retail cyberthreat summit: insights and strategies from industry experts
DESCRIPTION
Over the past year, some of the largest US retailers have been under attack by well-organized criminal syndicates who have identified vulnerabilities in their networks. This has led to massive breaches of credit card data. As we head into the holiday season, the risk to retailers is even greater, due to the target-rich environment, increased number of transactions and over-burdened IT staff. In many cases, attackers may have already compromised retail networks and are simply waiting patiently to begin their collection data exfiltration. In this presentation, several experts who deal with retail security at different phases of the retail breach lifecycle will provide insight and guidance on what retailers can do to fight back. Experts are: Randal Cox, Chief Scientist & Co-Founder at Rippleshot, Sam Heiney, Product Solutions Director for Netop, Jeremy Henley, Director of Breach Services at ID Experts, Scott Waddell, CTO at iovation, and Ken Westin, Security Analyst at Tripwire Inc. The topics covered include: -Identifying what is driving the increase in retail breaches and common attack vectors -How organizations can prevent these points of intrusion, as well as detect behavior on their network associated with the intrusions and point-of-sale malware. -How breaches are detected after the fact, through the use of big data and fraud analytics detecting stolen credit card transactions -How retail organizations should respond when there is a breach, steps to notify customers and other details around cleanup of a compromiseTRANSCRIPT
![Page 1: Retail Cyberthreat Summit: Insights and Strategies from Industry Experts](https://reader033.vdocuments.mx/reader033/viewer/2022052910/559c676d1a28ab7a488b465e/html5/thumbnails/1.jpg)
![Page 2: Retail Cyberthreat Summit: Insights and Strategies from Industry Experts](https://reader033.vdocuments.mx/reader033/viewer/2022052910/559c676d1a28ab7a488b465e/html5/thumbnails/2.jpg)
![Page 3: Retail Cyberthreat Summit: Insights and Strategies from Industry Experts](https://reader033.vdocuments.mx/reader033/viewer/2022052910/559c676d1a28ab7a488b465e/html5/thumbnails/3.jpg)
![Page 4: Retail Cyberthreat Summit: Insights and Strategies from Industry Experts](https://reader033.vdocuments.mx/reader033/viewer/2022052910/559c676d1a28ab7a488b465e/html5/thumbnails/4.jpg)
A Global Leader in Secure Remote Access
www.netop.com
(866) 725-7833
![Page 5: Retail Cyberthreat Summit: Insights and Strategies from Industry Experts](https://reader033.vdocuments.mx/reader033/viewer/2022052910/559c676d1a28ab7a488b465e/html5/thumbnails/5.jpg)
ABOUT NETOP
The world’s leading companies choose Netop
24%World Top 100 Retailers
60%Financial Times Top 100
42% World Top 50 Banks
50%Fortune 100
![Page 6: Retail Cyberthreat Summit: Insights and Strategies from Industry Experts](https://reader033.vdocuments.mx/reader033/viewer/2022052910/559c676d1a28ab7a488b465e/html5/thumbnails/6.jpg)
ABOUT NETOP
end-users
9M
customers
12K
connections / day
100M
![Page 7: Retail Cyberthreat Summit: Insights and Strategies from Industry Experts](https://reader033.vdocuments.mx/reader033/viewer/2022052910/559c676d1a28ab7a488b465e/html5/thumbnails/7.jpg)
Retail Cyberthreat Summit
Identifying and Securing
Threat Vectors
![Page 8: Retail Cyberthreat Summit: Insights and Strategies from Industry Experts](https://reader033.vdocuments.mx/reader033/viewer/2022052910/559c676d1a28ab7a488b465e/html5/thumbnails/8.jpg)
USERS
Human error is a leading source
of opportunity for cybercrime
Threats
![Page 9: Retail Cyberthreat Summit: Insights and Strategies from Industry Experts](https://reader033.vdocuments.mx/reader033/viewer/2022052910/559c676d1a28ab7a488b465e/html5/thumbnails/9.jpg)
DISCOVERABILITY
If a device is discoverable,
a device is vulnerable.
