As spring is in full swing, so are the advertisements for upcoming concerts. I, for one, look forward to getting on my Harley, snagging easy parking, and taking in a few shows this year. And, as with all seasonal activities and events, scammers are gearing up to take advantage of another opportunity to prey upon unsuspecting victims looking for a last-minute deal.

There are many options for purchasing tickets online, but not all are safe and secure. One Forbes blogger revealed how he was scammed when attempting to purchase NFL tickets. And how did he encounter these scammers? Through Craigslist.

“The seller had a Gmail account and a cell phone number and a plausible-ish explanation about why he couldn’t use them, and he was willing to meet her in person to hand them over, and they looked more or less like the last tickets I bought. So we bought them. And we went to the stadium gate, where the guy who scanned our bar codes told us we had to go to Will Call, and the lady at Will Call took one look at our tickets and pronounced them fakes.” Read the rest of this entry »

Your success in stopping online fraud and abuse is largely determined by the fraud prevention techniques you employ and how you measure transaction risk. With cybercriminals pushing the limits to exploit vulnerabilities, it’s imperative that organizations educate themselves about security trends, best practices and the latest tools available to thwart evolving fraud threats.

To empower fraud analysts, iovation will be sharing some of the methods that online businesses are using to fight fraud, in an upcoming webinar titled, “Top 10 Business Rules Used by Online Merchants,” on Wednesday, May 23rd from 9:00-10:00 am PDT.

Of course, we can’t share everything, but we will provide insight into some of the business rules and levers that you can adjust to decrease manual reviews, identify suspicious activity much more quickly, and automate transactions flowing into your “accept, deny or review” queues.

iovation’s Vice President of Global Sales, Max Anhoury, and Senior Implementation Manager, Anthea Karl, will lead this discussion on proactively assessing risk and determining which transactions to trust and which to reject. The webinar will discuss important fraud detection topics such as: Read the rest of this entry »

I’m so proud to be part of the iovation team.

This week at the TechAwards, iovation was awarded the 2012 Technology-Service Company of the Year. The award recognizes the Technology-Service company that has made the biggest positive impact to their customers and to Oregon. I was honored to accept this award on behalf of everyone at iovation who work tirelessly to protect our customers from fraud and abuse. We’ve been recognized with similar awards over 30 times in as many months.

While public recognition is always appreciated, I’m even more proud of the things that happen behind the scenes.

In addition to efficacy, ROI, cutting edge technology and roadmap, new customers often cite our exceptional team as reasons they love working with us. Our team routinely receives high marks and compliments from our clients through qualitative and quantitative customer surveys. And best of all, I regularly receive unsolicited phone calls or emails from customers going out of their way to express their appreciation for various members of our team.

Congratulations to the entire iovation team for being recognized as the 2012 TechAwards Technology-Service Company of the Year. And thank you for all your hard work and dedication that is also being recognized off-stage.

- Greg

To see photos from the awards banquet, please visit: facebook.com/iovation

EFTPOS skimming has become increasingly prevalent over the past few years. EFTPOS skimming—which stands for “electronic funds transfers at the point of sale”—involves either replacing the self-swipe point of sale terminals at cash registers with devices that record credit and debit card data, or remotely hacking a retailer’s POS server.

In one such case, Romanian hackers are alleged to have remotely accessed hundreds of small businesses’ POS systems and stealing enough credit card data to rack up fraudulent charges totaling over $3 million. The hackers’ targets included more than 150 Subway restaurant franchises and at least 50 smaller retailers. Read the rest of this entry »

My experience tells me that most security experts would agree that online gambling fraud is not a war to be won. Rather, it’s an ongoing battle that requires early detection to prevent the latest threats from becoming problems that impact profits, members and business reputations.

While encouraging reports like the UK Cards Association announcement in March show how credit card, debit card and online banking fraud losses have declined over the past three years, this doesn’t mean that the fight is over. On the contrary, we know how tenacious fraudster are, and that it’s merely a matter of time when cyber crooks create new schemes to launch against the online gambling industry. Read the rest of this entry »

Contrary to popular belief, cybercriminals are hard workers. They work long hours, often through the night. In fact, many are “third-shifters”—up late at night, into the early morning hours.

