ThreatMark

ThreatMark s.r.o. is a fraud preventions service company (FPaaS) that provides real-time recognition of legitimate customers solutions.

 

ThreatMark protects against:

  • Financial Malware: New, 0-day malware attacks using web injection techniques, data tampering and automated fraud schemes are detected within hours. Man-in-The-Middle, Man-in-The-Browser or RAT-in-The-Browser threats are not only detected but also mitigated.
  • Account Takeover: Our unique concept of Biometry-augmented continuous adaptive re-authentication (BACArA) using futuristic mouse movement monitoring and keystroke dynamics methods as well as more traditional approach employing session parameters change monitoring are the most important for successful detection of fraudulent access which is a key to transaction fraud detection.
  • Session Stealing: Whether its user’s active authenticated session being transferred to attacker’s computer or remote access Trojan used to impersonate legitimate user our solution is able to detect such attempts in a real time. All sessions that have been tampered with are clearly marked and scored so that any transaction, withdrawal or helpdesk request initiated by this session will be scrutinized by security or fraud department.
  • Phishing: Phishing attacks are detected in multiple stages from phishing site creation and publishing (onpage probes) through attack execution (using network of specialized honeypots) to Phished credentials misuse attempts. Phished users (victims) as well as Phishing attackers are identified and reported.
  • Social Engineering: Known Social Engineering fraud schemes using friends trusted relationship on social networks, phishing campaigns, polluted search results, scams etc. as well as new currently unknown attacks often lead to credentials abuse by a fraudster. We can detect such abuse and stop the fraud.
  • Fraudulent Transactions: Even if our other Digital Identity Sensing (DIS) methods fail to tell whether your application is used by a fraudster or legitimate user nothing is lost. No matter if it is password change or transaction being issued our AI based active operations anomaly detection mechanism supported by user-defined rules will kick in and raise a scored flag to tell you whether any fraud is being committed.
  • Web Hacking: Hard to catch business logic bypass, application misuse attempts and scraping as well as notorious SQL injection and Cross Site Scripting attacks are covered.
  • Insecure Configuration: Complete information about all user devices including insecure software and browser plugins installed, networks the application is accessed from and anonymization techniques being used.