Turns out, crime does pay, at least for hackers committing identity theft over the Internet.

In the article, “Why Internet crimes go unpunished,” security expert Roger Grimes breaks down some interesting numbers around cybercrime, and how hackers are (to put it mildly) beating the odds. According to the FBI’s 2011 Internet Crime Report, of the more than 300,000 complaints that netted criminals $1.1 billion in 2010, law enforcement agencies convicted an average of one crook for every 50,635 victims. In other words, as Grimes eloquently states:

Steal someone’s identity and your odds of being caught are almost infinitesimal.

With all the hacks and fraud headlines 2011 will be remembered for, that’s definitely not the way we want to ring in the New Year. But as Grimes also warns, if we aren’t careful we could see history repeat itself as criminals not only continue defrauding computer users, but launch recycled attacks against the explosion of worldwide mobile device users, who could fall victim to the same old PC tricks. (more…)

iovation is continually developing new features to meet customer business challenges, keep pace with the constantly changing Internet environment, respond to great customer ideas, and meet our own internal strategic goals.

It’s been a busy year with a ton of new features and enhancements ranging from big to small. We thought we’d take a moment to share with you some of the highlights from 2011.

As with any technology, there are many, many things that go into a new feature including design, development, testing, documentation, integration and other operational requirements. We won’t go into that amount of detail here, but instead will focus on the primary achievements within each of the four principle areas of specialization at iovation, which include:

A few week’s back, I wrote how iovation’s fraud prevention service had been named as a finalist for the 2011 Red Herring 100 Global Award. This week we are proud to announce that iovation was named a Top 100 Global Company.

It’s truly an honor to follow in the footsteps of some of the most recognizable technology companies in the world such as Google, YouTube, Skype and eBay, who have all been previously selected to Red Herring’s prestigious Top 100 Global list.

This recognition is a direct result of years of hard work evolving our fraud protection service into a full spectrum device reputation solution that supports native and web integrations for mobile and desktop devices, tagged and tagless device recognition, real-time transparent risk scoring, and on-demand and scheduled reporting. Our remarkable growth is attributed to the collaborative work and effectiveness of our global device intelligence network, which today protects billions of transactions for our clients representing multiple industries around the globe. (more…)

While the term “online abuse” often conjures up thoughts of cyber bullying, predatory behavior and customer harassment, Internet-based businesses that experience abusive activity within their social communities have to immediately address customer trust and confidence issues. Otherwise, they risk unwanted conduct between subscribers, which can ultimately lead to financial implications for the organization.

We all know that the top priority for any IT fraud team is to ensure their good customers can safely and easily communicate and do business within their online environment. However, because many business websites have networking communities that bring likeminded individuals together to socialize, the potential for users or criminals to act inappropriately towards others can create problems that can impact the user experience. (more…)

If someone asked me to go “gold farming,” I’d probably assume we were going to grab a couple pans and head north to a stream in New Hampshire, and with any luck, strike it rich.

But gold farming doesn’t refer to literal gold. Rather, gold farmers accumulate virtual currency by playing massive multiplayer online games. That virtual currency, or “gold,” is then sold to other players, despite the fact that most game operators explicitly ban the exchange of in-game currency for cash. Gold farming is so lucrative, people in China and other developing nations can support themselves as full-time gold farming ring operators.

The Washington Post recently reported, “Low-educated laborers in Asia spend hours each day advancing through levels of an online game, picking up gold, swords and gems that enhance a player’s status. Then gaming studios, which employ the players, sell those virtual goods to online retailers. Finally, the retailers sell those items to more than 120 million players worldwide, many of them in North America and Europe, who are unwilling to play the games all day to gather the items on their own.” (more…)

When you think “prison camp,” you probably don’t picture a place resembling summer camp, with arts and crafts, hiking, swimming, and playing games. But in the Jixi prisoner labor camp in the coalmines of northeast China, they break rocks all day and play games at night.

