Fraud Detection & Prevention

Mitigating identity thefts and fraud risks is the top priority of modern enteprises. Today, authentication solutions need to be in-built with automatic fraud detection and prevention capabilities to deliver highly secure and reliable customer experiences.

Through adaptive and analytics-driven technologies, cidaas makes your applications smarter and more capable over time to defend against increasingly sophisticated identity theft and impersonation attacks.

Why cidaas' Fraud Detection System?

Reduces Fraud Risks

Device sign-in checks, digital identity proofing, behavioral biometrics, and user behavior analytics proactively detect fraudulent patterns for quick remediation.

Advanced Protection

Automatically stops active threats such as malware and phishing with prompt user notifications, two-step verification, session termination, and account lockout.

Early Detection for Critical Applications

Minimize false alerts, fraudulent claims, and actual fraud losses with early detection and automated resolutions.

Integrated Security through Mobility

Employ runtime application self-protection (RASP) security to protect the integrity of apps with real-time mobile-enabled threat monitoring.

Compliant Identity Protection

Build and maintain customer trust by proactively keeping user identities, data, and transactions secure and compliant with globally defined standards like SAML, OAuth, and others.

Benefits of cidaas' Fraud Detection System

cidaas uses data analytics and statistical models to identify patterns that signal when bursts of traffic are likely to be from a bot or script.

Users who attempt to log in or create accounts from IPs that are determined to have a high likelihood of being part of a credential stuffing attack will see a CAPTCHA step.

The triggers are carefully designed to handle bad traffic and make logins frictionless for legitimate users. Additionally, cidaas provides a unique dimesion to Fraud Detection and Prevention with the following:

  • cidaas has not only added data that is analysed for these decisions, but also improved the techniques used to achieve it.
  • We offer user behaviour analysis and include several additional attributes to build User Reputation and enhance predictions and preventions.
  • Our platform implements machine-learning models which brings in aggregated model scores to support actionable insights. These effectively analyse realtime patterns and behaviours and recommend for a block even before it gets to a user intervention state.
  • On the analytics front, critical authentication data observations are further used for enriching data, feature extractions and training the underlying models to get more intuitive for early interventions in login monitoring so that data can be reviewed, analyzed, and confirmed.

Advanced Fraud Detection

cidaas' intelligence-driven FDS checks the following criteria to detect fraudulent access attempts on business applications:

cidaas FDS criteria Description
IP_NOT_MATCHING or NETWORK_NOT_MATCHING
Detects if the IP address or network ID registered with cidaas matches the ones from which the login attempt happens.
FINGER_PRINT_NOT_MATCHING
Performs fingerprint MFA to check if the biometric matches that of the authorized user.
NEW_DEVICE
Checks if the login happened on a new and unregistered device and alerts the authorized user immediately.
NEW_LOCATION
Checks if the login happened from a new location by comparing with the previous location, and alerts the authorized user immediately.
UN_USUAL_LOGIN_TIME
Checks if the current login time matches the usual login time of the authorized user based on their login history and pattern. It raises an alert if the login happens at an unusual time.
DEVICE_UNUSED_FOR_CERTAIN_TIMEPERIOD
Checks if the registered device on which the authorised user logs in was idle for a certain time.
UN_EXPECTED_DISTANCE_TRAVELLED
When the user logged in moves beyond the set distance threshold, a system alert is raised.
UN_EXPECTED_LOGIN_LOCATION_AND_TIME
When the user tries to log in from a location and time that are different from the usual parameters of the authorised user.
APP Profile
Checks the standard application profile parameters to determine if any unusual APIs are being accessed by the app.

cidaas Fraud Detection System Flow

When the user logs in to the business application, the cidaas FDS runs automatic checks to validate the user based on the above-mentioned criteria. If all the conditions are met, The FDS sends the MFA status to the authentication server to grant/deny access.

If a mismatch is detected in any of the above criteria, the cidaas FDS marks the user as unauthorized and sends the status - Fraud=TRUE to the authentication server. Simulataneously, a webhook event is triggered and the relevant notifications are sent to the user (Notifications such as “Your Account was just signed in to from a new device. You are getting this email to make sure it was you”) via text message or email. User authentication is carried out using Account-level Multifactor Authentication.

BOT Detection using CAPTCHA is an integral part of cidaas' Fraud Detection System for Registration, Login and Identity management. It helps protect user identities against brute force attacks through an extra layer of authentication, in addition to, the Blocking Mechanism.

Learn more about BOT Detection here.

This completes our discussion on cidaas' Fraud Detection System.

Should you have any questions or need further assistance, please contact our support team.

We'll be happy to help. Thank you!



results matching ""

    No results matching ""