Easy Solutions: A Holistic Approach to Protecting against Today and Tomorrow’s Fraud

Ricardo Villadiego, Founder & CEO The massive Target credit card breach continues to make headlines as lawsuits get filed, and lawmakers try to unsuccessfully engineer legislation to prevent this situation from occurring again. However, the million dollar question is about the whereabouts of the 40 million compromised credit cards, the ways they were packaged and sold, and the nature of these markets.

To understand this piece of the puzzle, Easy Solutions, the only security vendor focused on the comprehensive detection and prevention of electronic fraud across all devices, channels and clouds, studies credit card black markets in-depth.

“Criminals continue to improve the quality of these sites, making it easier for the end-buyers to target their usage of these cards,” said Ricardo Villadiego, CEO of Easy Solutions.“Banks and other Financial institutions are fighting an asymmetrical war against these highly-organized, well-run markets. Compromise of these cards is inevitable. In understanding these black markets, our goal is to provide organizations the ability to rapidly identify the cards that are compromised and reduce the time to containment or replacement. This way, organizations can better protect themselves and their end-customers from increasingly sophisticated fraud.”

To keep tabs on the threat creators, Villadiego and his team of experts, continuously monitor these illicit marketplaces, as part of their Total Fraud Protection platform. Easy Solutions delivers this platform to more than 200 leading enterprises and financial institutions worldwide, protecting their end-users against phishing, pharming, malware, Man-in-the-Middle and Man-in-the-Browser attacks, and providing multifactor authentication and transaction anomaly detection.

The Evolution of The Threat Landscape

Fighting fraud is and has been difficult. The threat landscape is constantly evolving, and customers that do not adapt to new and effective solutions to fight it soon find themselves attractive targets for cybercriminals. While traditional attacks such as phishing pharming, Man-in-the-Middle (MITM) and Man-in-the-Browser (MITB) attacks continue to increase, criminals are also becoming more strategic about launching attacks that compromise multiple transactional channels.

To complicate matters, there has been a malware explosion over the past few years. Malware targeting mobile devices alone, which are quickly gaining traction as a preferred banking channel, rose 614 percent in the past year. Research suggests that 49 percent of smartphone owners have accessed a bank account via their mobile device, leaving organizations that failed to adequately prepare for the rise in this new channel scrambling for solutions.

Because of this ever-changing threat environment, both in terms of new attack methods and transaction capabilities across different devices, it is important to employ a fraud solution that can equally adapt to these changes. That is exactly what Easy Solutions has developed.

The Easy “Total Fraud Protection® Platform”

The holistic solution was developed by Villadiego with the understanding that at their most basic level, all attacks have three phases to them: planning, launching, and cashing. These stages make up the fraud lifecycle, and every criminal must go through each in order to successfully perpetrate fraud.
The good news for financial institutions, retailers and consumers is that at each stage of an attack there are fingerprints, and solutions to monitor each stage exist.

The Planning Stage is where the initial investigation by a cybercriminal into online vulnerabilities begins, and typically involves gathering intelligence, such as web page scraping, to understand how they can best impersonate an organization.

The second is the Launching Stage, which involves theft of user credentials to gain unauthorized access to accounts. Traditional methods include phishing and pharming, though stealing a credit card is also sometimes sufficient. At this stage, no cash has actually been removed, but the criminal now has access to conduct their activity.

The third is the Cashing Stage, where the actual accessing of an account and the removal of funds takes place. This can be carried out through money transfers, often employing unsuspecting money mules, or through other methods such as coordinated mass ATM withdrawals.

Villadiego and his team realized that when viewed through the lens of the attack lifecycle, managing fraud seems fairly straightforward. However, Villadiego was conscious of the fact that while there are many popular methods for monitoring certain stages of an attack, relying on catching fraud at just one stage is a strategy doomed to failure. Successful strategies must focus on each stage of the attack, and more importantly, be able to share data and work together across the entire fraud lifecycle.

Villadiego and his team came up with a multi-layered strategy, and aptly called it the “Total Fraud Protection” strategy. This is a onestop- shop for end-to-end fraud protection, leveraging data and intelligence across its layers to ensure reliable risk management in an ever changing fraud environment. The flexible components of this solution can also be deployed individually to shore up legacy systems and other fraud protection initiatives.