Online games often reward players who accumulate a certain quantity of in-game points with cash payouts. Guards at this particular prison camp forced prisoners to do 12-hour shifts playing games, on top of their manual labor.

One former Jixi prisoner told The Guardian, “If I couldn’t complete my work quota, they would punish me physically. They would make me stand with my hands raised in the air and after I returned to my dormitory they would beat me with plastic pipes. We kept playing until we could barely see things.”

These prisoners were “gold farming,” monotonously repeating basic tasks within online games like World of Warcraft, in order to build up virtual currency. Gamers around the world are willing to pay real money in exchange for online credits, speeding up their progress within the game.

People in many developing countries have turned to gold farming in order to support themselves, but up to 80% of the world’s gold farmers are based in China, where as many as 100,000 people work around the clock to earn virtual points.

Game operators lose profits due to forced labor gold farming, and while they certainly want to stem their losses, they also have a humanitarian responsibility to the victims of this crime. iovation’s ReputationManager 360 is a proven service that helps protect against chargebacks, virtual asset theft, gold farming, code hacking, and account takeovers. The service identifies devices and shares their reputation as they are interacting with the game – setting off alerts that could relate to velocity triggers, geolocation, device anomalies, past gold farming abuse, financial fraud and lots more.

Many leading gaming publishers have been using iovation’s device reputation service for years to prevent game abuse upfront and ensure that their players have a safe and fun experience. These gaming publishers and iovation continually share information, the latest trends and best practices in order to stay one step ahead of the bad guys.

Robert Siciliano, personal security and identity theft expert contributor to iovation, discusses credit card fraud on NBC Boston. Disclosures

The Guardian reports, “South Korean police recently arrested five people who allegedly collaborated with North Korean hackers to steal millions of dollars in points from online gaming sites. Members of the gang, which included North Korea’s technological elite, worked in China and shared profits after they sold programs that allowed users to rack up points without actual play.”

Scammers resell stolen points to gamers, who use the points to play more games or to purchase equipment or accessories for their avatars. According to Seoul police, the cybercriminals behind this particular scheme made $6 million in less than two years. 55% of that went to the team of hackers, while some went to Kim Jong-il’s multibillion-dollar slush fund, which American and South Korean officials say is at least partially used to fund a nuclear weapons program. (more…)

Last night kicked off the Casual Connect Pre-Funk and Badge Pickup Party hosted by Mochi Media at the Fairmont Hotel Ballroom in Seattle.  The event was very well attended and more networking events are happening throughout the week, hosted by EA Partners, OpenFeint, TransGaming,  WildTangent and Corum Group.  The show expects to bring in 2,000 industry professionals for the 6th Casual Connect Seattle to discuss cutting-edge topics in the casual games space.

iovation is a bronze sponsor talking with gaming publishers and payments providers about effective methods for preventing fraud and abuse – such as chargebacks, gold farming and account takeovers.  Organized crime in online gaming is a serious and growing problem.

Many online gaming publishers are stopping fraud with iovation’s ReputationManager 360 fraud prevention and device reputation service.  Customers like Gravity Interactive, Nexon and SG Interactive (previously Ntreev) share fraud and abuse histories within our globally shared knowledge base of more than 650 million devices, keeping their games safe and their players happy. If you are attending the Seattle show, please stop by to see us in Benaroyal Hall, Table 23.

It has been a while since my last blog post as the infrastructure team at iovation has been hard at work building out our latest data center in the Westin Building located in Seattle. This new data center is situated in a brand new state-of-the-art facility within the Westin Building which I am going to walk you through here today. We find that in the SaaS industry the quality of provider’s facilities varies widely (and is very opaque) and so we are going to do our best to be transparent here by using photos liberally.

The Westin Building is easily the best connected facility in the Northwest United States. Via our patch panel in the meet-me-room we can rapidly connect to dozens of global telecommunications carriers serving the US, Asia, Canada, Europe, and the rest of the world with a simple fiber optic jumper cable. This facility is also home to the Seattle Internet Exchange on which we are a member.

