Ryan Wilk October, 2014 – The Confluence of Many Challenges Ryan Wilk (385) 242-5561 NuData Security 1.

Slides:

Advertisements

Similar presentations

Session 4: Data Privacy and Fraud Moderator: Bill Houck, Director, Risk Management, UATP Panelist: Peter Warner, EVP, Retail Decisions Cherie Lauretta,

Advertisements

Risk Management Case Study. agenda Firm Overview Case Study – Risk Management Q&A.

1 How (not only) risk department uses data in HC Tomáš Kočka Head of Fraud Prevention Home Credit International.

In Association with MIND WORKS. About Us TimeLine is a team of experienced IT professionals having focus area on Training and Development of the Individuals.

Digital Agenda Assembly 2012 Mobile Payments: The Demand Side Perspective from the FTC Stacy Feuer Assistant Director for International Consumer Protection.

StormingForce.com Motion. StormingForce.com StormingForce’s technology is significantly increasing productivity and quality of manual repetitive tasks.

June 18, 2013 – Securing Ubiquity Vic Hargrave JB Cheng Santiago González Bassett.

Session 4: Data Privacy and Fraud Moderator: Bill Houck, Director, Risk Management, UATP Panelist: Peter Warner, EVP, Retail Decisions Cherie Lauretta,

An Introduction to Spend Analysis and Spend Management Optimizing Your Spend.

90 th Annual Meeting & Exposition April 3 – 6, 2011 Memphis, Tennessee An Introduction to Spend Analysis and Spend Management Optimizing your spend.

Kimberley Correia 15 th November, 2005 QuickAddress Pro Web V5.

TEMENOS ROMANIA March 18, 2003 Every time a step ahead.

How to do Business Online - Securely Presented by: Michael Gulliver First Data Regional Credit and Risk Director.

The Accountant’s Role in the Organization

IN THE NEW PARADIGMS OF BUSINESS MANAGEMENT. ENTERPRISE RESOURCE PLANNING What is ERP? Business Challenges Today Why purchase an ERP solution ? Intway.

Biometrics: Voice Recognition

Retail and Consumer Roadmap to Retailing in the Digital Era Strictly Private and Confidential 17 June 2015.

Governance, Risk, and Compliance Bill Greene Senior Industry Director.

STRICTLY CONFIDENTIAL Positioning for Growth Tasmanian Strata Industry Tim MacKenzie Associate Director Friday 9 th August.

Academy of Risk Management | Innovate. Collaborate. Educate. Fraud Management Solutions Innovative Products & Thought Leadership.

Web Payments via Christopher Woods Aaron Buma. Agenda  Introduction  About it  Why to use it  Services they Provide  Seller Protection  Ebay Aspect.

© 2008 Authorize.Net 1 Welcome to Authorize.Net New Reseller Overview 2008.

Wireless Password: ONLINE GAMING / GAMBLING KNOW - YOUR - CUSTOMER AND RISK MANAGEMENT.

CS490D: Introduction to Data Mining Prof. Chris Clifton April 14, 2004 Fraud and Misuse Detection.

Business Strategy Evaluation & Recommendations EVALUATE BUSINESS STRATEGY Internal Assessments Evaluation : Bridge of Business-To-Customer Information.

©2003 Prentice Hall Business Publishing, Cost Accounting 11/e, Horngren/Datar/Foster The Accountant’s Role in the Organization Chapter 1.

 1 E-commerce companies to individual customers (Business-to- Consumer), and the term is shorthand for B2C, which represents trade between the companies.

Britannia/NET1 Web Seminar 2007 Presented By: NET1 Payment Solutions Presenter: Brian Morabito.

Business Intelligence Solutions for the Insurance Industry DAT – 13 Data Warehousing Rasool Ahmed.

Professional Services Review and Acceleration Opportunities for 2012 BPC Client Conference Rhodes, October, 2011 Tokhir Abdukadyrov Deputy.

E-PAYMENT METHODS 1. FACT OR FICTION ??? VISA processed 15,200 credit card transactions per minute. The first ATM machine was developed in 1939?. Luther.

Chapter 10  2000 by Prentice Hall Information Systems for Managerial Decision Making Uma Gupta Introduction to Information Systems.

