have their transaction processing systems query the FRIP service providers' APIs. For example, a FRIP customer will collect transaction context information and transmit that as part of the API call to the FRIP service. The FRIP solution analyzes the transaction request context, gathers additional intelligence relevant to the user and request in real-time, scores it in accordance with customer-determined policies, then returns the risk score and potentially additional insights to the calling customer. The customer's transaction processing logic then executes, taking into consideration the risk score from the FRIP service.

FRIP solutions also help prevent New Account fraud. Various components can work in concert to deter fraudsters from being able to use fraudulently obtained personal information to create accounts. Identity proofing is a collection of processes that aim to ensure that the person attempting to create a digital account is the person they are purporting to be. These processes may include physical verification of presence with photo ID, or more modern means of using mobile apps to electronically match physical documents with the device operator. Credential and device intelligence can be used as part of the identity vetting process to deter synthetic fraud. Moreover, the development of user behavioral biometric profiles that can be set as baselines and analyzed at subsequent registrations can be a useful technique for stopping account opening fraud attempts.

Integration between advanced FRIP solutions and line-of-business applications in finance, insurance, and retail industries is a required technique to mitigate the ever-increasing frequency of and sophistication of fraudsters.

2 Product Descriptions

HID Global is a subsidiary of ASSA ABLOY Group AB of Stockholm. HID Global's US headquarters is in Austin, TX. HID Global has developed their own rang ...

Login Get full Access

2.1 Identity Verification Service

Fraud protection begins with identity vetting at the time of account creation. Government and highly regulated industries worldwide such as financial ...

Login Get full Access

2.2 Risk Management Solution

The HID Global Risk Management Solution addresses many of the most prevalent fraud types: ATO, synthetic fraud, banking overlays and other malware des ...

Login Get full Access

2.3 HID Approve

HID Approve is HID Global's transaction signing and authentication solution that uses push notifications. It can be fully integrated into the authenti ...

Login Get full Access

3 Strengths and Challenges

The volume and complexity of fraud is increasing, and businesses in almost every industry as well as government agencies are actively seeking Fraud Re ...

Login Get full Access

Copyright

©2021 KuppingerCole Analysts AG all rights reserved. Reproduction and distribution of this publication in any form is forbidden unless prior written permission. All conclusions, recommendations and predictions in this document represent KuppingerCole´s initial view. Through gathering more information and performing deep analysis, positions presented in this document will be subject to refinements or even major changes. KuppingerCole disclaim all warranties as to the completeness, accuracy and/or adequacy of this information. Even if KuppingerCole research documents may discuss legal issues related to information security and technology, KuppingerCole do not provide any legal services or advice and its publications shall not be used as such. KuppingerCole shall have no liability for errors or inadequacies in the information contained in this document. Any opinion expressed may be subject to change without notice. All product and company names are trademarks™ or registered® trademarks of their respective holders. Use of them does not imply any affiliation with or endorsement by them.

KuppingerCole Analysts support IT professionals with outstanding expertise in defining IT strategies and in relevant decision-making processes. As a leading analyst ompany, KuppingerCole provides first-hand vendor-neutral information. Our services allow you to feel comfortable and secure in taking decisions essential to your business.

KuppingerCole, founded in 2004, is a global, independent analyst organization headquartered in Europe. We specialize in providing vendor-neutral advice, expertise, thought leadership, and practical relevance in Cybersecurity, Digital Identity & IAM (Identity and Access Management), Cloud Risk and Security, and Artificial Intelligence, as well as for all technologies fostering Digital Transformation. We support companies, corporate users, integrators and software manufacturers in meeting both tactical and strategic challenges and make better decisions for the success of their business. Maintaining a balance between immediate implementation and long-term viability is at the heart of our philosophy.

For further information, please contact clients@kuppingercole.com.

top