The White House’s new plan for strengthening authentication and identity verification on the web is a good first step for securing identities in online transactions and creating a trusted digital environment. In the draft strategy, entitled the “National Strategy for Trusted Identities in Cyberspace” (NSTIC), the government calls for an Identity Ecosystem, an online environment where individuals, organizations and devices trust each other because authoritative sources establish and authenticate their digital identities. (more…)

As many of the online game industry’s most respected leaders and innovators convene in Seattle next week for the LOGIN Conference, we look forward to seeing familiar faces and meeting new friends at this year’s event.

As always, the show will feature some of the industry’s top names sharing their ideas about advancements in technology and design, the future of digital games, and how online games and virtual worlds are helping solve real-world business issues.

iovation has a particular interest in this show because we actively protect over 20 gaming clients and their legitimate players from all forms of fraud and abuse. Each day, our device reputation technology helps more than 75 individual online games identify bad players in their virtual environments — and keep them from returning — to build a safer and more trusting online gaming experience for their good customers. (more…)

I’m very proud that iovation was included in the 2010 OnDemand Top 100, as selected by the AlwaysOn staff and other industry experts across the globe. This list recognizes companies for creating new opportunities in cloud computing and SaaS.

AlwaysOn asserts that the selected companies are developing game-changing approaches and technologies that are likely to disrupt existing markets. Selection criteria include innovation, market potential, commercialization, shareholder value and media buzz. Quoting Tony Perkins, founder and editor of AlwaysOn:

“As the digital information created by businesses continues to explode at astronomical rates, the need to store, manage, and share this information is becoming extremely challenging. By providing innovative technologies that help enterprises better compete in this new era of information complexity, the OnDemand 100 represent some of the highest growth opportunities in the private company marketplace.”

It’s an honor to be recognized by industry experts for pioneering the use of device reputation to help online businesses fight fraud and abuse. The only thing better is recognition from customers that use our service every single day. (more…)

While overall percentages of online fraud continue to climb, one of our partners in fighting cyber crime, Retail Decisions (ReD), reported that card payment fraud in the UK dropped an estimated 15% last year. According to the article, “ReD Estimates a 15% Drop in UK Card Payment Fraud in 2009,” the value of online, mail order and telephone order fraud dipped to GBP278 million in 2009 from GBP328 million in 2008.

Retail Decisions CEO, Carl Clump, credits innovations in fraud prevention technologies for the estimated 15% decline over the past year. This defied the trend where overall CNP (card not present) fraud losses have grown consistently over the past five years. Despite the total drop in losses, Clump was quick to point out that the current trend, which would continue well into 2010, may not be here to stay. (more…)

Online retailers are losing on average 1.2% of their total revenue to online fraud. That’s according to a recent survey conducted by the Merchant Risk Council and reported in the article, “Fraud is costing online merchants 1.2% of revenue, survey finds.” Not surprising, the more automated fraud screening tools a company used, the lower their fraud rates were.

For large online merchants that used 7.9 fraud tools, fraud losses dropped to 0.9% of their revenue compared to the 4.7 average tools for all survey respondents. Reported fraud rates for international orders were also lower for large online retailers by a 1.4% to 2% margin, compared to all companies who participated in the survey. (more…)

Security experts from around the globe will soon meet in Nigeria to help boost the West African country’s parliament to fight Internet fraud and terrorism worldwide. In the article, “Foreign cybercrime experts to partner with lawmakers,” anti-cyber crime and terrorism experts from the US and other European countries will partner with members of the National Assembly to explore the extent of the fraud problem in Nigeria and discuss strategies to combat it.

Over the years, online schemes operating out of Nigeria have cost victims millions in fraud losses. The proposed conference of worldwide anti-fraud, economic and strategic Nigerian government agencies and groups will evaluate the country’s electronic payment system and ensure that measures are taken to protect public funds for a new payment system and other online transactions. (more…)

For some time now I’ve been writing about the importance of businesses working together to combat cyber crime. Echoing this sentiment is retired Air Force General Dale Meyerrose, who sat down this week with The New New Internet to discuss the importance of building partnerships, the challenges of building those alliances, and the question of who is ultimately responsible for protecting critical infrastructures in cyberspace.

In the article, “Cybersecurity Partnerships are Absolutely Critical, says Gen. Dale Meyerrose,” Meyerrose, now the VP for Cyberspace Solutions at Harris Corporation, expressed his concerns surrounding cybersecurity and the economic impact of cyber crime:

“The [issue] of most concern to me is cyber crime… elements of cyber crime, particularly economically for our country, have come to the point where we need to really be concerned. There have been estimates that we’ve lost over a trillion dollars a year to cyber crime in the last couple years. And it now exceeds all other crime in terms of the amount of money.” (more…)

The Merchant Risk Council, which brings U.S. businesses together to help combat online fraud and abuse, is taking its experience abroad. The Seattle-based association announced that in April it will launch MRC Europe to help European merchants improve their e-payments strategies and share best practices for managing online payment risk.  The inaugural event will take place April 21 and 22 in Brussels, Belgium at the NH Hotel du Grand Sablon.

