Presentation is loading. Please wait.

Presentation is loading. Please wait.

Best Practices to Prevent Internet Fraud Presented by: Ori Eisen Founder & Chief Innovation Officer.

Published byLeslie Hunt Modified over 9 years ago

Similar presentations

Presentation on theme: "Best Practices to Prevent Internet Fraud Presented by: Ori Eisen Founder & Chief Innovation Officer."— Presentation transcript:

1 Best Practices to Prevent Internet Fraud Presented by: Ori Eisen Founder & Chief Innovation Officer

2 P.C. Vey, Published by the New Yorker, January 16th, 2006 Start with a laugh…

3 APRIL 23, 2008 The Art of War – Know Your Enemy If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory gained you will also suffer a defeat. If you know neither the enemy nor yourself, you will succumb in every battle. - Sun Tzu On the Art of War, about 530 BCE

4 APRIL 23, 2008 Let’s Play Tag Pros and Cons of Different CDIs –Tag (Flash, Cache, Cookie, etc.) –Tag-less (HTTP headers, Java script, etc.) IP Address is NOT a CDI!!! –Much like your clothes are not part of your DNA

5 APRIL 23, 2008 Tag You’re Not It VMWare Disable Cookies Uninstall Flash Mobile Devices Do Not Support Flash Anti-virus and anti-Malware delete tags regularly 100% Right or 100% Wrong Good for detecting good people Not good for detecting the medium to highly sophisticated fraudsters

6 APRIL 23, 2008 Fraud Is NOT a Game of Tag No problemBenefits VMWare Disable Cookies Uninstall Flash Anti-Virus and anti- malware delete tags regularly Mobile devices do not support 100% right or 100% wrong – more right than wrong Good for detecting good people…AND detecting ALL levels of medium to high sophistication of fraudsters

7 APRIL 23, 2008 Analysis Strategy –Determine how Device ID can augment current fraud systems –Analysis to focus on detecting more fraud $ 1.Record Device Ids for all fraud orders for first 20 days of pilot 2.Match ids against orders in last 10 days 3.Measure following metrics Total fraud $ matched per day Total unblocked $ matched per day % of total fraud $ covered Total orders covered per day False positive rate Analysis Strategy –Determine how Device ID can augment current fraud systems –Analysis to focus on detecting more fraud $ 1.Record Device Ids for all fraud orders for first 20 days of pilot 2.Match ids against orders in last 10 days 3.Measure following metrics Total fraud $ matched per day Total unblocked $ matched per day % of total fraud $ covered Total orders covered per day False positive rate Apple Pilot

8 APRIL 23, 2008 Results

9 APRIL 23, 2008 “From that analysis [of the pilot], my conclusion is that tagging is useful for recognizing good guys, but not for stopping fraud. The good fraudsters defeat the tags. The ones that don't are easily caught through more basic tools (e.g., AVS, CVV2, velocities, etc.).” David Moriarty, Ph.D., Apple, Inc. “From that analysis [of the pilot], my conclusion is that tagging is useful for recognizing good guys, but not for stopping fraud. The good fraudsters defeat the tags. The ones that don't are easily caught through more basic tools (e.g., AVS, CVV2, velocities, etc.).” David Moriarty, Ph.D., Apple, Inc. A Customer’s View

10 APRIL 23, 2008 What Others Say About Us? “A solution that looks beyond HTTP parameters to fingerprint a PC… is now only available from The 41st Parameter. We recommend this option as the strongest clientless CDI option available on the market today.” –After The Cookies Crumble: Alternatives for Client Device Identification (17 February 2007)

11 APRIL 23, 2008 The First 40 Parameters ABCDEF Order IDOrder TimestampBilling Email Billing Zip CodeBrowser IP Browser IP Country 135895510/13/11 12:17 AMvinhnguyen509@hotmail.com99202-401167.185.8.115United States 139253510/13/11 3:52 AMsandrita_1017@hotmail.com9455976.103.150.225United States 239671510/13/11 4:38 AMyeaokwhatever05@hotmail.com92703-263275.31.69.233United States 367251910/14/11 1:30 PMtimjiles@yahoo.com5320976.199.175.61United States 592119910/16/11 4:31 PMmattaliano_electric@yahoo.com9503771.80.231.193United States 587957510/16/11 5:20 PMbigkidjj@yahoo.com95355-789176.20.120.67United States 597059910/16/11 9:15 PMlsutton@lynndaleinc.org30805-361769.254.8.233United States 729773510/18/11 3:29 PMpinder_k05@yahoo.com9458775.6.231.37United States 741015510/19/11 12:43 AMcmwhitson@prodigy.net21158-421971.125.171.155United States 972925510/20/11 7:34 PMjorgedc006@yahoo.com9406269.104.90.240United States 975309510/20/11 9:19 PMkmlbnz@yahoo.com3314276.26.50.51United States 977451510/20/11 11:03 PMnewcenturymedsup@yahoo.com9120568.183.218.68United States Order Information and Web Logs Is This Fraud?