Threats
![Page 10: Retail Cyberthreat Summit: Insights and Strategies from Industry Experts](https://reader033.vdocuments.mx/reader033/viewer/2022052910/559c676d1a28ab7a488b465e/html5/thumbnails/10.jpg)
REMOTE ACCESS
Remote access points are the
target of choice for
cybercriminals.
Threats
88%
![Page 11: Retail Cyberthreat Summit: Insights and Strategies from Industry Experts](https://reader033.vdocuments.mx/reader033/viewer/2022052910/559c676d1a28ab7a488b465e/html5/thumbnails/11.jpg)
Remote Access
Secure 1. Segment your network
1
Segment your network
![Page 12: Retail Cyberthreat Summit: Insights and Strategies from Industry Experts](https://reader033.vdocuments.mx/reader033/viewer/2022052910/559c676d1a28ab7a488b465e/html5/thumbnails/12.jpg)
Remote Access
Secure
1 2
Segment your network Encrypt your data
1. Segment your network
2. Encrypt your data
![Page 13: Retail Cyberthreat Summit: Insights and Strategies from Industry Experts](https://reader033.vdocuments.mx/reader033/viewer/2022052910/559c676d1a28ab7a488b465e/html5/thumbnails/13.jpg)
Remote Access
Secure
1 2 3
Segment your network Encrypt your data Manage your users
1. Segment your network
2. Encrypt your data
3. Manage your users
![Page 14: Retail Cyberthreat Summit: Insights and Strategies from Industry Experts](https://reader033.vdocuments.mx/reader033/viewer/2022052910/559c676d1a28ab7a488b465e/html5/thumbnails/14.jpg)
Remote Access
Secure
1 2 3 4
Segment your network Encrypt your data Manage your users Document all activity
1. Segment your network
2. Encrypt your data
3. Manage your users
4. Document all activity
![Page 15: Retail Cyberthreat Summit: Insights and Strategies from Industry Experts](https://reader033.vdocuments.mx/reader033/viewer/2022052910/559c676d1a28ab7a488b465e/html5/thumbnails/15.jpg)
Thank you! www.netop.com
(866) 725-7833
![Page 16: Retail Cyberthreat Summit: Insights and Strategies from Industry Experts](https://reader033.vdocuments.mx/reader033/viewer/2022052910/559c676d1a28ab7a488b465e/html5/thumbnails/16.jpg)
![Page 17: Retail Cyberthreat Summit: Insights and Strategies from Industry Experts](https://reader033.vdocuments.mx/reader033/viewer/2022052910/559c676d1a28ab7a488b465e/html5/thumbnails/17.jpg)
![Page 18: Retail Cyberthreat Summit: Insights and Strategies from Industry Experts](https://reader033.vdocuments.mx/reader033/viewer/2022052910/559c676d1a28ab7a488b465e/html5/thumbnails/18.jpg)
![Page 19: Retail Cyberthreat Summit: Insights and Strategies from Industry Experts](https://reader033.vdocuments.mx/reader033/viewer/2022052910/559c676d1a28ab7a488b465e/html5/thumbnails/19.jpg)
Initial
Attack
Vector
![Page 20: Retail Cyberthreat Summit: Insights and Strategies from Industry Experts](https://reader033.vdocuments.mx/reader033/viewer/2022052910/559c676d1a28ab7a488b465e/html5/thumbnails/20.jpg)
Initial
Attack
Vector
20 Critical Security Controls NSA Rank
CSC1Inventory H/W Assets, Criticality,
and LocationVery High
CSC2Inventory S/W Assets, Criticality,
and LocationVery High
CSC3Secure Configuration of Servers
and HardwareVery High
CSC4Vulnerability Assessment
