When online payment services provider eMerchantPay was attacked with several fraudulent transactions recently, it was able to thwart them. Even so, the attack concerned the company and prompted it to seek out a stronger fraud prevention tool.

It turned to fraud prevention technology provider ThreatMetrix to help it better identify fraudulent transactions on its merchant clients’ sites. Using the ThreatMetrix Cybercrime Defender tool, eMerchantPay can detect and stop fraudulent transactions by analyzing the devices that connect to its clients’ web sites and looking for suspicious signs that may signal fraud. Among the platform’s features is TrustDefender ID, an Internet-based device identification application that uses shared intelligence from a global network of sites to spread word about compromised devices. The service also uses anti-malware software and provides up-to-the-minute fraud report updates.

It also can use proxy piercing, a technique that examines much more than the presented IP address of the shopper’s computer to determine if a proxy server is being used and to establish the true geographic location of the shopper’s IP address.  

“The ThreatMetrix proxy piercing is particularly useful as we see the real, actual ID of a device even if it is hidden behind several proxies,” says Yonni Roth, chief risk officer for eMerchantPay

The eMerchantPay risk team can also access a ThreatMetrix dashboard that shows it devices that have attempted to make purchases with multiple credit cards, when the same e-mail details have been used across many devices and other suspicious patterns.

After implementing ThreatMetrix, eMerchantPay says its clients’ chargeback rates dropped and it also was able to thwart a major attack. Recently, a criminal tried to attack eMerchantPay merchants using stolen credit card data. The attack was sophisticated as the transactions originated in countries that matched the addresses associated with the credit cards being used.  The criminal changed credit card details with each fraud attempt, but his time zone stayed constant. Using the ThreatMetrix tools and analytics platform, the eMerchantPay team was able to locate the fraudulent transactions and stop them before they were approved.