DATA S H E E T

Conducting transactions via mobile apps on smartphones, tablets, and other mobile devices has rapidly grown into a standard practice. Regrettably, because mobile apps typically lack the security features found in powerful, full-featured web browsers and applications, criminals exploit these weaknesses and crime associated with mobile apps has become a major concern.

The ThreatMetrix™ Solution for Native Mobile Apps ThreatMetrix provides a lightweight library in the form of a software development kit, or SDK, that developers can easily integrate within their mobile apps. This SDK, known as TrustDefender Mobile, provides mobile apps with the infrastructure and intelligence needed to verify the trustworthiness of a mobile device. Legitimate users are immediately recognized and can conduct their transactions without additional authentication procedures. As a result, TrustDefender Mobile benefits both businesses and their customers.

Calls to TrustDefender Mobile are inserted at strategic points within mobile applications—usually during login, payments, and account registrations. The mobile device is then profiled on a wide range of levels:

• Advanced Persistent Device Identification: Identifiesindividual mobile devices for both iOS and Android platforms,even if they have been reset or if the application has been reinstalled.

• Malware Detection: For Android-based systems,TrustDefender Mobile verifies the integrity of the applicationin which it is embedded to ensure it has not been modified or infected. It also analyzes all other apps installed on the device, and reports their reputation and the presence of any malicious code.

• Location Services: : Latitude and longitude information isgathered from GPS hardware, and IP addresses are comparedwith physical locations to detect the use of proxies and VPNs.

Preventing Fraud from Mobile AppsComplete Visibility of Individual Attack Vectors

• Jailbroken (iOS) and Rooted (Android) Devices: Dynamicjailbreak and root detection technologies determine when device security controls have been thwarted.

• Anomaly Detection: Detects device tampering as well asattempts to masquerade as a different device, along with anumber of other anomalies that may indicate fraud.

• Packet Fingerprinting: Automatically detects deviceand data spoofing by analyzing the network traffic packetsignatures originating from the device.

• Dynamic Configuration and Updates: Configurationand threat methods are updated via ThreatMetrix servers, mitigating the need for customers to re-release their apps.

• Easy Integration: TrustDefender Mobile can be invoked viaa single line of code.

Full Integration With TrustDefender PlatformTrustDefender Mobile is a fully-integrated component of the TrustDefender Cybercrime Protection Platform. As such, it benefits from all of the advantages of the largest and most comprehensive threat intelligence network available, as well as sophisticated threat analytics performed by the TrustDefender Cybercrime Protection Platform.

The shared Global Trust Intelligence Network The shared Global Trust Intelligence Network is the foundation of the ThreatMetrix solution. ThreatMetrix profiles tens of millions of users, their behaviors, and their devices daily, and regularly analyzes over 500 million login attempts, payments, and other transactions. Individual threats such as malware, excessive login attempts, suspicious geolocations, dubious connection paths, and hundreds of additional anomalies are detected and recorded.

The TrustDefender™ Cybercrime Protection Platform The TrustDefender Cybercrime Protection Platform leverages the data from the shared Global Trust Intelligence Network, and the information provided by other components, including TrustDefender Mobile. Using this full set of data, the platform

DATA S H E E T

executes advanced and sophisticated processes, combining the historical and real-time risks of everything associated with the user, device, and site. These procedures result in real-time, accurate scores indicating the level of risk associated with the specific transaction.

Only the ThreatMetrix TrustDefender Cybercrime Protection Platform includes all of the necessary processes to detect and establish a complete risk profile. These essential processes include:

Profile Devices and Identify ThreatsThreatMetrix profiles and identifies anomalies indicating high-risk transactions originating from desktops, laptops, smart phones, or tablets through browser-based website access, and via mobile apps equipped with TrustDefender Mobile’s SDK.

Examine Users’ Identity and BehaviorThreatMetrix analysis incorporates comprehensive details about online user identities and behaviors—such as user name, password, email address and more—into a dynamic Persona ID, the foundation for precise risk assessment.

Configure Business RulesThreatMetrix offers a powerful yet easily customizable policy engine, which allows you to model your business process and incorporate your own tolerance for risk.

Validate Business PolicyThreatMetrix allows customers to constantly evaluate and verify risk scores, associated risks, and corresponding business policies.

Enable Detailed AnalysisThreatMetrix provides visualizations and analytical reports that allow your security and fraud analysts to see and understand business application activity, and take the necessary steps to improve security and reduce fraud.

The ThreatMetrix AdvantageThreatMetrix offers the broadest combination of defenses against fraud and cybercrime in a solution that does not burden your IT resources or your customers.

Rapid, lightweight deployment:The SaaS-based TrustDefender Cybercrime Protection Platform secures your applications without the need to add or deploy additional servers or infrastructure.

Up-to-date, global insight:Integration with the shared Global Trust Intelligence Network provides constant access to current threat intelligence derived from millions of continuing transactions.

Easily protect all applications across all business units Unlike solutions that require deep levels of integration, virtually any web-based application can easily add ThreatMetrix protection, thereby benefiting from threat intelligence collected anywhere within the organization and across the globe.

Real-time responsiveness:ThreatMetrix delivers near-instant, real-time insight from data gathered around the globe, so you always have the latest fraud-related intelligence.

About ThreatMetrixThreatMetrix builds trust on the Internet by offering market leading advanced fraud prevention and frictionless context based security solutions. These solutions authenticate consumer and workforce access to mission critical applications using real-time identity and access analytics that leverage the world’s largest trusted identity network.

ThreatMetrix secures enterprise applications against account takeover, payment fraud, fraudulent account registrations, malware, and data breaches. Underpinning the solution is the ThreatMetrix Digital Identity Network, which analyzes billions of transactions and protects hundreds of millions of active user accounts across tens of thousands of websites and mobile applications. The ThreatMetrix solution is deployed across a variety of industries, including financial services, enterprise, e-commerce, payments, social networks, government and insurance.

For more information or a demonstration of ThreatMetrix account takeover solutions, contact ThreatMetrix at sales@threatmetrix.com.

© 2015 ThreatMetrix. All rights reserved. ThreatMetrix, TrustDefender ID, TrustDefender Client, TrustDefender Cloud, TrustDefender Mobile, ThreatMetrix SmartID, ThreatMetrix ExactID, the TrustDefender Cybercrime Protection Platform, and the ThreatMetrix logo are trademarks or registered trademarks of ThreatMetrix in the United States and other countries. All other brand, service or product names are trademarks or registered trademarks of their respective companies or owners.