If you are an iovation customer and would like to directly connect to us within this facility or across the SIX please contact me.

From an infrastructure point of view, keeping the iovation service online at all times and keeping the “bad guys” from harming our customers is always Job #1. To do this, we employ many levels of redundancy, both within a given facility, and between multiple facilities. As with any data center, this starts with the electrical power feeding the facility. Every piece of iovation equipment is fed from dual power sources which are completely redundant all the way back to the power utility. It should also be noted that power failures in Seattle are nearly nonexistent as the grid is extremely robust (fed largely by hydro-power).   (more…)

While everyone here at iovation is ecstatic about making the Portland Business Journal’s 2011 list of the Top 100 fastest-growing privately held companies, none of this would have been possible without the outstanding customer service our employees have provided through the years. (more…)

When talking to people on the street about fraud and abuse in multiplayer online games, they are often surprised that such a thing even exists! But the reality is that once a game reaches a certain level of popularity, it becomes equally attractive to the dark side.

Nexon America is one gaming publisher that takes this threat very seriously! They not only fight fraud and abuse head-on; they take a proactive approach with the assumption that every possible flavor of abuse will be attempted and they’re armed and ready for it.

At a recent fraud prevention user group for iovation’s gaming clients during E3 in Los Angeles, Nexon led discussions on preventing account takeovers, chargebacks and gold farming with other fraud professionals who attended. Gold farming (stealing virtual goods or using stolen credit cards to obtain them) is a serious abuse that destroys in-game economies and contributes to poor player experience. Additional topics that were covered during the iovation user group included friendly fraud, code hacking, password education, blacklists and biometrics, just to name a few. (more…)

I’m very proud to announce that iovation was recently positioned in the Visionary Quadrant of Gartner’s 2011 Magic Quadrant for the Web Fraud Detection. For a security provider who’s been helping customers across many industries prevent online fraud since 2004, we are pleased to receive this position in the analyst firm’s annual report.

The Visionary section of the Magic Quadrant recognizes security vendors whose products are easy to implement and have successfully reduced online fraud for their customers.   (more…)

Last night kicked off the LOGIN Conference Welcome Reception at the show’s brand new location at Meydenbauer Center in Bellevue, Washington.  The Meydenbauer is the second largest convention center in the greater Seattle area and Bellevue is home to online game studios such as Valve, ArenaNet, SOE, Bungie, and others.

LOGIN features two days of online game development lectures, panels, and roundtables, renowned local and international industry speakers, facilitated networking activities, parties, keynote lunches, and an exhibition area. Based on the excitement in the crowd at last night’s Welcome Reception, we’re in for a terrific show this year.  There’s a great lineup of speakers and some really interesting session titles, including:

• Giving Candy to Babies: Ethical Monetization for the Tween Set
• Gamification Will Eat Itself: How Gamification Can Evolve, and Why It Must

(more…)

It’s been described as the event that has the greatest potential for credit card fraud to ever occur in U.S. history. Fraud experts are saying that the recent Sony PlayStation Network data breach, in which hackers stole information on 77 million customers, could easily spill over to online retailers market if the cyber criminals got their hands on members’ credit card numbers.

In the Internet Retailer article, “Sony data breaches highlight the fraud risks online retailers face,” it was first disclosed that hackers made off with customers’ names, street addresses, email addresses and dates of birth. However, updated reports now say that up to 10 million credit cards may have been compromised. (more…)

Gaming websites, like banks and retailers, are forced to deal with online fraud and other abuses, which cost the industry hundreds of millions of dollars each year.

Many gaming sites have increased efforts to detect suspicious players, but savvy criminals have learned to mask their true identities, changing account information to circumvent conventional methods of fraud detection.

When players conspire to hack one game, they compromise the integrity of the entire website. Other players eventually realize that the deck is rigged against them and that the website’s fundamental security has been compromised. The website becomes useless to honest players, who take their business elsewhere. (more…)