As we move more of our daily activities and the services we consume online, the threat of fraud grows, and the risks become greater. Data suggests the majority of organizations are already detecting a rise in online fraud. In a recent survey of senior risk executives, 67 percent said that their companies have experienced external fraud in the past 12 months, while 38 percent expect the risk of fraud committed by external perpetrators to increase somewhat in the next year.
Imperva’s Web Application and API Protection (WAAP) provide best-of-breed solutions to help prevent online fraud; Advanced Bot Protection and Account Takeover Protection prevent automated fraud and Client-Side Protection stops website-supply chain fraud.
With our latest features release, which includes new functionality being added to all three of the above mentioned products, we are expanding on our online fraud prevention capability:
- Zero-Day Leaked Credentials Detection: Data breaches involving leaked credentials have a direct correlation with account takeover attacks. Bad actors often use bots to leverage newly compromised credentials from data breaches for credential stuffing attacks and account takeover, as they are more likely to still be active, increasing the probability of compromising user accounts. In the past, we have seen account takeover attacks spike 300 percent following major data breaches. The ease at which dumps of leaked credentials from data breaches can be obtained online, combined with the ease of renting bot infrastructure to automate an attack has made this a risk that organizations can’t afford to ignore. Today, it seems as if we’re hearing about a new data breach every day. In 2021 alone, it is estimated that over 6 billion credentials were leaked online and compromised.This is why we strongly believe that providing customers with visibility into which of their users’ credentials have been leaked online is a key component in preventing account takeover fraud. Our latest release includes Zero-Day Leaked Credentials Detection with our Account Takeover Protection solution. This feature enables even faster detection of leaked credentials used by hackers following a data breach. Armed with information about their users who are at risk of an impending account takeover, customers can choose to proactively reset users’ passwords or reach out to them asking to do so to reduce the risk of fraudulent activity within compromised customer accounts.
- User-Behavior Anomaly Detection: We understand the complexity fraud teams face when looking for fraudulent activity on accounts and identifying which ones have been compromised. As online fraud becomes more lucrative for bad actors, the techniques they use will get more sophisticated and difficult to detect. The newly added User-Behavior Anomaly Detection feature provides security practitioners with a list of accounts where anomalous behavior was detected, along with a description of the policy-violating behavior. The customer (security practitioner) can share this info with their fraud team and provide them with concrete evidence of potential fraud or abuse.This feature significantly improves security and fraud teams’ ability to investigate whether fraudulent transactions or activities occurred on compromised accounts. They can then reset users’ passwords when needed, which will result in the prevention of additional fraud occurring on the account.
- Account Takeover Protection Financial Aggregator Detection: Account Takeover Protection makes protecting our customers and their users the top priority, but we needed to build a smarter solution that enables security practitioners to make exceptions for which login requests count as attacks. One such exception is Financial Account Aggregators. A Financial Aggregator is a service provider that consolidates information from multiple financial accounts into a single platform, enabling a holistic view of personal finances.For data collection from all these various financial sources to be possible, the financial aggregator makes automated requests to the users’ financial accounts. These automated requests are perceived as threats by ATO solutions which deny the requests from going through (better safe than sorry, right?). Yet in this very unique case, it is actually preventing users that utilize financial aggregators from getting their financial data all in one place. That is why we are enhancing our ability to detect financial aggregators within Account Takeover Protection. To ensure this new capability isn’t exploited, we are providing customers with full visibility into which aggregators have logged in, when they logged in, which usernames were used and the status of the credentials used by the aggregator (whether they have been leaked or not).
- Client-Side Protection Out-of-the-Box and Advanced Blocking: Since its launch back in 2020, Client-Side Protection (CSP) has been helping customers prevent website supply-chain fraud from compromised third-party JavaScript code. Imperva customers are thrilled with the solution, and exceptional adoption rates bear this out. In this release, we have made further improvements that ensure CSP remains the most advanced solution in the market.Right out-of-the-box, Client-Side Protection will now automatically block known malicious domains. This will significantly reduce the time security practitioners must spend manually configuring the solution. In addition to that, we are adding the ability for customers to use a negative security model, as opposed to a positive security model, so they can quickly block malicious JavaScript as soon as they discover it. This provides security practitioners with more visibility, granularity and control over the JavaScript services that can get data from their applications. Finally, we added the ability for customers to block undesired Google Analytics IDs that are obtaining customer data. This helps ensure customer data doesn’t end up in the wrong hands.
- Client-Side Protection Isolated Enforcement: Maintaining a strong security posture should not come at the cost of risking application integrity or user experience. With this new release, we added the ability to turn on enforce mode and advanced blocking for specific IPs or paths, as opposed to the entire website. This new capability enables customers to create a controlled testing environment for their blocking settings on a specific asset before applying it to an entire website, eliminating the risk of accidentally breaking the application.
- Client-Side Protection Terraform Support: Terraform is an infrastructure-as-code tool that enables users to build, change, and version cloud and on-premises resources safely and efficiently. Users can define both cloud and on-premises resources in human-readable configuration files that they can version, reuse, and share. Adding support for Terraform saves users’ time and represents another step towards automation. In addition, it will enable customers within industries that are required to use Terraform by regulation to use CSP.
- Advanced Bot Protection Biometrics Collection: Mobile browsing accounts for a little over a half of web traffic worldwide, and bad bots are following suit. According to the 2022 Imperva Bad Bot Report, over a third of bad bots use mobile browsers as disguise. This is just one example of the growing sophistication and persistence of bad bots, as their operators continuously tweak them in an attempt to evade detection. For this reason, deterring attackers by increasing the costs of attacks is an essential capability in the ongoing fight against bad bots. To further improve upon this capability, we are introducing the next level of user verification to Advanced Bot Protection’s Mobile SDK and web, through Biometrics Collection. This feature leverages the user’s movement and other attributes, as a way to verify their identity. Since each individual has their own unique features, this method of authentication adds an additional, highly advanced layer to Imperva’s detection model. This makes it much more complex for bot operators to bypass, enabling Imperva customers to detect and deter even more bad bots than before.
- Advanced Bot Protection Improvements: Imperva’s market leading Advanced Bot Protection solution is delivering an even better user experience, with easier onboarding and more out-of-the-box functionalities:
- Enhanced onboarding experience that provides users with more guidance like best practices and how to best configure their mitigation strategies.
- New out-of-the-box reports, like CAPTCHA details report and report for executives.
- New mitigation options, like tarpit and delay.
Imperva online fraud prevention
Imperva helps organizations prevent online fraud from bot and client-side attacks by providing clear visibility with actionable insights into bot traffic and third-party JavaScript code, adding meaningful context for fraud investigation, all while maintaining a seamless customer experience. Combining a holistic approach, vigilant service, superior technology, and industry expertise, Imperva is your ally in the fight against automated and client-side fraud.
- Advanced Bot Protection protects websites, mobile apps and APIs from automated fraud without affecting your legitimate users.
- Account Takeover Protection proactively blocks account based fraud and allows you to inform consumers before they are victimized.
- Client-Side Protection prevents online fraud from website supply chain attacks like formjacking, digital skimming, and Magecart.
Try Imperva for Free
Protect your business for 30 days on Imperva.