The Reason behind The Multi- Layered Security Strategy

Security and fraud analysts agree that multiple layers of fraud protection are the only way to ensure robust electronic security. Easy Solutions Total Fraud Protection portfolio addresses fraud at each stage of the lifecycle, delivering the greatest chance of shutting down fraud.

Addressing the Planning Stage:

Easy Solutions’ Detect Monitoring Service (DMS) provides proactive Web Fraud detection and takedown services, through a cloud-based management portal. It includes real-time monitoring of phishing, pharming and social media sites, to address this first stage of the fraud lifecycle.

Addressing the Launching Stage:

Easy Solutions’ Detect Safe Browsing (DSB) offering protects end-user devices from advanced fraud, gains visibility into the threat environment and blocks those threats at the source. The company’s DetectID authentication offering leverages threat visibility and transaction risk scoring via flexible authentication factors across all channels. The combination reduces the chances that credentials will actually be stolen, and that criminals will be successful at this planning stage.

Addressing the Cashing Stage:

The final piece of the puzzle is DetectTA, Easy Solutions’ Transaction Anomaly Detection offering, which provides multi-channel and cross-channel transaction visibility with real-time identification of risky transactions. It validates transactions in real time through integration with DetectID, reducing the risk of success at the cashing stage.
There is no silver bullet to preventing fraud. It takes a multilayered approach, spread across all layers of customer interaction. This should include a variety of solutions that systematically seek to thwart fraud and share data across all transaction channels at every stage of the fraud attack lifecycle. This approach allows for fraud to be prevented in a truly proactive way, before attacks are even launched, therefore minimizing the crime's impact and losses.

Each component is flexible enough to be deployed individually to shore up legacy systems or other fraud protection initiatives, though works best when deployed as a holistic and complete solution. Total Fraud Protection allows organizations to balance the equilibrium between security and implementation costs, allowing them to continuously build and improve their own customized fraud protection.

Most importantly, Total Fraud Protection ensures that organizations are best prepared to adapt and manage risk in the changing fraud environment. The Total Fraud Protection vision has proven to be the most effective way to prevent fraud, based on the belief that there is no one-size-fits-all solution to the various and constantly evolving forms of electronic fraud.

Gaining Popularity Amongst The Tech Circles

The name “Easy Solutions” has become very familiar amongst tech circles and has been recognized in the media for offering exceptional products and services to financial institutions and enterprises globally. Easy Solution’s ‘Detect TA’ was named an innovative, new product of the RSA Conference 2014. Also, the firm was cited as a “Visionary” in the 2013 Gartner Magic Quadrant for Web Fraud Detection, and CEO Villadiego was named as one of the Techweek’s 100 leaders. Easy Solutions has also been recognized as one of Inc.’s 500 fastest-growing private U.S. companies, and as a Red Herring’s Top 100 company.

"Successful strategies must focus on each stage of the attack, and be able to share data and work together across the entire fraud lifecycle"

A Positive Growth Curve

Over the years, the firm has expanded and strengthened its portfolio in various domains such as fraud intelligence, safe browsing, transaction monitoring, authentication, mobile fraud protection, cloud authentication, social media and black markets monitoring and many others. In 2013, Easy Solutions expanded their platform with innovative product offerings, to enable fraud protection for mobile end-users and enterprise web applications.

The company witnessed 80 percent subscription revenue growth in 2013, marking the best year-overyear growth rate since the company was founded. Easy Solutions is projecting another year of rapid growth, forecasting for 150 percent growth in 2014 as the company solidifies its expansion in North America and further expands in EMEA.

Today, the company serves more than 200 of the world’s leading financial institutions and enterprises and protects more than 50 million end-users. And the future is bright as Easy Solutions continues to innovate to keep pace with the newest trends and threats. It is bound to remain ahead of the competition and prevail as a trusted partner to enterprises and financial institutions around the world.

Easy Solutions

Sunrise, FL

Ricardo Villadiego, Founder & CEO

A security vendor focused on the comprehensive detection and prevention of electronic fraud across all devices, channels and clouds.