and RemediationVery High
![Page 21: Retail Cyberthreat Summit: Insights and Strategies from Industry Experts](https://reader033.vdocuments.mx/reader033/viewer/2022052910/559c676d1a28ab7a488b465e/html5/thumbnails/21.jpg)
Initial
Attack
Vector
![Page 22: Retail Cyberthreat Summit: Insights and Strategies from Industry Experts](https://reader033.vdocuments.mx/reader033/viewer/2022052910/559c676d1a28ab7a488b465e/html5/thumbnails/22.jpg)
![Page 23: Retail Cyberthreat Summit: Insights and Strategies from Industry Experts](https://reader033.vdocuments.mx/reader033/viewer/2022052910/559c676d1a28ab7a488b465e/html5/thumbnails/23.jpg)
![Page 24: Retail Cyberthreat Summit: Insights and Strategies from Industry Experts](https://reader033.vdocuments.mx/reader033/viewer/2022052910/559c676d1a28ab7a488b465e/html5/thumbnails/24.jpg)
![Page 25: Retail Cyberthreat Summit: Insights and Strategies from Industry Experts](https://reader033.vdocuments.mx/reader033/viewer/2022052910/559c676d1a28ab7a488b465e/html5/thumbnails/25.jpg)
![Page 26: Retail Cyberthreat Summit: Insights and Strategies from Industry Experts](https://reader033.vdocuments.mx/reader033/viewer/2022052910/559c676d1a28ab7a488b465e/html5/thumbnails/26.jpg)
![Page 27: Retail Cyberthreat Summit: Insights and Strategies from Industry Experts](https://reader033.vdocuments.mx/reader033/viewer/2022052910/559c676d1a28ab7a488b465e/html5/thumbnails/27.jpg)
![Page 28: Retail Cyberthreat Summit: Insights and Strategies from Industry Experts](https://reader033.vdocuments.mx/reader033/viewer/2022052910/559c676d1a28ab7a488b465e/html5/thumbnails/28.jpg)
![Page 29: Retail Cyberthreat Summit: Insights and Strategies from Industry Experts](https://reader033.vdocuments.mx/reader033/viewer/2022052910/559c676d1a28ab7a488b465e/html5/thumbnails/29.jpg)
![Page 30: Retail Cyberthreat Summit: Insights and Strategies from Industry Experts](https://reader033.vdocuments.mx/reader033/viewer/2022052910/559c676d1a28ab7a488b465e/html5/thumbnails/30.jpg)
30
![Page 31: Retail Cyberthreat Summit: Insights and Strategies from Industry Experts](https://reader033.vdocuments.mx/reader033/viewer/2022052910/559c676d1a28ab7a488b465e/html5/thumbnails/31.jpg)
![Page 32: Retail Cyberthreat Summit: Insights and Strategies from Industry Experts](https://reader033.vdocuments.mx/reader033/viewer/2022052910/559c676d1a28ab7a488b465e/html5/thumbnails/32.jpg)
![Page 33: Retail Cyberthreat Summit: Insights and Strategies from Industry Experts](https://reader033.vdocuments.mx/reader033/viewer/2022052910/559c676d1a28ab7a488b465e/html5/thumbnails/33.jpg)
Security Professionals
Hackers
![Page 34: Retail Cyberthreat Summit: Insights and Strategies from Industry Experts](https://reader033.vdocuments.mx/reader033/viewer/2022052910/559c676d1a28ab7a488b465e/html5/thumbnails/34.jpg)
![Page 35: Retail Cyberthreat Summit: Insights and Strategies from Industry Experts](https://reader033.vdocuments.mx/reader033/viewer/2022052910/559c676d1a28ab7a488b465e/html5/thumbnails/35.jpg)
We WILL Fail
