Causing the business to inadvertently execute fraudulent transactions.
The bots take advantage of website processes and account assumptions to use rules for purchases, promotions, gift cards, etc., to their benefit.
Traditional web-security technologies are helpless against these attacks for a number of reasons:
· IP addresses in the dark web (the encrypted network that exists between Tor servers and their clients) come and go too frequently for IP reputation functionality to be effective.
· Use of mobile devices precludes endpoint security software.
In addition, sophisticated bot tools are easy to purchase and use, allowing attackers to target multiple businesses simultaneously.
WBA Thwarts Attacks
Web behavior analytics (WBA), which incorporates machine learning, is the key ingredient in a fraud prevention strategy where everything – user accounts, devices, networks and transaction details – can be hijacked by attackers.
If you’ve been on a website that asks you to reauthenticate because it believes you are using a device you’ve never used before or are on a new network, then you probably experienced WBA in action.
Vendors Respond
WBA vendors integrate intelligent machine-learning techniques across four main layers:
· User authentication, where a username and password can be stolen and multifactor authenticators are not practical. Fraud prevention vendors often include mobile device biometrics – such as keystroke analysis – to identify users.
· Device authentication analyzes the browser, operating system, hardware and geo-location to identify poorly disguised bots.
· Endpoint inspection reveals ‘man-in-the-browser’ threats, other forms of malware and non-compliant configurations. The ability to continuously authenticate transaction sessions is an important WBA feature.
· Validation of transaction details correlates field-level information to ensure compliance with business logic. WBA products usually include customer-defined rules with machine learning to align with unique business requirements.
Most WBA vendors now deliver their products as a service, where multiple layers can execute without inconveniencing users or disrupting business flows.
Operating website security as a service allows vendors to react quickly to innovations in bot development and fraudster activity without having to distribute updates to customers.
Players and Platforms
Fraud prevention products address the problem of bots across each of the four fraud prevention layers.
The following are some of the key vendors protecting against fraudulent activity:
Bot-based attacks are proliferating rapidly, but so are the tools to combat them.