Presentation is loading. Please wait.

Presentation is loading. Please wait.

Ryan Wilk October, 2014 – The Confluence of Many Challenges Ryan Wilk (385) 242-5561 NuData Security 1.

Published byDebra Brown Modified over 9 years ago

Similar presentations

Presentation on theme: "Ryan Wilk October, 2014 – The Confluence of Many Challenges Ryan Wilk (385) 242-5561 NuData Security 1."— Presentation transcript:

1 Ryan Wilk October, 2014 – The Confluence of Many Challenges Ryan Wilk ryan.wilk@nudatasecurity.com (385) 242-5561 NuData Security 1

2 Ryan Wilk October, 2014 – The Confluence of Many Challenges Disclaimer The views and opinions expressed during this conference are those of the speakers and do not necessarily reflect the views and opinions held by the Information Systems Security Association (ISSA), the Silicon Valley ISSA, the San Francisco ISSA or the San Francisco Bay Area InfraGard Members Alliance (IMA). Neither ISSA, InfraGard, nor any of its chapters warrants the accuracy, timeliness or completeness of the information presented. Nothing in this conference should be construed as professional or legal advice or as creating a professional- customer or attorney-client relationship. If professional, legal, or other expert assistance is required, the services of a competent professional should be sought. 2

3 Ryan Wilk October, 2014 – The Confluence of Many Challenges The Challenges I Faced Building an In-House system. 3

4 Ryan Wilk October, 2014 – The Confluence of Many Challenges Introduction Ryan Wilk Director, Customer Success at NuData Security 4 Managed StubHub’s Transactional eCommerce Trust & Safety Group Founded the Universal Parks & Resorts eCommerce Fraud & Risk Department Previous

5 Ryan Wilk October, 2014 – The Confluence of Many Challenges Predicting Rather than Detecting 1. Rethinking Risk 2. Creating a Monster 3. Success (and Railings) 4. How Risk in the Market is Changing 5

6 Ryan Wilk October, 2014 – The Confluence of Many Challenges 6

7 Ryan Wilk October, 2014 – The Confluence of Many Challenges Learning the Ecosystem What is StubHub StubHub’s Unique Risk What do you do when fraud occurs 7

8 Ryan Wilk October, 2014 – The Confluence of Many Challenges When fraud occurs: Cancel the ticket? The seller has lost a ticket The buyer has lost a ticket StubHub loses twice 8 StubHub Process

9 Ryan Wilk October, 2014 – The Confluence of Many Challenges The ATO Problem Containing the issue Number 1 project at StubHub Full development team dedicated Solved in four months 9

10 Ryan Wilk October, 2014 – The Confluence of Many Challenges Creating a Monster 10

11 Ryan Wilk October, 2014 – The Confluence of Many Challenges Assessing ATO The account isn’t fraudulent The current user is fraudulent The ideal system knows the intention of the user Recognising the good user 11

12 Ryan Wilk October, 2014 – The Confluence of Many Challenges Optimizing In House Tools Address Verification Service (AVS) Credit Card Verification Code (CVV2, CVC) Device fingerprinting Rules engines 12

13 Ryan Wilk October, 2014 – The Confluence of Many Challenges ‘The Monster’ We used a piecemealed group of vendor tools to record things such as: Device ID IP Address – Geolocation Personally Identifiable Information Velocity Paired or grouped indicators Recorded data at key events 13

14 Ryan Wilk October, 2014 – The Confluence of Many Challenges Key Events Login Add-to Cart Change Address + 44 other event flows Data around 47 events generates a LOT of data. 14

15 Ryan Wilk October, 2014 – The Confluence of Many Challenges Measuring Success How did we do? 15

16 Ryan Wilk October, 2014 – The Confluence of Many Challenges Measuring Success Channels: Mobile / Desktop Payment method Chargebacks Fraud rates False positives By the rules engine By fraud analysts 16

17 Ryan Wilk October, 2014 – The Confluence of Many Challenges Our Results OPEX Optimization Review Time Reduction Queue Volume Reduction Reduced Customer Insult 17

18 Ryan Wilk October, 2014 – The Confluence of Many Challenges Retrospect 47 flows was excessive The rules used were most effective when looking for the good user, not the bad Expensive solution There are quicker ways that provide more ROI in a shorter time 18

19 Ryan Wilk October, 2014 – The Confluence of Many Challenges Changes in the Industry 19

20 Ryan Wilk October, 2014 – The Confluence of Many Challenges How the fraud prevention market is changing Prediction is beating detection Seeking good users who are now behaving differently more effective than seeking bad general traits Behavior is being used as an uplift to passwords Vendor solutions are more entwined – its easier Discreet vendors, they are more tightly integrated 20

21 Ryan Wilk October, 2014 – The Confluence of Many Challenges 21 Disclaimer The views and opinions expressed during this conference are those of the speakers and do not necessarily reflect the views and opinions held by the Information Systems Security Association (ISSA), the Silicon Valley ISSA, the San Francisco ISSA or the San Francisco Bay Area InfraGard Members Alliance (IMA). Neither ISSA, InfraGard, nor any of its chapters warrants the accuracy, timeliness or completeness of the information presented. Nothing in this conference should be construed as professional or legal advice or as creating a professional-customer or attorney-client relationship. If professional, legal, or other expert assistance is required, the services of a competent professional should be sought. Thank you Ryan Wilk Ryan.wilk@nudatasecurity.com (385) 242-5561 NuData Security

Download ppt "Ryan Wilk October, 2014 – The Confluence of Many Challenges Ryan Wilk (385) 242-5561 NuData Security 1."