![Page 36: Retail Cyberthreat Summit: Insights and Strategies from Industry Experts](https://reader033.vdocuments.mx/reader033/viewer/2022052910/559c676d1a28ab7a488b465e/html5/thumbnails/36.jpg)
200 Days
![Page 37: Retail Cyberthreat Summit: Insights and Strategies from Industry Experts](https://reader033.vdocuments.mx/reader033/viewer/2022052910/559c676d1a28ab7a488b465e/html5/thumbnails/37.jpg)
Home Depot
Hit By Same
Malware as
TargetKrebs on Security
September 14, 2014
![Page 38: Retail Cyberthreat Summit: Insights and Strategies from Industry Experts](https://reader033.vdocuments.mx/reader033/viewer/2022052910/559c676d1a28ab7a488b465e/html5/thumbnails/38.jpg)
![Page 39: Retail Cyberthreat Summit: Insights and Strategies from Industry Experts](https://reader033.vdocuments.mx/reader033/viewer/2022052910/559c676d1a28ab7a488b465e/html5/thumbnails/39.jpg)
![Page 40: Retail Cyberthreat Summit: Insights and Strategies from Industry Experts](https://reader033.vdocuments.mx/reader033/viewer/2022052910/559c676d1a28ab7a488b465e/html5/thumbnails/40.jpg)
![Page 41: Retail Cyberthreat Summit: Insights and Strategies from Industry Experts](https://reader033.vdocuments.mx/reader033/viewer/2022052910/559c676d1a28ab7a488b465e/html5/thumbnails/41.jpg)
![Page 42: Retail Cyberthreat Summit: Insights and Strategies from Industry Experts](https://reader033.vdocuments.mx/reader033/viewer/2022052910/559c676d1a28ab7a488b465e/html5/thumbnails/42.jpg)
42
![Page 43: Retail Cyberthreat Summit: Insights and Strategies from Industry Experts](https://reader033.vdocuments.mx/reader033/viewer/2022052910/559c676d1a28ab7a488b465e/html5/thumbnails/43.jpg)
![Page 44: Retail Cyberthreat Summit: Insights and Strategies from Industry Experts](https://reader033.vdocuments.mx/reader033/viewer/2022052910/559c676d1a28ab7a488b465e/html5/thumbnails/44.jpg)
![Page 45: Retail Cyberthreat Summit: Insights and Strategies from Industry Experts](https://reader033.vdocuments.mx/reader033/viewer/2022052910/559c676d1a28ab7a488b465e/html5/thumbnails/45.jpg)
![Page 46: Retail Cyberthreat Summit: Insights and Strategies from Industry Experts](https://reader033.vdocuments.mx/reader033/viewer/2022052910/559c676d1a28ab7a488b465e/html5/thumbnails/46.jpg)
![Page 47: Retail Cyberthreat Summit: Insights and Strategies from Industry Experts](https://reader033.vdocuments.mx/reader033/viewer/2022052910/559c676d1a28ab7a488b465e/html5/thumbnails/47.jpg)
2%
5%
10%
25%
![Page 48: Retail Cyberthreat Summit: Insights and Strategies from Industry Experts](https://reader033.vdocuments.mx/reader033/viewer/2022052910/559c676d1a28ab7a488b465e/html5/thumbnails/48.jpg)
![Page 49: Retail Cyberthreat Summit: Insights and Strategies from Industry Experts](https://reader033.vdocuments.mx/reader033/viewer/2022052910/559c676d1a28ab7a488b465e/html5/thumbnails/49.jpg)
![Page 50: Retail Cyberthreat Summit: Insights and Strategies from Industry Experts](https://reader033.vdocuments.mx/reader033/viewer/2022052910/559c676d1a28ab7a488b465e/html5/thumbnails/50.jpg)
![Page 51: Retail Cyberthreat Summit: Insights and Strategies from Industry Experts](https://reader033.vdocuments.mx/reader033/viewer/2022052910/559c676d1a28ab7a488b465e/html5/thumbnails/51.jpg)
