Call a Specialist Today! 800-886-5369

Imperva ThreatRadar Fraud Prevention
Stop Fraud Malware and Account Takeover Quickly and Easily

 

Overview:

Fraud costs organizations hundreds of millions of dollars in lost revenue, chargeback fees, and customer turnover. Fraudsters continually refine their tactics, developing new fraud schemes and writing malware code that can evade end point detection. To mitigate fraud, businesses today must purchase and deploy multiple fraud security solutions that can combat threats like Man-in-the-Browser attacks and account takeover. Unfortunately, many of these fraud security solutions require organizations to recode their Web applications. Plus, these solutions cannot work with one another to share information and maximize accuracy.

ThreatRadar Fraud Prevention, an add-on service for the Imperva SecureSphere Web Application Firewall, enables organizations to rapidly provision and manage fraud security without changing Web applications. By integrating with leading fraud security solutions, the SecureSphere WAF can transparently identify and stop fraudulent transactions. ThreatRadar Fraud Prevention also provides powerful monitoring and enforcement capabilities, allowing businesses to centrally manage fraud policies from the SecureSphere Web user interface.

ThreatRadar Fraud Prevention integrates with:

  • ThreatMetrix TrustDefender ID
  • Trusteer Pinpoint
  • Iovation ReputationManager 360

With ThreatRadar Fraud Prevention, organizations can avoid the brand damage and remediation costs associated with online fraud. Coupled with SecureSphere's in-built protection against site scraping, brute force and bad bots, ThreatRadar Fraud Prevention offers a complete solution to stop online fraud.

Web Security

Key Capabilities :

  • Maintain brand image and customer loyalty by preventing fraudulent activity
  • Rapidly provision fraud security, avoiding the cost and time required to manually integrate fraud detection into Web applications
  • Reduce the cost of adjusting anti-fraud controls by updating fraud settings from SecureSphere rather than needing to recode Web applications
  • Correlate fraud and WAF policies for granular identification and blocking of illicit activity

Features:


Rapid Deployment without Application Changes

Organizations can roll out Web fraud prevention quickly and cost effectively with ThreatRadar Fraud Prevention. As a simple addon to the SecureSphere Web Application Firewall, this service enables organizations to implement fraud detection without updating their Web applications. ThreatRadar Fraud Prevention therefore offers rapid fraud provisioning, decreasing the window of exposure and disruption imposed by lengthy application development processes.

Lower Total Cost of Ownership

ThreatRadar Fraud Prevention eliminates the need to manually update Web applications. By incorporating Web fraud prevention into SecureSphere, organizations can avoid costly development efforts and schedule disruptions. The latest updates and APIs from Imperva's fraud prevention partners are seamlessly incorporated into the service. This enables organizations to take advantage of new fraud prevention features quickly, without costly and protracted Web application changes.

Intelligent Fraud Prevention to Reduce Fraud Costs and Customer Churn

ThreatRadar Fraud Prevention allows organizations to reduce fraud incidents and maintain customer loyalty. By integrating with fraud detection vendors like ThreatMetrix, Trusteer, and iovation, ThreatRadar offers best-in-class protection against online fraud. As an add-on service to SecureSphere, it is the costeffective, and accurate way to detect and stop Web fraud.

FFIEC complianceThreatRadar Fraud Prevention helps financial institutions satisfy FFIEC compliance requirements.

  • By supporting malware detection and device ID, ThreatRadar Fraud Prevention addresses "Layered Security" requirements
  • Detailed alerts and graphical reports aid in FFIEC "Risk Assessments" by identifying security incidents

Centralized Management of Fraud and Security Policies for Web Applications

ThreatRadar Fraud Prevention provides a single integration point to manage and correlate fraud detection technologies with Web Application Firewall rules. For example, organizations can define different fraud policy actions based on user reputation, geographic location, time of day, URL accessed, or user name. By correlating fraud and attack activity, organizations can block fraudulent requests with pinpoint precision.

Active Enforcement of Web Fraud Policies

Imperva transforms fraud detection into fraud prevention. Using SecureSphere's intuitive Web-based security policies, organizations can instantly block fraudulent transactions, redirect compromised users to a custom error page, or trigger a risk management system to open a fraud investigation.

Detailed Alerts and Graphical Reporting of Fraud Activity

With SecureSphere's powerful reporting framework, customers can generate executive-level summaries as well as detailed reports of fraudulent events. Security alerts capture full event detail for forensics analysis. SecureSphere's monitoring and reporting capabilities allow organizations to quickly assess risks and investigate fraudulent activity.

View detailed fraud security alerts and generate fraud reports from the SecureSphere Web user interface.

Deployment:

With ThreatRadar Fraud Prevention organizations can quickly detect and stopfraudulent Web transactions.

ThreatRadar Fraud Prevention Deployment

Multiple SecureSphere Deployment Options

  • Transparent Layer 2 Bridge: Drop-in deployment and industry-best performance
  • Reverse Proxy and Transparent Proxy: Provide content modification, such as cookie signing and URL rewriting
  • Non-inline Monitor: Zero risk monitoring and forensics
  • High Availability: IMPVHA, VRRP, fail open interfaces, existing redundancy options, non-inline deployment
Multiple SecureSphere Deployment Options

Specifications:

Specification Description
Fraud Prevention Partner Solutions
  • Trusteer Pinpoint: a log-in and transaction monitoring system that enables real time detection of malware infected devices visiting Web applications. Pinpoint prevents incidents of financial fraud and industrial espionage by identifying potential threats as they happen.
  • ThreatMetrix TrustDefenderā„¢ ID: a cloud-based, real-time device identification and identity verification solution that protects all online transactions including account creation, login authentication and payment authorization.
  • iovation ReputationManager 360: a device identification solution that provides advanced, multifaceted risk scores for more than a billion devices such as mobile phones, tablets and computers.
Fraud Detection Mechanism
  • SecureSphere transparently invokes third party fraud detection mechanisms. The process takes less than a second to complete and is completely transparent to end users. Fraud protection requires no changes to existing Web applications or Web infrastructure.
SecureSphere Integration
  • Geo-location of source IP
  • Pre-defined and custom SecureSphere security policies
  • SNMP
  • Syslog
  • Email
  • Incident management ticketing integration
  • Custom followed action
  • Custom graphical reports
  • Real-time dashboard
SecureSphere Deployment Requirements
  • Inline bridge, reverse proxy or transparent reverse proxy
Supported Products

View Demo:

Documentation:

Download the SecureSphere ThreatRadar Fraud Prevention Datasheet (PDF).