Integrating Digital and Mobile Health: From Next Generation Sensors to Cloud Analytics Speakers: Yohan Lee, PhD; Ernest Sohn DISCLAIMER: The views and.

“Stronger” Web Authentication: A Security Review Cory Scott.

Controlling Fraud Risk Exposure and Loss Sherri Goodman Director of Fraud Operations September 22, 2005.

Chapter 1. Major Differences Between Financial & Managerial Accounting Managerial AccountingFinancial Accounting PurposeDecision making Communicate financial.

SMU Dedman School of Law October 8, 2007 Glenn Wheeler – Chief Executive Officer.

Are your chargebacks too low? - Manage your profits, not your fraud Akif Khan, PhD Manager, Solutions Architecture.

Hospitality Sales and Marketing Situational Selling Chapter six 1.

Introduction to Biometrics Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #18 Biometrics Applications - III October 26, 2005.

Unit 9: Electronic Fraud Professor Thomas Genovese.

DALLAS MARKETO USER GROUP (D-MUG) USER MEETING – OCTOBER 23 Topic: The Gold Standard for Marketo Speaker: Ryan Vong, President & CEO Digital Pi, LLC.

Cognex (CGNX) 06/11/14 Wealth Creations Research.

SandCherry, Inc. Managing Logistics at the Speed of Sound – Streamlining Processes Using Voice Applications Simplifying Service Solutions™

Yair Grindlinger, CEO and Co-Founder Do you know who your employees are sharing their credentials with? Do they?

1 C r y p t o g r a p h y R e s e a r c h, I n c : L e a d e r I n A d v a n c e d C r y p t o s y s t e m s ™ 1 Objectives for Securing Next- Generation.

Online Parking System.

MEMBER OF PKF NORTH AMERICA, AN ASSOCIATION OF LEGALLY INDEPENDENT FIRMS © 2011 Wolf & Company, P.C. The Future of Technology in Financial Services Matt.

Security A Payments Perspective Terry Dooley EVP & CIO SHAZAM Network.

McGraw-Hill/Irwin Copyright © 2011 by The McGraw-Hill Companies, Inc., All Rights Reserved. Chapter 4 Supply Processes and Technology.

Fall  Comply with PCI compliance policies set forth by industry  Create internal policies and procedures to protect cardholder data  Inform and.

Presented by Terrie S. Norris LAWCX Risk Control Manager.

Biometric ATM Created by:. Introduction Biometrics refers to the automatic identification of a person based on his physiological/behavioral characteristics.

Fraud Detection with Machine Learning: A Case Study from Sift Science

Managing Risk and Growing Sales 24 th March 2016 Chris Lomax, Senior Director, EMEA Solutions Management.

Conversion Optimizations Before the Holidays

Cloud University Live: 8 Steps to Build Your Cloud Go to Market Plan

Emerging Payments Market Developments: Trends and Risks James Van Dyke, President and Founder Presented at the Federal Reserve Bank of Atlanta, November.

Fraud Mobility Ken Meiser VP- Identity Solutions.

What Constitutes a “Triggering Event?”

EMV® 3-D Secure - High Level Overview

Data Privacy: Essentials for Payroll

Changing of Apple ID Payment Information Settings  Open Settings and go to iTunes & App Store  Tap on Apple ID – this brings up a menu  Tap on View.

Personal Finance Portfolio Management App for Better ROI and Control As portfolios become more diverse, they naturally become more complex. This increased.

How to Operationalize Big Data Security Analytics

E-Commerce and Economic Forces

The Successful lawyer’s toolkit

Leverage Real-Time Payments Intelligence to Identify and Keep Great Customers March 2019 Parag Patil.