![Page 52: Retail Cyberthreat Summit: Insights and Strategies from Industry Experts](https://reader033.vdocuments.mx/reader033/viewer/2022052910/559c676d1a28ab7a488b465e/html5/thumbnails/52.jpg)
Card Losses
Reputation
Bankruptcy
![Page 53: Retail Cyberthreat Summit: Insights and Strategies from Industry Experts](https://reader033.vdocuments.mx/reader033/viewer/2022052910/559c676d1a28ab7a488b465e/html5/thumbnails/53.jpg)
SAFE FAST SENSITIVE
![Page 54: Retail Cyberthreat Summit: Insights and Strategies from Industry Experts](https://reader033.vdocuments.mx/reader033/viewer/2022052910/559c676d1a28ab7a488b465e/html5/thumbnails/54.jpg)
54
PCIDSS Level 1
SAFE
![Page 55: Retail Cyberthreat Summit: Insights and Strategies from Industry Experts](https://reader033.vdocuments.mx/reader033/viewer/2022052910/559c676d1a28ab7a488b465e/html5/thumbnails/55.jpg)
55FAST
Data7M Transaction / Day
4x growth -> 2x speed
![Page 56: Retail Cyberthreat Summit: Insights and Strategies from Industry Experts](https://reader033.vdocuments.mx/reader033/viewer/2022052910/559c676d1a28ab7a488b465e/html5/thumbnails/56.jpg)
Coverage Map
http://goo.gl_3uDFKP
Transactions/Day
FAST
![Page 57: Retail Cyberthreat Summit: Insights and Strategies from Industry Experts](https://reader033.vdocuments.mx/reader033/viewer/2022052910/559c676d1a28ab7a488b465e/html5/thumbnails/57.jpg)
Performance
FAST
![Page 58: Retail Cyberthreat Summit: Insights and Strategies from Industry Experts](https://reader033.vdocuments.mx/reader033/viewer/2022052910/559c676d1a28ab7a488b465e/html5/thumbnails/58.jpg)
Chain Public Rippleshot AdvantageSpec's Wine & Spirits Mar 20, 2014 Mar 29, 2013 11.7 months
Aaron Brothers Apr 17, 2014 Aug 6, 2013 8.4 months
Neiman Marcus Jan 23, 2014 Oct 11, 2013 3.4 months
Target Dec 18, 2013 Nov 29, 2013 19 days
Michael’s Jan 25, 2014 Dec 10, 2013 1.5 months
California DMV Mar 22, 2014 Jan 22, 2014 1.9 months
Home Depot Sep 2, 2014 Mar 8, 2014 5.9 months
Dairy Queen Aug 27, 2014 Mar 8, 2014 5.7 months
The UPS Store Aug 20, 2014 Mar 8, 2014 5.4 months
Goodwill Industries Jul 14, 2014 Mar 8, 2014 4.2 months
Splash Car Wash Jun 26, 2014 Mar 8, 2014 3.6 months
Sally Beauty Supply Mar 14, 2014 Mar 8, 2014 6 days
PF Chang’s Jun 11, 2014 Mar 25, 2014 2.6 months
Supervalue Aug 15, 2014 Apr 6, 2014 4.3 months
Beef 'O' Brady's Sep 10, 2014 Apr 6, 2014 5.2 months
![Page 59: Retail Cyberthreat Summit: Insights and Strategies from Industry Experts](https://reader033.vdocuments.mx/reader033/viewer/2022052910/559c676d1a28ab7a488b465e/html5/thumbnails/59.jpg)
4.3 Months
FAST
![Page 60: Retail Cyberthreat Summit: Insights and Strategies from Industry Experts](https://reader033.vdocuments.mx/reader033/viewer/2022052910/559c676d1a28ab7a488b465e/html5/thumbnails/60.jpg)
SENSITIVE
![Page 61: Retail Cyberthreat Summit: Insights and Strategies from Industry Experts](https://reader033.vdocuments.mx/reader033/viewer/2022052910/559c676d1a28ab7a488b465e/html5/thumbnails/61.jpg)
61SENSITIVE
![Page 62: Retail Cyberthreat Summit: Insights and Strategies from Industry Experts](https://reader033.vdocuments.mx/reader033/viewer/2022052910/559c676d1a28ab7a488b465e/html5/thumbnails/62.jpg)