For example, the number one online fraud offender does his best work at 1:00 am local time in Ghana, or 5:00 pm PST. For the number two fraud offender, it’s 6:00 am Nigerian local time, or 9:00 am PST. And for number three, it’s 3:00 am in the Philippines, 11:00 am PST. That’s just one of many times when “carders,” who steal credit card numbers, take over existing accounts.  Read the rest of this entry »

Just about anyone can set up a fake account on just about any website. Facebook and other social media sites are popular targets due to the amount of traffic they get and the variety of scams that can be perpetrated against legitimate users.

Facebook estimates that as of December 31, 2011, false or duplicate accounts represented approximately 5-6% of monthly active users, but also stated, “This estimate is based on an internal review of a limited sample of accounts and we apply significant judgment in making this determination, such as identifying names that appear to be fake or other behavior that appears inauthentic to the reviewers. As such, our estimation of false or duplicate accounts may not accurately represent the actual number of such accounts.” Read the rest of this entry »

For the 12th year in a row, identity theft complaints top the list of consumer complaints [PDF] received by the Federal Trade Commission. 15% of more than 1.8 million total complaints filed in 2011 involved identity theft.

Javelin Strategy & Research estimates that nearly 12 million Americans were victims of identity theft in 2011—a 13% increase over 2010. Interestingly, but not surprisingly, Javelin attributes this increase to the proliferation of smartphones and the popularity of social media, in addition to several major data breaches resulting in tens of millions of records being leaked.

Websites like Facebook certainly provide a great deal of data that can be used to help criminals crack knowledge-based passwords, and websites like LinkedIn make it easy for criminals to gather additional intelligence in order to conduct social engineering scams. Meanwhile, smartphones have become the keys to many of our digital lives now that we use them for social media, online shopping, and online banking. Smartphone users are even more likely to be victimized if they neglect to password-protect their devices, which are often lost or stolen. Read the rest of this entry »

It is my pleasure to announce that iovation has launched another new datacenter which is now actively serving content to our end users located in Europe. With this rollout we have reduced background content load times by an order of magnitude for many European sites, improved the quality of our device printing, and improved the efficacy of the iovation Real IP capability.

In order to ensure high levels of service quality, iovation monitors our service performance from a network of 75 nodes globally around the world. After the launch, the load times were reduced significantly from each of 17 European region monitoring nodes. Read the rest of this entry »

Recent results from BankInfoSecurity’s Faces of Fraud 2012 Survey found that the updated FFIEC Authentication Guidance has prompted financial institutions to increase investments in fraud resources over the next 12 months. Along with those findings, however, the study also revealed the level of confusion that banks still have in complying with the new security recommendations.

Fifty-eight percent of the more than 200 banks and credit unions surveyed said they plan to increase investments in fraud resources by 10-20% in 2012. Despite these increasing numbers, only 11% said they have come into conformance with the guidelines. Adding to that was the fact that half of the respondents said they don’t conform now, and nearly a quarter said they are unsure of their state of conformance.

This confusion around the FFIEC’s best practice suggestions, and the uncertainty about which are the most effective security tools to invest in, is disconcerting to Gartner analyst, Avivah Litan. Read the rest of this entry »

With new types of online attacks emerging every day, the security industry is learning the power of sharing device intelligence to fight online fraud and abuse. For iovation and our customers, this is not an untested concept, it’s a proven practice that stops more than 150,000 online fraud incidents each day.

For our valued clients, iovation will be hosting a Fraud Force User Group Meeting on June 5th at the Chicago Hard Rock Hotel. This is a unique opportunity for clients to share insight and perspectives on fraud trends, complex device identification, and layered fraud prevention techniques.

