Analytics
10/17/2012
01:33 PM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%

Experian And Iovation Collaborate To Prevent Fraud With Identity Verification And Device Reputation

Integrated offering will use Experian's Precise IDSM platform

COSTA MESA, Calif., Oct. 11, 2012 /PRNewswire/ -- Experian® today announced that it is working in partnership with iovation, the Device Reputation Authority(TM), to provide a comprehensive suite of identity verification and device reputation services. These services protect businesses and agencies that deliver customer services via both online and mobile access channels from fraudulent transactions, fraud rings or recurring fraud activities.

The two companies will work together globally to fight fraud by using a combination of identity authentication, shared device reputation and real-time risk evaluation. The integrated joint offering will utilize Experian's industry-leading Precise IDSM platform. The platform features risk-based authentication encompassing highly predictive risk assessments through a combination of identity element verification, risk scoring, progressive out-of-wallet questioning and comprehensive decisioning based on a holistic view of an identity in use. This combination helps to refine decisions on which identities should be allowed to enter a system and which should be further verified via alternate processes.

"Experian is committed to security, and by working with iovation we are able to leverage our combined expertise and provide our clients with the technologies to help them prevent fraud and achieve optimal efficiency while minimizing customer friction," said Charles Chung, president of Decision Analytics North America at Experian. "We are excited to be working with an innovative company such as iovation that is on the vanguard of online trust, reputation and fraud prevention technologies."

Working in tandem with Experian's Precise ID platform, iovation's ReputationManager 360 service utilizes the past and current behavior of more than 1 billiondevices to identify and re-recognize devices logging into an organization's Website in real time. This unique approach also exposes relationships among accounts with multiple vendors and identifies all of the devices associated with an individual without needing personally identifiable data. Doing so helps businesses prevent fraudulent transactions before they happen and root out fraud rings or recurring fraud activities -- all while protecting the privacy of consumers.

Experian and iovation have worked together to show U.S. financial institutions how to implement the recent FFIEC Guidance entitled Supplement to Authentication in an Internet Banking Environment, which asks financial institutions to mitigate risk using a variety of processes and technologies employing a multilayered approach. The joint offering from Experian and iovation allowed businesses to meet these requirements and move beyond simple device identification to complex device identification and out-of-wallet identity verification procedures.

"We are thrilled to collaborate with Experian on helping our joint clientsavoid fraud losses by stopping cybercriminals before they damage their business or customers. Combining iovation's power of device reputation with Experian's extensive identity-based services is game-changing," said Jon Karl' co-founder and vice president of corporate development at iovation. "iovation is committed to identifying suspicious activity, exposing the size and scope of problems, and helping our customers know whom to trust online."

About iovation

iovation protects online businesses and their end users against fraud and abuse through an industry-leading combination of shared device reputation and real-time risk evaluation. 2,000 fraud managers around the globe leverage iovation's database of Internet devices and relationships between them to determine the level of risk associated with any type of online transaction.

Retail, financial services, social network, gaming and other companies make real-time queries to iovation's knowledge base of more than 1 billion devices from every country in the world. Every day, iovation stops over 150,000 fraud attempts. For more information, visit http://www.iovation.com.

About Experian

Experian is the leading global information services company, providing data and analytical tools to clients around the world. The Group helps businesses to manage credit risk, prevent fraud, target marketing offers and automate decision making. Experian also helps individuals to check their credit report and credit score, and protect against identity theft.

Experian plc is listed on the London Stock Exchange (EXPN) and is a constituent of the FTSE 100 index. Total revenue for the year ended March 31, 2012, was $4.5 billion. Experian employs approximately 17,000 people in 44 countries and has its corporate headquarters in Dublin, Ireland, with operational headquarters in Nottingham, UK; California, US; and São Paulo, Brazil.

For more information, visit http://www.experianplc.com.

Experian and the Experian marks used herein are service marks or registered trademarks of Experian Information Solutions, Inc. Other product and company names mentioned herein are the property of their respective owners.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Threat Intel Today
Threat Intel Today
The 397 respondents to our new survey buy into using intel to stay ahead of attackers: 85% say threat intelligence plays some role in their IT security strategies, and many of them subscribe to two or more third-party feeds; 10% leverage five or more.
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-3341
Published: 2014-08-19
The SNMP module in Cisco NX-OS 7.0(3)N1(1) and earlier on Nexus 5000 and 6000 devices provides different error messages for invalid requests depending on whether the VLAN ID exists, which allows remote attackers to enumerate VLANs via a series of requests, aka Bug ID CSCup85616.

CVE-2014-3464
Published: 2014-08-19
The EJB invocation handler implementation in Red Hat JBossWS, as used in JBoss Enterprise Application Platform (EAP) 6.2.0 and 6.3.0, does not properly enforce the method level restrictions for outbound messages, which allows remote authenticated users to access otherwise restricted JAX-WS handlers ...

CVE-2014-3472
Published: 2014-08-19
The isCallerInRole function in SimpleSecurityManager in JBoss Application Server (AS) 7, as used in Red Hat JBoss Enterprise Application Platform (JBEAP) 6.3.0, does not properly check caller roles, which allows remote authenticated users to bypass access restrictions via unspecified vectors.

CVE-2014-3490
Published: 2014-08-19
RESTEasy 2.3.1 before 2.3.8.SP2 and 3.x before 3.0.9, as used in Red Hat JBoss Enterprise Application Platform (EAP) 6.3.0, does not disable external entities when the resteasy.document.expand.entity.references parameter is set to false, which allows remote attackers to read arbitrary files and have...

CVE-2014-3504
Published: 2014-08-19
The (1) serf_ssl_cert_issuer, (2) serf_ssl_cert_subject, and (3) serf_ssl_cert_certificate functions in Serf 0.2.0 through 1.3.x before 1.3.7 does not properly handle a NUL byte in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers...

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Dark Reading continuing coverage of the Black Hat 2014 conference brings interviews and commentary to Dark Reading listeners.