Use Case
Start of Breach: April 1st
Public Announcement: September 2nd
Total Cards: 56M
with Rippleshot: 5.6M
Rippleshot Detection: April 15th
Total Fraud Spend: $2B and climbing
with Rippleshot: $200M
![Page 63: Retail Cyberthreat Summit: Insights and Strategies from Industry Experts](https://reader033.vdocuments.mx/reader033/viewer/2022052910/559c676d1a28ab7a488b465e/html5/thumbnails/63.jpg)
Home Depot
![Page 64: Retail Cyberthreat Summit: Insights and Strategies from Industry Experts](https://reader033.vdocuments.mx/reader033/viewer/2022052910/559c676d1a28ab7a488b465e/html5/thumbnails/64.jpg)
Home Depot
![Page 65: Retail Cyberthreat Summit: Insights and Strategies from Industry Experts](https://reader033.vdocuments.mx/reader033/viewer/2022052910/559c676d1a28ab7a488b465e/html5/thumbnails/65.jpg)
![Page 66: Retail Cyberthreat Summit: Insights and Strategies from Industry Experts](https://reader033.vdocuments.mx/reader033/viewer/2022052910/559c676d1a28ab7a488b465e/html5/thumbnails/66.jpg)
![Page 67: Retail Cyberthreat Summit: Insights and Strategies from Industry Experts](https://reader033.vdocuments.mx/reader033/viewer/2022052910/559c676d1a28ab7a488b465e/html5/thumbnails/67.jpg)
67
![Page 68: Retail Cyberthreat Summit: Insights and Strategies from Industry Experts](https://reader033.vdocuments.mx/reader033/viewer/2022052910/559c676d1a28ab7a488b465e/html5/thumbnails/68.jpg)
RETAIL CYBERTHREATSUMMIT
How retailers can mitigate fraud
associated with stolen credit cards
![Page 69: Retail Cyberthreat Summit: Insights and Strategies from Industry Experts](https://reader033.vdocuments.mx/reader033/viewer/2022052910/559c676d1a28ab7a488b465e/html5/thumbnails/69.jpg)
69© COPYRIGHT • IOVATION 69© COPYRIGHT • IOVATION
SCOTT WADDELL, IOVATION
(503) 943-6768
www.iovation.com
@svwaddell
SCOTT WADDELLChief Technology Officer
![Page 70: Retail Cyberthreat Summit: Insights and Strategies from Industry Experts](https://reader033.vdocuments.mx/reader033/viewer/2022052910/559c676d1a28ab7a488b465e/html5/thumbnails/70.jpg)
70© COPYRIGHT • IOVATION 70© COPYRIGHT • IOVATION
BATTLING ID THEFT AND CREDIT CARD FRAUD
![Page 71: Retail Cyberthreat Summit: Insights and Strategies from Industry Experts](https://reader033.vdocuments.mx/reader033/viewer/2022052910/559c676d1a28ab7a488b465e/html5/thumbnails/71.jpg)
71© COPYRIGHT • IOVATION 71© COPYRIGHT • IOVATION
RECOGNIZING EVERY DEVICE
From smartphones to
gaming consoles, if a device
can access the Internet,
iovation will recognize it.
![Page 72: Retail Cyberthreat Summit: Insights and Strategies from Industry Experts](https://reader033.vdocuments.mx/reader033/viewer/2022052910/559c676d1a28ab7a488b465e/html5/thumbnails/72.jpg)
72© COPYRIGHT • IOVATION 72© COPYRIGHT • IOVATION
DEVICE INTELLIGENCE PROCESS
Is this device
making a
fraudulent
transaction?
1. IDENTIFICATION
2. ASSOCIATIONS
3. ANOMALIES
4. REPUTATION
Has anyone seen this device?
Has anyone had a bad experience?
Is the device guilty by its
association?
Have any device anomalies
been found?
