Revelock detects any anomalies that signal an account take-over fraud by simply asking “are you really you?” Unlike other technologies that require you to keep up with every new attack that comes along, Revelock focuses on unusual behavior for a particular user that indicates an attack.
ID Impersonation Attacks
Every ID Impersonation attack starts with stolen credentials.
Revelock takes a two-pronged approach to defending against ID impersonation attacks. First, Revelock prevents malware or phishing attacks from stealing credentials to begin with. Revelock Active Defense enables fraud teams to detect malware, RATs or phishing attacks and automatically enforces policies that vanquish them - immediately protecting users and mitigating risk.
Because many stolen credentials are readily available on the Dark Web for bad actors to use to impersonate legitimate users, Revelock also offers a second, deeper line of defense. Our Know Your User approach continually asks, “are you really you?” to give legitimate users access while blocking bad actors. Our hybrid AI technology analyzes user behavior, biometric, device and network data to create a BionicID™ for all users starting at sign-up.
We update, analyze and compare this BionicID™ at every interaction continuously scoring risk based on per user models, population-based models and bad actor models to stay ahead of the rapidly evolving threat landscape and the latest ID impersonation threats. Any deviation from predefined parameters, for example when bad actors use stolen credentials to login, triggers pre-configured follow-on actions.
ID Manipulation Attacks
Revelock Active Defense protects banks from the most common types of ID manipulation attacks designed to hijack a user session, including:
- Remote Access Trojans that allow bad actors to take control of a user's computer during a banking session
- Remote Access Tools, which are legitimate applications that attackers can compromise and use to take control of a device
- Form grabbing malware attacks capable of injecting code into a browser session to dupe the user into entering confidential data (credentials, PINs, OTPs, etc.)
Once bad actors use one of these attacks to control the device, they can display spoofed content, such as web pages and pop-up banners, to fool users into providing credentials. They might also execute fraudulent transactions, such as submitting a one time password to approve a transfer. Because these attacks bypass traditional account security and temporarily take control of a victim’s account after the user logs in, this type of attack is easier to execute.
Revelock detects these attacks by continuously scoring risk based on per-user models, population-based models, and bad actor models. Revelock Active Defense then stops them by:
- Blocking Remote Access Trojan generated webpage or pop-ups immediately protecting the user
- Stopping attackers using Remote Access Tools that gained control of a user’s device by taking specified actions, such as requiring additional authentication, or automatically terminating the session
Continuous Risk Scoring
Revelock’s Know Your User approach analyses the risk of every user interaction by continually examining user BionicIDs™ for anomalies, continuously scoring risk based on per user models, population-based models and bad actor models, as well as making sure user devices are not infected by malware and that user sessions have not been hijacked. Fraud analysts can use the Revelock Console to adjust the sensitivity of anomaly-based alerts to minimize false positives.
This continuous user verification and risk analysis enables you to comply with a range of regulations Strong Customer Authentication (SCA), PSD2 Compliance, Payments Processing (Card-Not-Present, CNP), and Anti Money Laundering (AML) regulations while improving the efficiency of your New Account Opening and Transaction Monitoring systems.
Should this analysis uncover BionicID™ anomalies, Revelock immediately takes pre-specified follow-up actions. For example, if malware has compromised a user’s device, the mobile app or web page can provide the first line of defense and stop the attack by terminating the session or logging off the account
Verifying users at every interaction reduces false positives and user friction by instantly safeguarding against issues such as hijacked sessions while minimizing the need for step-up-authentication. Revelock’s continual verification of users and devices is completely silent and fully transparent.
New Account Fraud
With New Account Fraud, bad actors use real customer data or a combination of real and fake data to create synthetic IDs to open new accounts. Once a customer is onboarded Revelock can start verifying the new customer by:
- Creating a BionicID™ for each new user comparing it to existing ones and identifying known bad actor BionicIDs™ discovered with Revelock Hunter and block them automatically.
- Analyzing the new user's system, device, and network data looking for clear high-risk identifiers, and scoring accordingly.
Card Not Present (CNP) Fraud
Revelock can detect Card Not Present or other types of payment fraud in any online or mobile purchasing scenarios whenever the customer is logged in to their account. If a bad actor enters stolen credit card information or attempts to subvert any other form of payment Revelock will detect behavioral variances in their data entry. Revelock can identify and prevent suspicious card-not-present other payment fraud attempts by:
- Analyzing and verifying the user's BionicID at every interaction looking for clear high-risk identifiers and score them accordingly.
- Automatically executing predetermined responses, such as user notification, stepped-up authentication, or session termination (auto-logoff).