Scott Waddell, Chief Technology Officer, tells us about iovation's diverse device recognition techniques and methods for catching fraudsters who are attempting to evade detection.

Fraudsters use various techniques to try and disguise their devices in order to evade device recognition and fraud detection. No matter what technology fraudsters use, our multi-disciplinary recognition technology ensures that even if one technique fails, another will succeed. We watch for common evasion techniques such as unusual velocities, proxy usage, geolocation anomalies, and browser privacy configurations. We stay ahead of the latest techniques and continually update our technologies to beat fraudsters at their own game.

See https://www.iovation.com/fraud-detection-prevention to learn more about our fraud prevention solution and schedule a demo today.

Read the Full Transcript

Scott Waddell:
I'm Scott Waddell, CTO here at Iovation.

Scott Waddell:
Defense-in-depth is an important topic for our customers, and really forms the foundation of our products. We started out with an understanding of how to recognize end-user devices that are visiting our customers' web sites or using their apps. So that we can understand reputationally whether those devices have been getting engaged in fraud or abuse.

Scott Waddell:
Our customers over time have increasingly fed more and more intelligence into that system. That bolsters their ability to recognize behaviors not only within their own sites but across the consortium of customers that we serve.

Scott Waddell:
A significant component of that strategy involves looking beyond the device, to understand anomalous behaviors through velocity rules, rules that look suspect around device configurations, even geolocation anomalies.

Scott Waddell:
That all ties in with an evasion detection strategy, where it's every bit as important to understand when a fraudster may be trying to avoid detection to obfuscate location or identity, as it is to recognize good users when they're coming in the front door.

Scott Waddell:
There we apply techniques to understand when privacy tools are in use when obfuscation tools are in use — that may be trying to hide location or IP address and so on. But it's interesting how that's evolved in the last 10 years.

Scott Waddell:
A while back, not many people were using these privacy tools. They were really just kind of doing vanilla things with the browser, not too many plugins; only techies would be using things like Better Privacy or NoScript to try to obfuscate the data that may be collected by a web site.

Scott Waddell:
Today, because of concerns about government invasion of privacy, regulatory regimes like GDPR that are driving the right to be forgotten and right to erasure in the EU, a lot more normal users are using these kinds of privacy tools and obfuscation techniques. So that defense-in-depth takes on a new nuance, where you've really got to have the expertise to understand when those signals matter, and when they don't.

Share