Enterprises around the world are facing complex and costly account takeover issues, ranging from funds in bank accounts to retail store membership points, to rare items in online games. Attackers are going to great lengths to seize these high-value digital assets.
The report from Forter indicates that by the end of 2019, account takeover fraud accounted for 16% of total fraud losses, and now this figure is still rising.
At the same time, as the network architecture of enterprises gradually extends to the edge, threats also spread to the edge endpoints. In this context, the vertical security framework is shifting to a horizontal and distributed architecture, which has become a new trend. How to use the security capabilities of edge architecture to deal with traditional and new network threats such as account fraud has also become a common concern for enterprises and manufacturers.
On July 1, 2021, AKamai announced the launch of a brand newAccount ProtectorThe solution is noteworthy for its use of proprietary behavioral analysis and reputation heuristic methods to extendAkamai Bot ManagerThe solution detects and prevents account takeover attacks initiated by human threat actors in real-time, without adding obstacles to legitimate users.
Account Protector: Risk and Trust Indicators Drive 'Anti-Fraud'
How does Account Protector achieve 'anti-fraud'? By analyzing the received requests, this solution can generate risk and trust indicators, and calculate the possibility that the user is a legitimate account owner or an imposter. Due to the application of machine learning technology, the analysis of subsequent login processes for the same set of credentials can be learned and self-tuned, which also allows legitimate account holders to access their accounts without unnecessary obstacles, while enhancing the security of their accounts.
Account Protector generates user session risk scores in real-time during the authentication process, this score combines the following factors:
User behavior overviewbased on the analysis of user behavior using signals such as previously observed location, network, device, and activity time, while ensuring compliance with data privacy laws and frameworks such as GDPR.
Demographic overviewproviding a behavioral view of the company's user set. Behavioral differences can be compared with the entire population to identify anomalies, even if individual users are logging in for the first time.
ReputationDatabased on observations of malicious activities throughout the network and corresponding IP addresses, such as signs of crawler program activities, a user connecting from multiple locations in a short period of time, attempts to access a large number of users, and a high proportion of failed login attempts. Akamai analyzes legitimate and malicious activities using clean and reliable data based on its massive activity database.
By executing these detections in real-time, Account Protector can take action on the edge platform and/or incorporate it into the existing defense system of the web application. With insights gained from risk scores, enterprises can also take action at the edge on requests, such as allowing, issuing warnings, blocking, etc. In addition, due to the real-time and historical reports on user behavior activities provided in the solution,Existing fraud tools can use these reports to gain a deeper understanding of user intentions and guide strategic planning.
It is reported that this solution is integrated into the Akamai Intelligent Edge Platform rather than being added to a specific point, so no modifications need to be made to the existing applications. This can also be understood as a lightweight and invisible 'update', which is quite friendly to many enterprises.
The elastic needs of edge security
Returning to the topic of edge security, Account Protector is a tool and solution under the edge security strategy. When enterprises consider why they need a secure edge computing platform strategy, they should actually realize that on the one hand, tools can improve trust and user satisfaction, reduce the burden of post-event remediation work, and on the other hand, the results of the tools help enterprises make better security decisions driven by data.
There is no universal panacea for security, but the necessary process for enterprise security's elastic adaptation is the optimization of pre-event defense and the rapid response and recovery after the event.
In the past, the network fraud market provided attackers with the most basic data and tools, so traditional attackers could only blindly try to access accounts using leaked passwords and emails, but could not confirm the value of the target account or more effective information. Therefore, even if they successfully hijack an account, it is not necessarily possible to imitate the account owner for fraud through intelligence.
Currently, data leaks are becoming increasingly common and massive, allowing attackers to form personal profiles of victims using a large amount of sensitive information, which also greatly increases the success rate of account fraud.
It is more appropriate to address security issues at the edge rather than dealing with them from the edge.
评论已关闭