Bringing together major online businesses from around the world in an intimate setting can provide valuable insight into how to better protect these sites, plus attendees will better understand how to get the most out of iovation’s device reputation technology. iovation clients participate in Fraud Force user groups to:

• Maximize business rules to optimize early fraud detection
• Review new and improved device categorization
• Discuss mobile trends, fraud strategy and daily workflow
• Review ReputationManager 360 beta features
• Understand the product roadmap and have an opportunity to provide input
• Integrate out-of-band authentication and verification products into their strategy

This full-day user group is exclusively reserved for iovation clients only. To learn more and RSVP for this upcoming event, please visit http://www.iovation.com/user-group-chicago.

Providing innovative fraud-fighting services that online businesses can use to prevent fraud and abuse is what iovation is all about. Our recent announcement that we’ve joined forces with TeleSign,a market leader in phone authentication and verification, is one such example. The partnership furthers our commitment to provide the most ground-breaking online security solutions available.

By combining iovation’s ReputationManager 360 fraud preventative solution with TeleSign 2FA, phone authentication and verification services, we are proud to offer the industry’s first solution that pairs a phone-based authentication and verification service with a global device reputation tool to fight online fraud.

Bringing together our security solutions is essential to combatting online fraud in today’s evolving mobile marketplace. By having a powerful, multi-layered intelligent authentication process in place to proactively identify and verify high-risk transactions whether they are initiated by a computer or a mobile device such as a tablet or smartphone, gives online consumers and businesses an additional layer of protection and confidence when purchasing goods and communicating on e-commerce websites or deciding whether to accept or reject online customer transactions. Read the rest of this entry »

Aside from preventing online fraud and abuse from occurring in the first place, nothing is more satisfying than knowing our efforts not only limit fraud losses for businesses, but also protect consumers.

We recently announced how iovation’s ReputationManager 360 online fraud prevention solution played an instrumental role in helping the Kirkland, Washington Police Department bust an identity theft and retail fraud ring that targeted 20 major retailers and victimized at least 15 people that resulted in tens of thousands of dollars in fraudulent charges.

Leveraging iovation ReputationManager 360, online retailers, credit issuers and law enforcement are able to connect the dots between fraudulent transactions and high-risk devices. In this particular case, what started out as a single fraud incident resulted in the discovery of more than a dozen additional victims tied to the same fraudulent device. Read the rest of this entry »

Account takeover and fraudulent account creation have long been a thorn in the side of financial institutions. So much so that it seemed as though criminals specializing in these types of fraud tactics targeted banks exclusively. But times have changed, and new trends indicate that account takeover and fraudulent account creation is no longer limited to banking institutions. Today, they are becoming an increasing problem for online merchant accounts, too.

On Monday, March 26th, iovation’s vice president of corporate development, Jon Karl, and Experian’s product manager director of fraud and identity solutions, Ken Pruett, will lead a interactive session addressing these and other online fraud threats at the 2012 Merchant Risk Council (MRC) Annual e-Commerce Payments and Risk Conference in Las Vegas.

In the Merchant Focus Group, “Account Takeover and Identity Theft — An Increasing Merchant Threat,” Jon, Ken and others will share their insights into this growing trend and how successful fraud-fighting teams are currently detecting and combating both account takeover and identity fraud. Key topics and takeaways from this session will include:

• What tools are available and being used to detect account takeover and identity theft
• How to layer these tools for optimal protection levels
• Account behaviors and patterns that indicate a threat
• Best practices for balancing safeguards versus customer friction
• An understanding of the source problems that create a conducive identity theft or account takeover environment

Read the rest of this entry »

Running a successful online business requires the ability to proactively associate and identify high-risk transactions that, if not caught in real-time, can significantly impact the safety of your customers, operational efficiency and overall business profits.

Allowing merchants to share collective fraud evidence on unique Internet-connected devices including computers, tablets and mobile phones can play a critical role in mitigating online payment risks on the tens of thousands of transaction requests online companies receive each day.

Due to iovation’s unique ability to provide businesses with powerful device intelligence to prevent all types of online fraud and abuse, we are proud to announce our ReputationManager 360 solution has been selected as a finalist for the 2012 Merchant Risk Council (MRC) Emerging Technology Award (METAward). This is the second straight year we have been so honored. Read the rest of this entry »