12 APRIL 23, 2008 Still Not Sure? HIJKL Browser Timestamp Browser Time Zone Browser LanguagePCPrint Time Diff (TDL) Seconds 10/11/07 5:17 PM3ru-ru7B02A8AC99067CC1168E412B6AA0BF138E76CD84-3601 10/11/07 8:52 PM3ru-ru7B02A8AC99067CC1168E412B6AA0BF138E76CD84-3601 10/11/07 9:38 PM3ru-ru7B02A8AC99067CC1168E412B6AA0BF138E76CD84-3601 10/13/07 6:30 AM3ru-ru7B02A8AC99067CC1168E412B6AA0BF138E76CD84-3601 10/15/07 9:31 AM3ru-ru7B02A8AC99067CC1168E412B6AA0BF138E76CD84-3601 10/15/07 10:20 AM3ru-ru7B02A8AC99067CC1168E412B6AA0BF138E76CD84-3601 10/15/07 2:15 PM3ru-ru7B02A8AC99067CC1168E412B6AA0BF138E76CD84-3601 10/17/07 8:29 AM3ru-ru7B02A8AC99067CC1168E412B6AA0BF138E76CD84-3601 10/17/07 5:43 PM3ru-ru7B02A8AC99067CC1168E412B6AA0BF138E76CD84-3601 10/19/07 12:33 PM3ru-ru7B02A8AC99067CC1168E412B6AA0BF138E76CD84-3601 10/19/07 2:19 PM3ru-ru7B02A8AC99067CC1168E412B6AA0BF138E76CD84-3601 10/19/07 4:03 PM3ru-ru7B02A8AC99067CC1168E412B6AA0BF138E76CD84-3601 How About Now?

Download ppt "Best Practices to Prevent Internet Fraud Presented by: Ori Eisen Founder & Chief Innovation Officer."

Similar presentations

Welcome Cyber Defense Bootcamp for High School Teacher

Welcome Cyber Defense Bootcamp for High School Teacher
Copyright © Houghton Mifflin Company. All rights reserved.Lecture Outlines, 8–1 “If you know neither yourself nor your enemy, you will succumb in every.

Copyright © Houghton Mifflin Company. All rights reserved.Lecture Outlines, 8–1 “If you know neither yourself nor your enemy, you will succumb in every.
Network Security Policy Why do I need a network security policy? Dr. Charles T. Wunker.

Network Security Policy Why do I need a network security policy? Dr. Charles T. Wunker.
Rob Smets A user centred approach IPv6 deployment monitoring.

Rob Smets A user centred approach IPv6 deployment monitoring.
© 2014 Fair Isaac Corporation. Confidential. This presentation is provided for the recipient only and cannot be reproduced or shared without Fair Isaac.

© 2014 Fair Isaac Corporation. Confidential. This presentation is provided for the recipient only and cannot be reproduced or shared without Fair Isaac.
1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.

1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.
Competitive Dynamics.

Competitive Dynamics.
Configuring Home Network With OpenDNS

Configuring Home Network With OpenDNS
Global Forum V on Fighting Corruption and Safeguarding Integrity (GF V) 2-5 April, 07 Strengthening actions for effective implementation of anti-corruption.

Global Forum V on Fighting Corruption and Safeguarding Integrity (GF V) 2-5 April, 07 Strengthening actions for effective implementation of anti-corruption.
Computer Maintenance & Safety Spring 2014. Internet Safety Keeping your computer safe What is a computer virus? A computer program that can copy itself.

Computer Maintenance & Safety Spring Internet Safety Keeping your computer safe What is a computer virus? A computer program that can copy itself.
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.

Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
Page 1 of 29 Net-Scale Technologies, Inc. Network Based Personal Information and Messaging Services Urs Muller Beat Flepp

Page 1 of 29 Net-Scale Technologies, Inc. Network Based Personal Information and Messaging Services Urs Muller Beat Flepp
Forces that Have Brought the world to it’s knees over the centuries.

Forces that Have Brought the world to it’s knees over the centuries.
6/10/2015Cookies1 What are Cookies? 6/10/2015Cookies2 How did they do that?

6/10/2015Cookies1 What are Cookies? 6/10/2015Cookies2 How did they do that?
Computer and Society Olayele Adelakun (Ph.D) Assistant Professor CTI Office: Room 735 CTI 7th Floor Phone: 312-362-8231 Fax: 312-362-6116

Computer and Society Olayele Adelakun (Ph.D) Assistant Professor CTI Office: Room 735 CTI 7th Floor Phone: Fax:
Chapter 1 Introduction. Art of War  If you know the enemy and know yourself, you need not fear the result of a hundred battles.  If you know yourself.

Chapter 1 Introduction. Art of War  If you know the enemy and know yourself, you need not fear the result of a hundred battles.  If you know yourself.
Copyright 2011 Trend Micro Inc. Trend Micro Web Security- Overview.

Copyright 2011 Trend Micro Inc. Trend Micro Web Security- Overview.
MIS 2211 The Internet from a Technology Perspective A network of networks Comprised of hundreds of thousands of networks (nodes) throughout the world Very.

MIS 2211 The Internet from a Technology Perspective A network of networks Comprised of hundreds of thousands of networks (nodes) throughout the world Very.
Internet Scams and Money- Making Models. A way You can be scammed online.

Internet Scams and Money- Making Models. A way You can be scammed online.
Pro Exchange SPAM Filter An Exchange 2000 based spam filtering solution.

Pro Exchange SPAM Filter An Exchange 2000 based spam filtering solution.

Similar presentations

Ads by Google