ThreatMetrix Introduces Behavioral Analysis in the ThreatMetrix Cybercrime Defender Platform

ThreatMetrix Introduces Behavioral Analysis in the ThreatMetrix Cybercrime Defender Platform

ThreatMetrix, the fastest-growing provider of integrated cybercrime prevention solutions, today announced the introduction of behavioral analysis in the ThreatMetrix Cybercrime Defender Platform via the ThreatMetrix Persona ID Rules, enabling real-time linkage of a current transaction to related transactions through a matrix of attributes associated to the visitor, device and connection. 

ThreatMetrix Persona ID Rules uncovers anomalous behavior in real-time through the association of related activity and connected entities such as email addresses, transactions, accounts, devices, IP addresses, geo-location, proxies, and physical addresses.  It also allows the use of custom fields such as credit cards for creating customer-specific user profile building. The Rules then score the divergence (anomalies) or convergence (similarities) between current and historical attributes.

The historically separate worlds of fraud and security are now able to merge with ThreatMetrix, providing companies with a comprehensive view of the threat landscape. If an identity is stolen and replayed on a compromised device in the hands of a cybercriminal or foreign state actor, ThreatMetrix can detect the threat through the ThreatMetrix Persona ID Rules and send an alert.

“Cybercriminals and cyber-terrorists are exploiting the fact that many of today’s traditional authentication and verification systems rely largely on breached personal data, which is easily discoverable or self-disclosed on popular social networks,” said Alisdair Faulkner, chief products officer, ThreatMetrix.

In 2012 alone, cyber-attacks resulted in data breaches at high profile brands such as Yahoo!, eHarmony, Zappos, LinkedIn, Global Payments and many others. The result is that hundreds of millions of personally identifiable information entities including credit cards, Social Security numbers, passwords and other data have fallen into the hands of cybercriminals.

“We circumvent these attacks through the ThreatMetrix™ Global Threat Intelligence Network that is a repository of devices, anonymized identities, transactions and interactions,” added Faulkner. “We enable our customers to query this repository in real-time to determine whether a transaction is a legitimate customer or actually a cybercriminal hiding behind a spoofed or stolen alias. ThreatMetrix Persona ID Rules helps create a user profile through link analysis of the user’s devices in conjunction with all their related entities and activity over time.”

With the wealth of historical information stored in the ThreatMetrix Global Threat Intelligence Network – which analyzes more than 300 million monthly transactions in real-time – and bolstered by the Persona ID Rules , ThreatMetrix customers can now:

  • Assess the risk associated with the person or device engaged in an online transaction.
  • Examine related transactions and determine whether they have been flagged as high risk in the past.
  • Identify a legitimate customer based on whether the device and identity associated has been flagged as low risk in previous transactions.
  • Provide a more comprehensive view of a visitor’s identity based on historically related transactions linked to the same identity or device.
  • Detect unusual velocities in identities. For example, if transactions coming from an identity are flagged low risk or without any associated historical incidence of fraud, a business can safely screen the transactions in real-time for a frictionless, positive customer experience.
  • Determine if a device seen across multiple identities,  time zones and geographies is flagged as suspicious, relative to the norm.

“All ThreatMetrix identities collected in the ThreatMetrix Global Threat Intelligence Network are anonymized to enable the sharing of data without compromising or leaking personal data,” said Faulkner. “In comparison to other identity profiling solutions, only ThreatMetrix matches the device – computer, tablet or smartphone – used in a transaction. This gives financial service firms, e-commerce companies, government agencies, enterprises and social media networks confidence that the device used in a transaction has ownership of identities and vice versa.” 

ThreatMetrix Persona ID Rules is available for demo at the RSA Conference 2013 in San Francisco at booth 3203.


About ThreatMetrix

ThreatMetrix is the fastest-growing provider of integrated cybercrime prevention solutions. The ThreatMetrix™ Cybercrime Defender Platform helps companies protect customer data and secure transactions against fraud, malware, data breaches, as well as man-in-the browser (MitB) and Trojan attacks. The platform consists of advanced cybersecurity technologies, including TrustDefender™ ID, which is cloud-based, real-time device identification, malware protection with TrustDefender™ Cloud and TrustDefender™ Client, as well as TrustDefender™ Mobile for smartphone applications.

Recently named to the Wall Street Journal’s “Next Big Thing” listing of the top 50 start-ups in the U.S., the company serves a rapidly growing global customer base across a variety of industries, including financial services, e-commerce, payments, social networks, government, and insurance. For more information, visit or call 1-408-200-5755.

© 2013 ThreatMetrix. All rights reserved. ThreatMetrix, TrustDefender ID, TrustDefender Cloud, TrustDefender Mobile, TrustDefender Client, the ThreatMetrix Cybercrime Defender Platform, ThreatMetrix Labs, and the ThreatMetrix logo are trademarks or registered trademarks of ThreatMetrix in the United States and other countries. All other brand, service or product names are trademarks or registered trademarks of their respective companies or owners.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.