The Business Case for Transmit Security, Part 3 - Fraud Reduction

Over the past two decades, new identity-related capabilities have been integrated directly into the applications they served. The application code decides when various capabilities are called and how they are used. Any changes or updates to the identity capabilities require code changes in the applications. Any changes or additions to the user journeys in each application also require coding. And of course, every code change requires extensive review and testing for validation and protection against errors and oversights.

Today, a typical (and highly simplified) identity management architecture in a large company looks something like this.

Here, any application that requires an identity-related function connects directly to that function. Most organizations now have hundreds (if not thousands) of integration points in their identity architecture. These organizations are burdened with orchestrating all identity-related tasks through this hardcoded, point-to-point integrated mess. This approach causes organizations to pay a heavy price – the infrastructure is inflexible, and changes take forever.

From Months to Hours

One of the fundamental benefits of the Transmit platform lies in abstracting all risk and identity related functions away from the applications and then providing easy graphical tools to design and implement needed changes. This virtually eliminates the need for coding within applications, which slashes the time and resources traditionally required for identity and risk related development projects.

We had supported … roughly 100,000 lines of code between UI and service orchestration. We were able to eliminate 60,000 lines of code with Transmit.

Rob Davis

The dynamic nature of identity authentication and fraud detection requires institutions to continuously adapt to ongoing and seemingly perpetual changes in the market. The changes may include adding new identity capabilities, reacting to new business and regulatory requirements, or reacting to new security risks and fraud vectors.

After the initial implementation of the Transmit platform, clients find that changes can be made in hours or days vs. the weeks and months traditionally required. A new authenticator that would traditionally require several months of effort to deploy may be implemented in less than a week with Transmit. Moreover, the Transmit platform virtually eliminates the need for vendor professional services often required to modify identity or risk systems. Everything can be configured by the client using the Journey Editor.

Being a large organization, it takes a long time for us to put something in and to take something out. It was an 18-month cycle unfortunately. So, [using Transmit] they’re able to put it in easily – flip a switch to turn it on or turn it off.

Emily Ricketts
Wells Fargo

Previously, we had to create a new control for one of our applications and it took us about 3 to 5 months to develop, test and roll out. [With Transmit] it literally took us 4 hours to do the same control.

Rob Davis

Slash IT Development Time and Costs

Transmit Security has helped some of the largest global companies transform their identity management capabilities. The vast majority of Transmit’s clients reduce IT development costs for identity-related projects by over 90%. Transmit’s platform can support virtually any identity-related use case across the organization.

To summarize, Transmit customers find the following benefits:

Slash Internal Development Costs

  • Software development lifecycle costs for new identity projects and for every time there is a new business/regulatory requirement, security risk or fraud vector
  • Additional application coding after the initial implementation for updates, error correction and integration to related systems
  • Ongoing maintenance and management of home-grown solutions
  • Application and integration testing for code changes

Accelerate Project Timelines

  • Up to 100x faster speed to market due to coding elimination
  • Compresses customer identity project roadmap into use cases that can be delivered and accelerated

Transmit is a very agile way to seamlessly and continuously strengthen our authentication. The software allows us to continuously build new mechanisms to authenticate without having to go in and rip apart what we’ve done previously.

Rizwan Khalfan
TD Bank

Technology Consolidation and Elimination

The growth of digital channels forced organizations to implement identity and risk solutions to combat the fraud and cyber risks that have persistently targeted these channels. Unfortunately, deployments of identity and risk technologies involved very little long-term planning and no vision for a future-state structure. This is not meant to be a slight to internal development and IT architecture teams; the rapid proliferation of digital channels and digital access, along with the dynamic nature of cyberfraud techniques means that change is constant and long-term planning is challenging, if not impossible.

A typical (and highly simplified) identity management architecture in a large company looks something like this. As shown on the bottom of this chart, multiple (often overlapping) identity and risk capabilities are used to support applications across lines of business.

Unfortunately, the piecemeal implementation of identity and risk technologies by business line and department needs has resulted in organizations supporting multiple similar technologies, sometimes from different vendors and sometimes internally developed. Each time an application required a certain identity or risk capability, it was put out to bid or internally built. Then, the application needing the capability would be coded to call the technology at the appropriate time to perform a certain function.

Because any of the identity and risk functions may be coded into several applications in several places, replacing the technologies requires a monumental planning, programming, testing and compliance effort. Even simple identity and risk technology platform updates can involve accessing and modifying code for multiple applications across the enterprise.

Being a large organization, it takes a long time for us to put something in and to take something out. It’s an 18-month cycle, unfortunately. So, they’re able to put it in easily – flip a switch to turn it on or turn it off.

