Risk Engine Orchestration
and New Fraud Prevention Techniques
Today, relying on a single fraud detection solution leaves organizations vulnerable. It is no longer sufficient, as fraudsters continue to become more sophisticated. They are increasingly going after the weak links in different channels and finding new ways of compromising customer accounts and manipulating transactions. Adding more fraud detection tools and feeds from different sources and vendors introduces challenges such as keeping a positive customer experience, keeping operational costs under control, and keeping a constant detection rate. An orchestration layer that takes them all together and produces a single fraud decision is required.
Identity Services Hub
Identity is a highly fragmented space with many tools and capabilities from different vendors: biometric authenticators, traditional authenticators, KYC tools, risk and fraud engines, behavioral tools, directories, device security, and more. Integrating each of these services into your systems and applications requires significant ongoing work. This work involves processing input and output from each of these services, building the various user journeys around these services, and dealing with exceptions, failures, and edge cases. With Transmit, this can be avoided. The Transmit Identity Services Hub includes built-in, secure connectors to dozens of third-party identity services, dozens of built-in services, and a flexible, secure plug-in architecture that allows you to add anything and everything. It’s a complete, secure abstraction layer between your applications and the entire identity ecosystem. It’s the only platform capable of securing client-side identity services such as authenticators and KYC tools and also the only platform that doesn’t require writing third-party specific code in your applications.
Over-the-Air Journeys is the technology that sets Transmit apart from all other vendors. Using Over-the-Air Journeys, application owners can use graphical tools and an orchestration language to design simple and complex user journeys that involve authorization, authentication, KYC, fraud prevention, regulatory requirements, and more. Once done, these journeys can be pushed "over the air" and played in any application that is connected to Transmit, without making any code changes to the application and without the need to re-publish the application. Over-the-Air Journeys consist of two main technologies - a Journey Player and an Orchestration Engine. The Journey Player is incorporated into your applications as an SDK and is responsible for playing the entire journey inside the application. The Journey Player works with the Transmit Orchestration Engine which orchestrates the journey and defines the next steps on either the client or server side.
Risk and Fraud Detection Services
Behavioral profiling capabilities are built into the platform. All you need to do is tell Transmit what to profile. The platform can automatically profile devices, locations, access times, activities, transactions, payments, and many other factors. Profiles are built over time per user and can be used to reach even better authentication and authorization decisions. The platform also includes machine learning for device identification to add trust in known user devices. One of the great advantages of Transmit around fraud prevention is the ability to orchestrate different engines and scores. Third-party fraud detection engines can be connected to the Identity Services Hub, and then, using simple graphical design tools, administrators can orchestrate the results coming out of these engines with the built-in Transmit profilers to build an uber risk score and drive different actions.
Risk-Based Authorization Services
The platform offers role-based access control (RBAC) and attribute-based access control (ABAC) services across all applications. The platform automatically collects device and environmental attributes—for example, location, device type, and connection type—and exposes them to the orchestration engine. The platform is capable of reading entitlements and risk indicators from multiple directories, databases, and engines at the same time (including a built-in entitlement engine). This information can be orchestrated at runtime to reach access decisions and to call for actions such as authenticating, blocking an activity, approving an activity, notifying of an activity, requesting authorization from multiple users across multiple devices, and signing transactions and user requests.
Risk-Based Authentication Services
Transmit provides a full set of authentication services to manage primary login, multi-factor, and step-up authentication across various applications and channels. The platform includes a large set of built-in authenticators such as OTPs, soft tokens, biometric authenticators, and knowledge-based authenticators. In addition, the platform can be used to manage any third-party authenticator or authentication service connected to the Identity Services Hub. Transmit’s authentication services manage the enrollment process for each authenticator and also tasks such as de-enrollment, re-enrollment, and expiry periods. The platform provides flexible ways of defining authentication levels and attaching them to different authenticators and journeys. The platform allows building rules for authentication failures across different authenticators and devices and taking various actions when thresholds are reached. Transmit is FIDO certified and can be used to manage any FIDO authenticator alongside non-FIDO authenticators.
Call Center and Application Risk Engine Orchestration
Risk engine orchestration is not limited to digital channels. The call center is another example of the strong need for risk engine orchestration. As organizations are adding various authentication and risk detection tools to the call center user journey, these tools need to be orchestrated to create a single view of the risk during the call. This risk may change during the call based on the feedback provided by the various tools, the authentication process the user went through, and the activities the user tries to perform during the call. Transmit can be used to orchestrate risk in the digital channel and the call center separately, but it can also be used to orchestrate risk across the various channels so that risk detected on the digital channel will be reflected in the overall scoring when the user calls the call center and vice versa.