Sophisticated Fraud Calls for Actionable Device Intelligence

Cybercrime has grown exponentially in recent years to become the leading concern for online businesses. Cybersecurity Ventures forecasts cybercrime damage will amount to $6 trillion annually by 2021, while PwC has found nearly half of businesses suffered at least one fraud attack in the past 24 months, with an average of six per company. As the digital footprint of organizations grow, establishing online trust and safety is vital to their success.

Advances in technology have enabled fraud syndicates to commit large-scale attacks with tremendous ease. Career fraudsters are becoming so sophisticated that they have given rise to a new term: ‘cybercrime-as-a-service’. This ecosystem has grown as fraudsters have learned how to leverage more sophisticated tools – such as emulators, app cloners, VPNs, and GPS spoofers – to conduct attacks at high velocity and scale, at minimum cost. Their attacks are often irregular and difficult to detect, exploiting loopholes that businesses do not even know exist as they build their digital platforms.

Under threat but underserved by traditional defenses

For start-ups, success typically comes in the form of growth. Venture capitalists often stress the importance of hyper-growth scaling – more users mean more sources of revenue in the long term. But as companies grow and mature, cash flows and an expanding user base mark them as prime targets for fraudsters. Research by Hiscox estimates the average cost of a cyberattack on a small business is $200,000, putting six in ten of those affected out of business within six months. Internally, businesses find themselves in a difficult balancing act between driving growth and reducing risk.

If fraud is left unchecked, these organizations not only face business-crippling financial losses, but also compromised customer experiences and inefficient marketing spend, such as in the case of advertising fraud. They may find themselves with many fake users and no visibility on accounts being accessed by cybercriminals. A heavily fraudulent user base could have unforeseen impact on the future, including the ability to list on a stock exchange or be acquired.

Conventional fraud solutions tend to only analyze surface-level device attributes and are especially ineffective with mobile devices, failing to root out the most subtle and stealthy threats. Even with a device fingerprint, most solutions cannot pinpoint the devices that should not be trusted. Is it a real device or a fake one being run from an emulator? Are GPS spoofers being used? Does the device location match up with the carrier information? Comprehensive, accurate and versatile device intelligence is crucial to enable business to circumvent the more sophisticated techniques used by fraudsters today and take action against malicious users.

Real-time detection of malicious devices

SHIELD is a leading cybersecurity company specializing in cyber fraud and identity solutions. We have five products that we specifically created to deliver a level of trust and safety that conventional technologies cannot offer. DeviceSHIELD, our flagship solution, is particularly relevant to devices. It provides businesses with risk intelligence, generating actionable signals in real time so they can take action against malicious users and protect themselves, their customers, and their partners from exploitation.

When it comes to device intelligence, size, and diversity matter. From two-man companies to global corporations, the information businesses can gather is still limited to the devices within their own ecosystem. SHIELD profiles billions of devices across six continents. The resulting network of intelligence, known as the Global Intelligence Network, enhances SHIELD’s technology by proactively protecting a device from types of fraud that have never been encountered. Timeliness also matters, and so DeviceSHIELD uses deep learning algorithms to identify anomalies with unmatched speed. With fraudsters using increasingly advanced scripts to fine-tune their attacks, AI and machine learning technologies are critical in preventing new and unknown threats.

As a plug-and-play solution that can be deployed in minutes to deliver immediate results, DeviceSHIELD’s flexible consumption model means that it can be tailored to any company’s business model and strategy. While many deploy it as a standalone solution to identify and take action against fraud, many businesses with in-house fraud systems use it as an additional data source to enhance decision-making.

Accuracy powers better decision-making

Accuracy is a vital element of any successful fraud defense. DeviceSHIELD is currently the only technology that uses a device’s DNA to identify malicious users, enabling it to detect fraud with unparalleled accuracy and consistency. With persistent identification of the same device, DeviceSHIELD pinpoints fraudulent activity to the original device it was initiated on. The ability to assess risk continuously through an entire user session also bolsters risk scoring accuracy.

DeviceSHIELD also accurately detects when malicious tools are actively in use, flagging fraudulent intent. But, crucially, it is not a one-size-fits-all solution, as all organizations are different and have varying levels of sensitivity to specific types of tools than others. A ride-hailing app, for example, would have a far greater sensitivity to someone using a GPS spoofer than a company selling luxury goods.  

Device intelligence is, simply, fundamental to fraud prevention today, and will only become more important as cyber tools and techniques continue to evolve. In this increasingly sophisticated fraud landscape, organizations must arm themselves with actionable insights that inform their judgements around the trustworthiness of devices and users in their ecosystem. Their success in the digital age depends on their ability to build trust in customers while ensuring a safe online environment in which to interact.