Emily Ricketts

Configuring vs. Coding

By abstracting identity and risk functions away from the applications, Transmit Security eliminates the need to modify code in the applications when changes are required, or new technologies are introduced. Modifications are fast, less internal cross-vendor expertise is required and seldom are vendor professional services engaged. Institutions become better positioned to consolidate similar technologies and reduce their vendor footprint.

Transmit Security’s Platform is vendor agnostic – virtually any internal or 3rd party service can be connected and then configured within the platform. Clients can initially deploy the Transmit Platform using all or parts of their existing technology stack and then easily migrate to Transmit or other 3rd party identity and risk technologies.

Transmit provides several identity and risk technologies out of the box, which allow clients to [optionally] replace expensive, and often antiquated, third party solutions to eliminate the need for ongoing internal and vendor support. Clients quickly recognize the technological advantages and the significant cost savings involved and begin strategically replacing their outdated and expensive identity and risk capabilities.

For example, Transmit’s platform has been used to replace:

  • Risk engine vendors
  • One-time passcode vendors/ internally developed approaches
  • Biometric and handset biometric support vendors
  • Device risk detection vendors (to detect jailbreak, rooted, and other risk indicators)
  • Soft token vendors

To summarize, Transmit customers realize the following benefits:

  • Reduce or eliminate direct vendor costs
    • Annual vendor licensing fees
    • Ongoing and ad-hoc professional services fees
  • Reduce or eliminate internal cost for supporting vendor solutions
    • Development and testing for vendor platform changes, as well as changes to integrated systems
    • System resources required for application and integration testing
    • Ongoing vendor management overhead, including the time required to schedule and coordinate vendor, internal and other 3rd party resources

Fraud Reduction

Beyond the sizable reductions in development and technology costs, the Transmit platform provides unprecedented fraud management capabilities due to the tight integration between risk assessment, authentication and authorization across the organization. Transmit’s Continuous Adaptive Risk approach to risk continuously monitors and synthesizes suspicious activities across channels and applications. Moreover, organizations gain the unprecedented ability to rapidly adjust defenses and controls to stay ahead of evolving threats.

The enhanced visibility into user transactions and behavior across all interaction channels delivered by the Transmit platform allows for full cross-channel fraud detection and prevention.  Third-party authentication and fraud detection solutions can be easily integrated into the Transmit platform without the need to write custom code into applications. Built-in authenticators allow organizations to replace (or augment) older authentication modalities, such as passwords and knowledge-based authentication (KBA) with more secure approaches, such as biometrics and other mobile-centric methods.

Transmit’s platform essentially decouples the authentication process from the user application so that identity-related changes can be implemented quickly and simply without having to touch application code. New authenticators can be introduced or modified, risk levels can be adjusted, new risk indicators can be introduced, all without making any code changes to user-facing applications and without the need to re-publish the applications.

Transmit Security Continuous Adaptive Risk uniquely and fully operationalizes Gartner’s Continuous Adaptive Risk and Trust Assessment (CARTA) model by monitoring and orchestrating suspicious activity across channels and applications and dynamically enforcing authentication and authorization actions without the need to write custom code into applications.  Transmit includes a set of run-time built-in tools to look for risk indicators such as abnormal user behavior, device anomalies, failed authentication attempts, and suspicious user activity. Built-in connectors to third-party risk detection solutions and can orchestrate the outputs with Transmit’s built-in risk scores and assessment tools.

Risk assessment results are configured to automatically drive authentication and authorization actions in any channel and application.  This sharply reduces the need for broadly blocking suspicious transactions or delaying a transaction while it is sent for manual review.  User experience is greatly enhanced and fewer internal resources are required.

The agility provided by Transmit’s platform allows clients to immediately react to attack and market changes.  Agility is enabled by decoupling the authentication process from the application so that identity-related changes can be implemented quickly and simply without having to touch application code. Risk indicators, authorization rules and authentication can be modified and orchestrated in any way you choose.

Previously, we had to create a new control for one of our applications and it took us about 3 to 5 months to develop, test and roll out. [With Transmit] it literally took us 4 hours to do the same control.

Rob Davis

Transmit customers find the following benefits related to more agile fraud management:

Cut Fraud Detection Costs

  • Reduce alerts, particularly false-positive alerts, thereby reducing resources required for manual review
  • Eliminate the need for application coding for updates, error correction and integration to related systems
  • Replace antiquated, expensive authenticators to cut costs while improving protections

Cut Fraud Losses

  • Quickly react to changing attack vectors and newly discovered weaknesses in current protection approach
  • Reduce loss exposure reduced due to tightly integrated fraud detection, authentication and authorization
  • Eliminate weak, outdated authentication approaches to reduce loss exposure