Combating Cyber Fraud with IP Intelligence

When it comes to cybersecurity trends, good news can be hard to come by. A recent report on cyber fraud did find a rare silver lining.

istock 86300521 large

When it comes to cybersecurity trends, good news can be hard to come by. A recent report on cyber fraud did find a rare silver lining. Compared to the first quarter of 2016, the first quarter of 2017 registered a 34.7% drop in worldwide cyber fraud, according to the May 2017 edition of the Global Fraud Index.

Still, the annual fraud survey, conducted by PYMNTS and Signifyd, found plenty of reason to remain concerned about cyber fraud. Despite the overall decline, merchants across eight industry sectors were still expected to lose $48.2 billion in 2017. And, beneath the positive trend number, some sectors still saw significant fraud spikes. From Q1-2016 to Q1-2017, for example, fraud rates shot up by 146.5% in the online department store segment within online retail.

For ecommerce vendors, financial institutions, and other targeted organizations, fighting cyber fraud comes down to answering a seemingly simple question: Who is trying to connect to my systems? Given the ability of criminals to use stolen credentials, or to create synthetic identities of their own, answering this question is far from a simple exercise. The bedrock elements of most authentication systems – user IDs and passwords – can’t hope to counter fraud attempts on their own.

As with all things in the cybersecurity realm, fraud prevention demands multidimensional and comprehensive defenses. These defenses need to encompass both offline and online data sources, including a drivers license, postal addresses, phone numbers, email addresses, device type, and known fraud patterns, among others. Some of the most critical information used to verify both identity and location comes from IP Intelligence.

Broadly speaking, IP Intelligence can provide organizations with two required pieces of information: the location of the user/device initiating the contact and the “reputation” of the IP address itself.

As discussed in an earlier post, some IP Intelligence services leverage sophisticated analytics, paired with extensive online directories registries, to provide accurate geolocation information for connecting devices. Fraudsters often attempt to hide their true locations via multiple Internet hops and other techniques, but a strong IP Intelligence capability see through these tricks.

Determining which IP addresses are likely safe, and which may be risky, also requires a broad and deep analysis. For its IP Reputation service, Neustar draws from the billions of online queries it sees each day to provide two types of scores for any given IP address. The Real User score indicates the likelihood that traffic is coming from a bot rather than from an actual person. The Risk score, ranging from 1 to 100, flags whether an IP address has been associated with malicious activity in the past.

Just as with user IDs and passwords, IP Intelligence alone isn’t a magic bullet for shooting down fraudulent online activity. But, without IP intelligence, defending against fraud becomes a much more challenging endeavor. The location and the reputation of a contacting IP address can often be the determining factors in confidently answering, “Who is trying to connect to my systems?”


Copyright © 2017 IDG Communications, Inc.