Similar presentations

Session 4: Data Privacy and Fraud Moderator: Bill Houck, Director, Risk Management, UATP Panelist: Peter Warner, EVP, Retail Decisions Cherie Lauretta,

Session 4: Data Privacy and Fraud Moderator: Bill Houck, Director, Risk Management, UATP Panelist: Peter Warner, EVP, Retail Decisions Cherie Lauretta,
Risk Management Case Study. agenda Firm Overview Case Study – Risk Management Q&A.

Risk Management Case Study. agenda Firm Overview Case Study – Risk Management Q&A.
1 How (not only) risk department uses data in HC Tomáš Kočka Head of Fraud Prevention Home Credit International.

1 How (not only) risk department uses data in HC Tomáš Kočka Head of Fraud Prevention Home Credit International.
In Association with MIND WORKS. About Us TimeLine is a team of experienced IT professionals having focus area on Training and Development of the Individuals.

In Association with MIND WORKS. About Us TimeLine is a team of experienced IT professionals having focus area on Training and Development of the Individuals.
Digital Agenda Assembly 2012 Mobile Payments: The Demand Side Perspective from the FTC Stacy Feuer Assistant Director for International Consumer Protection.

Digital Agenda Assembly 2012 Mobile Payments: The Demand Side Perspective from the FTC Stacy Feuer Assistant Director for International Consumer Protection.
StormingForce.com Motion. StormingForce.com StormingForce’s technology is significantly increasing productivity and quality of manual repetitive tasks.

StormingForce.com Motion. StormingForce.com StormingForce’s technology is significantly increasing productivity and quality of manual repetitive tasks.
June 18, 2013 – Securing Ubiquity Vic Hargrave JB Cheng Santiago González Bassett.

June 18, 2013 – Securing Ubiquity Vic Hargrave JB Cheng Santiago González Bassett.
Session 4: Data Privacy and Fraud Moderator: Bill Houck, Director, Risk Management, UATP Panelist: Peter Warner, EVP, Retail Decisions Cherie Lauretta,

Session 4: Data Privacy and Fraud Moderator: Bill Houck, Director, Risk Management, UATP Panelist: Peter Warner, EVP, Retail Decisions Cherie Lauretta,
An Introduction to Spend Analysis and Spend Management Optimizing Your Spend.

An Introduction to Spend Analysis and Spend Management Optimizing Your Spend.
90 th Annual Meeting & Exposition April 3 – 6, 2011 Memphis, Tennessee An Introduction to Spend Analysis and Spend Management Optimizing your spend.

90 th Annual Meeting & Exposition April 3 – 6, 2011 Memphis, Tennessee An Introduction to Spend Analysis and Spend Management Optimizing your spend.
Kimberley Correia 15 th November, 2005 QuickAddress Pro Web V5.

Kimberley Correia 15 th November, 2005 QuickAddress Pro Web V5.
TEMENOS ROMANIA March 18, 2003 Every time a step ahead.

TEMENOS ROMANIA March 18, 2003 Every time a step ahead.
How to do Business Online - Securely Presented by: Michael Gulliver First Data Regional Credit and Risk Director.

How to do Business Online - Securely Presented by: Michael Gulliver First Data Regional Credit and Risk Director.
The Accountant’s Role in the Organization

The Accountant’s Role in the Organization
IN THE NEW PARADIGMS OF BUSINESS MANAGEMENT. ENTERPRISE RESOURCE PLANNING What is ERP? Business Challenges Today Why purchase an ERP solution ? Intway.

IN THE NEW PARADIGMS OF BUSINESS MANAGEMENT. ENTERPRISE RESOURCE PLANNING What is ERP? Business Challenges Today Why purchase an ERP solution ? Intway.
Biometrics: Voice Recognition

Biometrics: Voice Recognition
Retail and Consumer Roadmap to Retailing in the Digital Era Strictly Private and Confidential 17 June 2015.

Retail and Consumer Roadmap to Retailing in the Digital Era Strictly Private and Confidential 17 June 2015.
Governance, Risk, and Compliance Bill Greene Senior Industry Director.

Governance, Risk, and Compliance Bill Greene Senior Industry Director.
STRICTLY CONFIDENTIAL Positioning for Growth Tasmanian Strata Industry Tim MacKenzie Associate Director Friday 9 th August.

STRICTLY CONFIDENTIAL Positioning for Growth Tasmanian Strata Industry Tim MacKenzie Associate Director Friday 9 th August.
Academy of Risk Management | Innovate. Collaborate. Educate. Fraud Management Solutions Innovative Products & Thought Leadership.

Academy of Risk Management | Innovate. Collaborate. Educate. Fraud Management Solutions Innovative Products & Thought Leadership.

Similar presentations

Ads by Google