It's important for financial services institutions and retailers to take an intelligence-based approach in the battle against bots, and automatically discover all application endpoints – API-based, web, mobile. That visibility lets them protect applications from automated bot attacks:
For example, an AI-based, out-of-band approach is developer-friendly, and it eliminates JavaScript and mobile SDK instrumentation penalties such as application deployment delays caused by QA and App Store validation cycles; potential security gaps across application versions/channels including web, mobile and API-based; and user dissatisfaction from slow page loads.
Automatic and continuous application discovery and visibility is also helpful. An intelligent AI-based approach automatically discovers all applications, both current and newly deployed/updated, giving them visibility and the power to immediately turn knowledge into policy actions.
And an open, extensible platform is crucial to quickly discover and prevent automated attacks, and also to be able to immediately import these findings to their existing security infrastructure for log analysis and reporting.
Financial services firms e-commerce can win the battle against automated attacks on their mobile applications, and now more than ever, it’s imperative they take steps to do so.
The LexisNexis "2018 Cost of Retail Fraud" reported that every $1 lost to fraud resulted in an expense of $2.94, a 24% year-over-year increase. Identity theft and synthetic identities (account takeovers) represented a whopping 39% of fraud costs. Harder to measure impacts were loyalty program participant dissatisfaction and damage to their brand.
In most customer environments, there is a reluctance to blacklist large blocks of residential IP addresses (often owned by Bulletproof Proxy vendors) because there is always a possibility a legitimate customer is blocked, resulting in a false positive and an unhappy customer.
In reality, what are the chances of a false positive occurring? When the data shows that the IP address is known to generate ONLY malicious traffic and has never generated any legitimate traffic, the case for blocking becomes more powerful and the chance of a false positive are low. Without visibility into this level of detail, it is impossible for to make an educated decision, so the traffic is typically allowed.