Executive Director, Tom Donlea, said expanding the merchant-led program is a natural extension for the MRC because both the U.S. and Europe share common problems associated with online payment fraud.

“U.S. and European online merchants face many of the same fraud issues, security risks and payment challenges—there are nuances that MRC Europe will adapt to best serve European merchants.”

(more…)

Identity fraud, and the number of its victims, continues to rise each year.

According to a recent article,  “Number of identity fraud victims jumps,” a Javelin Strategy & Research survey found that the total number of ID fraud victims in the U.S. rose to last years to 11.1 million—a 12% increase over the year before. The study also found that 2009 losses due to ID fraud totaled  $54 billion (in comparison  $48 billion in 2008).

But why, with so many anti-fraud management solutions and techniques available, does ID fraud continue to climb year-over-year? According to James Van Dyke, president and founder of Javelin, the continual evolution of technology is one of three main factors contributing to the increase of Identity fraud. Van Dyke sees online crime continuing to escalate, due to: (more…)

It’s been said that the best offense is a good defense. But how do you defend against something that’s always changing? That’s an important question for IT security professionals who know that it’s only a matter of time before cyber criminals find ways to take advantage of the inherent weaknesses in even the best technologies.

The harsh reality is that today’s cyber criminals are so tech savvy and innovative that staying one step ahead of them isn’t always possible. That’s why, when it comes to network security, a good defense should be made up of several different layers. That way, even if a hacker is able to exploit vulnerability in one layer of the system, he may be stopped or slowed down by another. This strategy, known as defense in depth, essentially allows organizations to protect the integrity of their systems by slowing hackers down and buying security professionals the time they need to respond to a security breach once it has occurred. This mitigates the damage that malicious hackers can do, even if they are able to make it past initial barriers. (more…)

A recent survey revealed that the overall perception of online fraud continues to be a growing concern for both online merchants and consumers. The result, not surprisingly, is a lack of consumer confidence and, therefore, the loss of profits for online businesses. An article, “Online retailers see fraud as a major threat,” summarizes the findings of Cybersource’s 2010 UK Online Fraud Report, and includes some eye-opening statistics about how fraud – and the perception of fraud – directly impacts the shopping habits of online consumers and the fraud policies of Internet businesses.

From the point of view of retailers, the survey found:

• 57% of merchants see online fraud as the greatest threat to their business
• Merchants expect to lose an average of 1.8% of their income to online fraud
• Merchants reject 4.6% of online orders due to suspicion of fraud

When it came to consumer attitudes about fraud, the study found:

• 71% of all consumers had concerns about online fraud
• 50% of people still don’t shop online in the UK (representing a large untapped market)
• 78% said they would never use their mobile phone to make purchases (more…)

A recent fraud study conducted by Javelin Strategy & Research and LexisNexis confirmed what we already knew: identity fraud is on the rise, and so are the losses that online merchants face. What we learned from the report, however, is that the impact on retailers is much worse than originally thought.

Based on the study results released by LexisNexis, U.S. retailers incurred losses of $191 billion in 2008 due to identity theft, stolen merchandise and fees associated with chargebacks. Even more alarming is the fact that, between the three primary groups surveyed—merchants, financial institutions and consumers—the cost of fraud to retailers is almost 10 times greater than the losses absorbed by financial institutions and 20 times greater than the losses suffered by individual consumers. (more…)

After a three-year investigation by the FBI and the UK’s Serious Organized Crime Agency (SOCA), British authorities announced they have arrested the sophisticated network of cyber criminals behind DarkMarket, one of the world’s top criminal websites. The site, which operated out of an unassuming London Internet café, was an international cyber supermarket for stolen credit card and bank account information that officials say has cost the banking industry tens of millions of dollars. (more…)

How much money has the world lost to e-crime so far? … A trillion dollars. That’s the estimated annual cost of e-crime worldwide, according to a recent article, “National online-fraud helpline to launch in April.” Despite the staggering losses attributed to online crime, victims of such crimes—both individuals and businesses—have not had a simple option for reporting them. Hopefully this is about to improve, with the UK’s new Action Fraud helpline, one of the first attempts at streamlining a call-in process for victims to report online crime.

I commend the National Fraud Reporting Centre (NFRC) for getting the hotline going. The helpline will allow individuals and small businesses to report cyber crime to a central agency, simplifying what would otherwise be a confusing process involving potentially several different government ag encies. A similar effort in the U.S., the Internet Crime Complain Center (IC3), currently allows individuals to file complaints of internet fraud through its website. (more…)

Velocity-based rules have long been used by merchants to help identify potentially fraudulent online behavior. Typically, velocity-based rules function by looking at commonalities in personal information, across accounts and transactions. For example, a warning may be set off if multiple accounts, or multiple orders, all have different names but the same shipping address. Another example might be if multiple accounts were all set up using the same password.

Unfortunately, these kinds of velocity checks are of limited value against more sophisticated fraudsters who have the information, the technology, and the general savvy to set up multiple accounts that all, on paper, look completely different—different names, different credit card numbers, different shipping addresses, different IP addresses. (more…)