Group-IB Safeguards Digital Identity with Fraud Hunting Platform

AMSTERDAM, Nov. 18, 2020 /PRNewswire/ — Group-IB, a global threat hunting and intelligence company, has presented its new solution for digital identity protection and fraud prevention Fraud Hunting Platform. The solution guards 130 million users daily. In H1 2020, Group-IB’s Fraud Hunting Platform shielded banking and eCommerce portals in Europe and Asia from bot activities, malware, and social engineering attacks, saving them roughly $140 million.

Group-IB’s virtual event was dedicated to the issue of protecting people’s digital identities from various threats. In the past 6 months, 3 out of 100 user sessions at banking and eCommerce portals worldwide appeared to be fraudulent, according to Group-IB. Malware attacks, social engineering and bot activity are the top-3 threats for users of eCommerce and banking portals, based on the analysis of dozens of millions of user sessions around the world.

To combat these 3 categories of threats, companies deploy a range of scattered security solutions that degrade user experience. Fraud Hunting Platform becomes an integrated solution that will play a key role in protecting users. It is the successor to Group-IB’s Secure Bank/Secure Portal product line, which Group-IB has been developing since 2013.

During the presentation of Fraud Hunting Platform, streamed from the recently opened  Europe HQ in Amsterdam, Group-IB also announced the launch of new Preventive Proxy module, designed to fight bad bots disrupting eCommerce, online banking, and government portals. According to Group-IB, malicious bots account for around 30% of Internet traffic.

Group-IB’s Fraud Hunting Platform analyzes each session and examines user behavior (keystrokes, mouse movements, etc.)¬† in web and mobile channels in real-time. Based on user behavioral data and machine learning algorithms, the system creates a unique digital fingerprint for devices and identities. The system correlates and matches user behavior with their devices, which helps distinguish between legitimate actions and malicious activity even if criminals have gained access to a user’s smartphone or payment information. Using these unique data, the technology called “Global ID” marks devices across online resources globally where Fraud Hunting Platform is running and allows to identify fraudsters at early stages.

Moreover, thanks to the company’s unified ecosystem of products, Fraud Hunting Platform uses relevant Threat Intelligence data, which helps detect hidden threats and suspicious connections, speed up investigations, and identify specific individuals involved in incidents. Unlike Secure Bank/Secure Portal, Fraud Hunting Platform is used not only to simply detect and prevent fraud but also to investigate thefts and hunt for criminals.

“We are delighted to introduce Fraud Hunting Platform to market. The solution operates in a high-load mode, protecting 130 million users of web resources and mobile apps while blocking related malicious activity,” commented Dmitry Volkov, Group-IB CTO. “The new system evolved from Group-IB’s range of online fraud protection products. It is high-performance and easy to integrate, and it uses patented technologies to detect attacks at early stages.”

Preventive Proxy is designed specifically for eCommerce companies and financial organizations offering products and services online. Preventive Proxy distinguishes “good” bots (for automated web app testing for example) from “bad” bots leveraged by cybercriminals to attack company websites, web and mobile applications in a number of ways.

Group-IB estimates that legitimate bots account for about 20% of Internet traffic, while malicious ones make up 30%.Preventive Proxy seeks to protect websites, mobile apps and their users against criminals hacking into personal accounts, collecting personal data, scraping website content protected by copyright law, and attacking mobile APIs and using them without authorization.

While there are automated bots that snatch best deals and win giveaways, there are also dangerous ones that break into online accounts, steal users’ payment and personal data, and abuse API while imitating human behavior. The analysis revealed that Selenium, PhantomJS, and Headless Chrome are the three most frequently used tools in bot attacks that cybercriminals use to imitate user actions for credential stuffing or brute-force purposes. The fact all three are legitimate instruments, makes it hard for traditional fraud detection solutions to spot them. Preventive Proxy offers smart protection against all types of bot attacks and can be either deployed in web or mobile app infrastructure or used through Group-IB’s cloud.

“Smart” bot protection also uses behavioral analysis algorithms to detect malicious bot activity. Preventive Proxy examines user behavior to assess whether a human being or a bot is performing an action in the network. The solution collects browser, app, and device parameters, preventing the real user session from being re-used by malicious bots. Preventive Proxy does not block requests from trusted sources or legitimate bots.

Group-IB reports that up to 60% of bad bot activity is attributed to credential stuffing (attacks leveraging stolen credentials). The share of web scraping attacks (i.e. using bots to extract content and data from website pages) is 30%. The remaining 10% covers other types of fraud involving bots.

Media Contact:
Group-IB PR team
+31 6 225-080-98