![Page 73: Retail Cyberthreat Summit: Insights and Strategies from Industry Experts](https://reader033.vdocuments.mx/reader033/viewer/2022052910/559c676d1a28ab7a488b465e/html5/thumbnails/73.jpg)
73© COPYRIGHT • IOVATION 73© COPYRIGHT • IOVATION
PROTECTION AT CUSTOMER TOUCH POINTS
![Page 74: Retail Cyberthreat Summit: Insights and Strategies from Industry Experts](https://reader033.vdocuments.mx/reader033/viewer/2022052910/559c676d1a28ab7a488b465e/html5/thumbnails/74.jpg)
74© COPYRIGHT • IOVATION 74© COPYRIGHT • IOVATION
RETAILER: FRAUD SCREENING PROCESS
ReputationManager 360Transactions
and Outcomes
Real-Time
Scoring
Deny
Review
Allow
![Page 75: Retail Cyberthreat Summit: Insights and Strategies from Industry Experts](https://reader033.vdocuments.mx/reader033/viewer/2022052910/559c676d1a28ab7a488b465e/html5/thumbnails/75.jpg)
75© COPYRIGHT • IOVATION 75© COPYRIGHT • IOVATION
DEVICES: UNIQUELY IDENTIFIED AND ASSOCIATED
![Page 76: Retail Cyberthreat Summit: Insights and Strategies from Industry Experts](https://reader033.vdocuments.mx/reader033/viewer/2022052910/559c676d1a28ab7a488b465e/html5/thumbnails/76.jpg)
76© COPYRIGHT • IOVATION 76© COPYRIGHT • IOVATION
ACTIVITY: CREDIT PROCESSOR RETAILERS
![Page 77: Retail Cyberthreat Summit: Insights and Strategies from Industry Experts](https://reader033.vdocuments.mx/reader033/viewer/2022052910/559c676d1a28ab7a488b465e/html5/thumbnails/77.jpg)
77© COPYRIGHT • IOVATION 77© COPYRIGHT • IOVATION
DEVICE INTELLIGENCE: SHARED ACROSS INDUSTRIES
![Page 78: Retail Cyberthreat Summit: Insights and Strategies from Industry Experts](https://reader033.vdocuments.mx/reader033/viewer/2022052910/559c676d1a28ab7a488b465e/html5/thumbnails/78.jpg)
78© COPYRIGHT • IOVATION 78© COPYRIGHT • IOVATION
DEVICE INTELLIGENCE NETWORK
Total Reputation Checks
Known Devices
Verified Frauds
Reputation Checks per Day
Incidents Stopped per Day
Active Fraud Analysts
15 Billion
2 Billion
20 Million
12 Million
200,000
3000
![Page 79: Retail Cyberthreat Summit: Insights and Strategies from Industry Experts](https://reader033.vdocuments.mx/reader033/viewer/2022052910/559c676d1a28ab7a488b465e/html5/thumbnails/79.jpg)
79© COPYRIGHT • IOVATION 79© COPYRIGHT • IOVATION
SPOTTING FRAUDSTER EVASION
FRAUDSTER TECHNIQUES
• Using a Proxy
• Disabling JavaScript
• Blocking Device Identification
• Manipulating Device Attributes
IOVATION COUNTERMEASURES
• Proxy Detection
• Real IP Proxy Piercing
• Tor Detection
• Time Zone Mismatch
• Geolocation Velocity & Mismatch
• Insufficient / Malformed Device Data
• Multi-Domain Recognition
• Device and IP Risk Profiling
TIME ZONE LANGUAGEIP PROFILES GEOLOCATIONCLOAKING
![Page 80: Retail Cyberthreat Summit: Insights and Strategies from Industry Experts](https://reader033.vdocuments.mx/reader033/viewer/2022052910/559c676d1a28ab7a488b465e/html5/thumbnails/80.jpg)
80© COPYRIGHT • IOVATION 80© COPYRIGHT • IOVATION
POWERFUL RULES ENGINE: MAKE IT WORK FOR YOU
EVIDENCE
Identifies risky devices
already associated with fraud
in iovation’s fraud records.