Business Intelligence

Presentation transcript:

Ryan Wilk October, 2014 – The Confluence of Many Challenges Ryan Wilk (385) NuData Security 1

Ryan Wilk October, 2014 – The Confluence of Many Challenges Disclaimer The views and opinions expressed during this conference are those of the speakers and do not necessarily reflect the views and opinions held by the Information Systems Security Association (ISSA), the Silicon Valley ISSA, the San Francisco ISSA or the San Francisco Bay Area InfraGard Members Alliance (IMA). Neither ISSA, InfraGard, nor any of its chapters warrants the accuracy, timeliness or completeness of the information presented. Nothing in this conference should be construed as professional or legal advice or as creating a professional- customer or attorney-client relationship. If professional, legal, or other expert assistance is required, the services of a competent professional should be sought. 2

Ryan Wilk October, 2014 – The Confluence of Many Challenges The Challenges I Faced Building an In-House system. 3

Ryan Wilk October, 2014 – The Confluence of Many Challenges Introduction Ryan Wilk Director, Customer Success at NuData Security 4 Managed StubHub’s Transactional eCommerce Trust & Safety Group Founded the Universal Parks & Resorts eCommerce Fraud & Risk Department Previous

Ryan Wilk October, 2014 – The Confluence of Many Challenges Predicting Rather than Detecting 1. Rethinking Risk 2. Creating a Monster 3. Success (and Railings) 4. How Risk in the Market is Changing 5

Ryan Wilk October, 2014 – The Confluence of Many Challenges 6

Ryan Wilk October, 2014 – The Confluence of Many Challenges Learning the Ecosystem What is StubHub StubHub’s Unique Risk What do you do when fraud occurs 7

Ryan Wilk October, 2014 – The Confluence of Many Challenges When fraud occurs: Cancel the ticket? The seller has lost a ticket The buyer has lost a ticket StubHub loses twice 8 StubHub Process

Ryan Wilk October, 2014 – The Confluence of Many Challenges The ATO Problem Containing the issue Number 1 project at StubHub Full development team dedicated Solved in four months 9

Ryan Wilk October, 2014 – The Confluence of Many Challenges Creating a Monster 10

Ryan Wilk October, 2014 – The Confluence of Many Challenges Assessing ATO The account isn’t fraudulent The current user is fraudulent The ideal system knows the intention of the user Recognising the good user 11

Ryan Wilk October, 2014 – The Confluence of Many Challenges Optimizing In House Tools Address Verification Service (AVS) Credit Card Verification Code (CVV2, CVC) Device fingerprinting Rules engines 12

Ryan Wilk October, 2014 – The Confluence of Many Challenges ‘The Monster’ We used a piecemealed group of vendor tools to record things such as: Device ID IP Address – Geolocation Personally Identifiable Information Velocity Paired or grouped indicators Recorded data at key events 13

Ryan Wilk October, 2014 – The Confluence of Many Challenges Key Events Login Add-to Cart Change Address + 44 other event flows Data around 47 events generates a LOT of data. 14

Ryan Wilk October, 2014 – The Confluence of Many Challenges Measuring Success How did we do? 15

Ryan Wilk October, 2014 – The Confluence of Many Challenges Measuring Success Channels: Mobile / Desktop Payment method Chargebacks Fraud rates False positives By the rules engine By fraud analysts 16

Ryan Wilk October, 2014 – The Confluence of Many Challenges Our Results OPEX Optimization Review Time Reduction Queue Volume Reduction Reduced Customer Insult 17

Ryan Wilk October, 2014 – The Confluence of Many Challenges Retrospect 47 flows was excessive The rules used were most effective when looking for the good user, not the bad Expensive solution There are quicker ways that provide more ROI in a shorter time 18

Ryan Wilk October, 2014 – The Confluence of Many Challenges Changes in the Industry 19

Ryan Wilk October, 2014 – The Confluence of Many Challenges How the fraud prevention market is changing Prediction is beating detection Seeking good users who are now behaving differently more effective than seeking bad general traits Behavior is being used as an uplift to passwords Vendor solutions are more entwined – its easier Discreet vendors, they are more tightly integrated 20

Ryan Wilk October, 2014 – The Confluence of Many Challenges 21 Disclaimer The views and opinions expressed during this conference are those of the speakers and do not necessarily reflect the views and opinions held by the Information Systems Security Association (ISSA), the Silicon Valley ISSA, the San Francisco ISSA or the San Francisco Bay Area InfraGard Members Alliance (IMA). Neither ISSA, InfraGard, nor any of its chapters warrants the accuracy, timeliness or completeness of the information presented. Nothing in this conference should be construed as professional or legal advice or as creating a professional-customer or attorney-client relationship. If professional, legal, or other expert assistance is required, the services of a competent professional should be sought. Thank you Ryan Wilk (385) NuData Security