How Safe Is Your Mobile?

Mobile fraud rates jumped by nearly a quarter (24%) from 1H 2017 to the first half of this year, with a 150 million recorded attack attempts, according to ThreatMetrix.

The firm analyzed 17.6 billion online transactions during the first half of 2018 via its Digital Identity Network, finding that over half (58%) now come via the mobile channel.

This is also reflected in the growing prevalence of fraud — especially in the US, where mobile attacks jumped 44% over the same period.

Mobile fraud now represents one third of all attacks stopped by ThreatMetrix, but the channel still represents a more secure way to transact than via desktop, it claimed.

This is apparently because devices offer more ways to determine a user’s digital identity, including geolocation, device attributes and behavioral analysis.

“Mobile is quickly becoming the predominant way people access online goods and services, and as a result organizations need to anticipate that the barrage of mobile attacks will only increase,” said Alisdair Faulkner, chief identity officer at ThreatMetrix. “The key point of vulnerability is at the app registration and account creation stage. To verify users at this crucial point, organizations need to tap into global intelligence that assesses true digital identity, compiled from the multiple channels that their customers transact on.”

Bot attacks continue to fuel the growth in global fraud, with an “unprecedented” 60% increase in the second quarter of the year: from one billion bot attacks in Q1 to 1.6 billion in Q2.

ThreatMetrix claimed that this automated traffic can account for more than half of all transactions at peak times, as fraudsters try to crack user accounts. Without the right tools in place to spot this traffic, organizations can find order processing slows, the firm warned.

During the second quarter of 2018, ThreatMetrix claimed to have analyzed 8.3 billion transactions, stopping 151 million attacks in real time. Its latest Q2 2018 Cybercrime Report is out now.

source:  InfoSecurity