GEOLOCATION
Gets users actual location
with Real IP reveals
unauthorized country, TOR
and more.
VELOCITY
Set thresholds for too many
transactions or multiple
devices accessing account.
WATCH LIST
Create your own custom-built
positive or negative lists
based on your specific fraud.
RISK PROFILE
Indicates when a device has
characteristics similar to other
groups of risky devices.
AGE-BASED
Shows the amount of history
that you have with a paired
account and device.
ANOMALY
Reveals when the device has
risky characteristics or is
trying to evade detection.
COMPOUND
Combine multiple rules to
expand use case and
pinpoint specific fraud
behavior.
![Page 81: Retail Cyberthreat Summit: Insights and Strategies from Industry Experts](https://reader033.vdocuments.mx/reader033/viewer/2022052910/559c676d1a28ab7a488b465e/html5/thumbnails/81.jpg)
81© COPYRIGHT • IOVATION 81© COPYRIGHT • IOVATION
TYPICAL CASE: LOSS AT 4 BUSINESSES
![Page 82: Retail Cyberthreat Summit: Insights and Strategies from Industry Experts](https://reader033.vdocuments.mx/reader033/viewer/2022052910/559c676d1a28ab7a488b465e/html5/thumbnails/82.jpg)
82© COPYRIGHT • IOVATION 82© COPYRIGHT • IOVATION
SHARING INTELLIGENCE ACROSS INDUSTRIES
CommunitiesFinancial Gaming GamblingRetail
![Page 83: Retail Cyberthreat Summit: Insights and Strategies from Industry Experts](https://reader033.vdocuments.mx/reader033/viewer/2022052910/559c676d1a28ab7a488b465e/html5/thumbnails/83.jpg)
83© COPYRIGHT • IOVATION 83© COPYRIGHT • IOVATION
VALUE OF SHARING
Sharing automatically gives you
access to fraud evidence placed
by other iovation clients.
![Page 84: Retail Cyberthreat Summit: Insights and Strategies from Industry Experts](https://reader033.vdocuments.mx/reader033/viewer/2022052910/559c676d1a28ab7a488b465e/html5/thumbnails/84.jpg)
12/12/2014
Jeremy HenleyDirector of Breach Services
760-304-4761
![Page 85: Retail Cyberthreat Summit: Insights and Strategies from Industry Experts](https://reader033.vdocuments.mx/reader033/viewer/2022052910/559c676d1a28ab7a488b465e/html5/thumbnails/85.jpg)
12/12/2014
Data Breach is a “Legal” Construct
* The definition of “data breach” varies across specific legislation and rules. In US states, many include a “harm threshold”
![Page 86: Retail Cyberthreat Summit: Insights and Strategies from Industry Experts](https://reader033.vdocuments.mx/reader033/viewer/2022052910/559c676d1a28ab7a488b465e/html5/thumbnails/86.jpg)
12/12/2014
• Complete a Privacy & Security Assessment
• Develop or review Incident Response Plan
• Test your plan
• Repeat
![Page 87: Retail Cyberthreat Summit: Insights and Strategies from Industry Experts](https://reader033.vdocuments.mx/reader033/viewer/2022052910/559c676d1a28ab7a488b465e/html5/thumbnails/87.jpg)
12/12/2014
Be Prepared- Have a Team and a Plan
![Page 88: Retail Cyberthreat Summit: Insights and Strategies from Industry Experts](https://reader033.vdocuments.mx/reader033/viewer/2022052910/559c676d1a28ab7a488b465e/html5/thumbnails/88.jpg)
12/12/2014
You will need a repeatable methodology for data breach response to reduce
risks and reach a positive outcome
• Discovery
• Analysis
• Formulate
• Respond
![Page 89: Retail Cyberthreat Summit: Insights and Strategies from Industry Experts](https://reader033.vdocuments.mx/reader033/viewer/2022052910/559c676d1a28ab7a488b465e/html5/thumbnails/89.jpg)