Embed Size (px)
Citation preview
Fraud – The New Norm
Luke Niemiec – Entrust Datacard
April 4, 2019.
Proprietary and Confidential / Copyright Entrust Datacard 2
T H E D I G I T A L R E V O L U T I O N I S H E R E
A n d i s e s t i m a t e d t o c r e a t e u p w a r d s o f
$ 1 0 0 t r i l l i o n
i n v a l u e o v e r t h e n e x t d e c a d e .
Proprietary and Confidential / Copyright Entrust Datacard 3
Enhanced employee experiences
More efficient supply chainsStreamline processes
Profitable customer relationshipsImproved patient care
Faster time to market
DIGITAL BUSINESS IS ABOUT IMPROVING BUSINESS OUTCOMES
DIGITAL BUSINESS RELIES ON DIGITAL TRUST
Proprietary and Confidential / Copyright Entrust Datacard 4
THE IMPACT OF INADEQUATE DIGITAL TRUST
The humorous The worrisome The catastrophic
5
Copyright Entrust Datacard 5
AUTHENTICATION / FRAUD STORY
Full Office of Personnel
Management security check
forms for 34M employees and
names of over 120M
Names, DOB, Member ID /
SSN.
Addresses, phone numbers,
emails, and employment info
Name, Address,
phone #, email
Names, mailing addresses,
phone numbers and emails
Credit Card Details,
email addresses
Nearly 100% of breaches start with a stolen credential
-
10,000,000.00
20,000,000.00
30,000,000.00
40,000,000.00
50,000,000.00
60,000,000.00
70,000,000.00
80,000,000.00
90,000,000.00
100,000,000.00
Aug-13 Nov-13 Mar-14 Jun-14 Sep-14 Dec-14 Apr-15 Jul-15 Oct-15
Largest Breaches 2013 - Present
7
FRAUD STORY?
9
COMPREHENSIVE FRAUD DETECTION & PREVENTIONIT’S ABOUT TRANSACTIONS:
FINANCIAL
1.1 Credit Card
1.2 ACH/Debit
1.3 Friendly Chargeback
1.4 Insufficient Funds
1.5 Fraud – Other
1.6 Potential Fraud
1.7 Shipping Fraud
1.8 Counterfeit Money Order/Cashier’s Check
1.9 Click Fraud
1.10 Affiliate Fraud
1.11 First Party Fraud
1.12 Loan Default
CHEATING
2.1 Collusion
2.2 Chip Dumping
2.3 All-In Abuse
2.4 Trading Restriction
MISCONDUCT
3.1 Chat Abuse
3.2 SPAM
3.3 Abusive to Support
3.4 Promotion Abuse
3.5 Policy / License Agreement Violations
3.6 Customer Harassment / Bullying
3.7 Inappropriate Content
3.8 Profile Misrepresentation
3.9 Scammer / Solicitation
3.10 Code Hacking
3.11 Arbitrage Betting
3.12 Gold Farming
IDENTITY THEFT
4.1 True Identity Theft
4.2 Synthetic Identity Theft
4.3 Identity Mining (Phishing)
4.4 Account Take-Over / Hijacking
4.5 Failed Multi-Factor Authentication
POLICY FRAUD
5.1 Application Fraud—1st Party
5.2 Application Fraud—3rd Party
5.3 Claims Fraud—1st Party
5.4 Claims Fraud—3rd Party
B2B FINANCIAL
10.1 Business Identity Theft
10.2 Fictitious Business
10.3 Business Takeover
10.4 Dealer Fraud
10.5 Payment Evasion
10.6 Business Misrepresentation
MISCELLANEOUS
99.1 High Risk Users
99.2 Under / Over Age
99.3 Customer Requested Exclusion
10
Copyright Entrust Datacard 10
Entrust Datacard
Trusted Identity Assurance Platform
• trust the user
• trust the device
• provision a credential
• secure access
• secure transactions
• sign transactions
• monitor user behavior
• monitor session activity
• monitor system wide patterns
IDENTITY CREATION
Digitally onboard users and provision multi-purpose credentials
Mobile-based identity verification
Digital onboarding consumers , partners etc. (external users)
Digital and physical credentials (cloud-based ID card issuance)
11
Copyright Entrust Datacard 11
Entrust Datacard
Trusted Identity Assurance Platform
INTELLIGENT IDENTITY
Authentication that is easy to deploy and easy to use
Cloud platform, modern provisioning & management
Mobile with proximity login & SSO
Advanced adaptive authentication including device identity assurance
• trust the user
• trust the device
• provision a credential
• secure access
• secure transactions
• sign transactions
• monitor user behavior
• monitor session activity
• monitor system wide patterns
12
Copyright Entrust Datacard 12
Entrust Datacard
Trusted Identity Assurance Platform
• trust the user
• trust the device
• provision a credential
• secure access
• secure transactions
• sign transactions
• monitor user behavior
• monitor session activity
• monitor system wide patterns
CONTINUOUS TRUST
Assess both affirming and negative signals to continuously adapt to risk
Real-time monitoring and step up authentication
Multi-channel: cloud (CASB), web, email
Third party UEBA & SIEM platforms
13
Copyright Entrust Datacard 13
The journey to Continuous Authentication
By the end of 2020, 90% of large and global enterprises will employ rich analytics and adaptive authentication techniques. Gartner May 2018
14
Copyright Entrust Datacard 14
Beyond MFA: The Platform Needs the Whole Story
15
Thank You
