Complex device identification
While “simple” device identification continues to be used in some industries, major financial institutions have moved on to more “complex” identification techniques. The use of singular, easily defeated attributes such as IP address, cookies, and tokens isn’t effective.
More complex techniques involve assessing larger sets of attributes and applying both pattern recognition algorithms and pattern-learning processes for device identification and recognition.
Moreover, any system that’s to be used effectively in today’s Internet environment must be adept at recognizing a wide variety of devices, from older PCs to the latest Android tablets.
However, simply using more complex methodologies for device identification and recognition isn’t enough. It’s critical to be able to assess, in real time, the risk posed by both the attributes and the behavior of the device.
Used effectively, devices are reasonable proxies for individuals. Understanding how those individuals are connected to each other, as well as their past and current behavior, is critical.
Device reputation provides that level of insight in real time.
Layered together, authentication capabilities (including out-of-wallet questions and analytics) and device reputation services offer a more comprehensive approach to meeting and exceeding FFIEC’s most recent guidance.
More importantly, they offer an effective and efficient means to mitigating risk in online environments and have been market-tested in the most challenging financial services applications.
KEIR BREITENFELD is senior of product management and marketing for Experian’s Decision Analytics business unit. His responsibilities include stewardship of Experian’s comprehensive suite of consumer and commercial authentication and fraud management products and services.
WASHINGTON (5/4/15, UPDATED 1:45 p.m. ET)--Building on the success credit union advocates are having in getting data breach legislation introduced in the U.S. Congress, today CUNA launches a new call to action to garner support for the recently introduced House Data Security Act of 2015 (H.R. 2205).