Squidfayce
Eats Squid
Like I said look for the technical articles for threatmetrix. Device ID is but one data point in the digital identity map. There are thousands for any given individual user and they will vary depending on how a business wants to implement threatmetrix.
The technical articles will talk to the other data points, ip, true ip, your browser fingerprints, IMEI (pretty sure, can't recall), velocity of visits to sites, how it makes associations between your activity and devices you use and where you use them. Your head will spin.
AT our business we can tell when a newly activated burner has been probing us and is being used to try an access accounts or submit fraudulent applications because of the device age and it's newness to the aggregated digital map etc. You can then watch that same device, in real-time attempt to do wierd shit all over your networks and sites and finally give up in frustration because we basically feed our systems live device data that use automated controls to say "fuck off, there's nothing for you here".
We can ascertain real client devices easily and most of the time work out when they use a new phone to access our services without needing to bother them. We do this by cross referencing device info we scrape from that phones session on our sites to recent activity and location data stored and curated by threatmetrix in their data centers. We can 90% of the time tell whether it's a client with a new phone or somone being dodgy. Most people don't get a new phone and jump on to do financial stuff, so for those that do, they get flagged and we can quickly and in an automated way determine the levels of shonk and decide on appropriate actions. The various configurations we have set up will sometimes send them a verification email, trigger 2 factor authentication request, alert a secondary number to the attempted access or schedule a call from a fraud operator before anything serious can occur. All depends on what they tried to do, what else they have open on their phones, their activity, history etc.
I cannot give you everything you want on this which is why I keep directing you to go and find the technical articles. There are enough published for this software. It's a commercial product and isn't hiding anything. I just don't know what's going to be of value to you.
Just know that this sort of stuff is operating at the AWS data ceneter level and not just at a business level which is why it's so powerful in making the association maps with zero friction.
The technical articles will talk to the other data points, ip, true ip, your browser fingerprints, IMEI (pretty sure, can't recall), velocity of visits to sites, how it makes associations between your activity and devices you use and where you use them. Your head will spin.
AT our business we can tell when a newly activated burner has been probing us and is being used to try an access accounts or submit fraudulent applications because of the device age and it's newness to the aggregated digital map etc. You can then watch that same device, in real-time attempt to do wierd shit all over your networks and sites and finally give up in frustration because we basically feed our systems live device data that use automated controls to say "fuck off, there's nothing for you here".
We can ascertain real client devices easily and most of the time work out when they use a new phone to access our services without needing to bother them. We do this by cross referencing device info we scrape from that phones session on our sites to recent activity and location data stored and curated by threatmetrix in their data centers. We can 90% of the time tell whether it's a client with a new phone or somone being dodgy. Most people don't get a new phone and jump on to do financial stuff, so for those that do, they get flagged and we can quickly and in an automated way determine the levels of shonk and decide on appropriate actions. The various configurations we have set up will sometimes send them a verification email, trigger 2 factor authentication request, alert a secondary number to the attempted access or schedule a call from a fraud operator before anything serious can occur. All depends on what they tried to do, what else they have open on their phones, their activity, history etc.
I cannot give you everything you want on this which is why I keep directing you to go and find the technical articles. There are enough published for this software. It's a commercial product and isn't hiding anything. I just don't know what's going to be of value to you.
Just know that this sort of stuff is operating at the AWS data ceneter level and not just at a business level which is why it's so powerful in making the association maps with zero friction.
Last edited: