Recent advancements in technology have enabled improved detection of automated attacks. This has translated into a resetting of efforts for fraudsters, who are now leveraging tools and techniques to adapt. It is well known that fraudsters have mastered the arts of automation and impersonation to a point that makes it extremely difficult to differentiate a botnet attack from legitimate traffic. To help businesses fight and remediate these sophisticated attacks efficiently, Arkose Labs uses a distinctive feature called device intelligence that leverages the latest technologies.
Device intelligence is a blend of technologies including device fingerprinting and advanced machine learning models, among others. This coming together of technologies enables us to get more information about attributes such as the screen, CPU, web browser, memory, operating system that play an important role in defining common legitimate systems.
Matching device fingerprint with the device
To avoid detection, fraudsters usually resort to manipulating device parameters. But, with Arkose Labs’ device intelligence, they can no longer seek refuge in this manipulation, as it can successfully detect whether the device fingerprint matches with the device or not. This is done by leveraging the three main advantages of using advanced ML models as described below:
The use of advanced ML models enables continuous learning from the traffic and automating the tedious process of accurately identifying the legitimate ecosystem, which is also known as the ‘ground truth’.
Always up to date
The internet ecosystem that consists of hardware and software is constantly changing with leading technology companies continually introducing new versions of their products. It’s, therefore, nearly impossible to manually keep track of all these subtle evolutions that happen daily and adjust the rulesets accordingly. ML can automate this process to keep the detection engine up-to-date.
Business specific outcomes
Device Intelligence makes it easier to recognize common signatures seen between various customers in various conditions. These can be within an industry or specific to a given customer. It also helps optimize the detection engine according to the business partner’s business needs. For example, it is common and legitimate for a media or entertainment web site to receive traffic from a combination of mobile devices, laptops, and even smart TVs. Similarly, in gaming, we usually see the bulk of traffic emanating from game consoles (PlayStation, xBox). However, in the case of travel, e-commerce, or banking websites, it is both unusual and suspicious to receive traffic from say a smart TV or game consoles.
The diagram below illustrates this learning process at a higher level:
Deviation from the ground truth determines the complexity of challenge
When no match is found, it is a strong indication of fraudulent activity. At this stage, the detection engine leverages another Arkose Labs’ innovation: instead of declining all suspicious traffic by default, it dynamically decides on a challenge strategy, which is based on the extent of deviation of the session’s device signature from the ground truth. An anomalous session with a slight deviation will receive a simple challenge, whereas a session that deviates significantly from the ground truth will receive a complex challenge. This enables us to catch even the most impersonated bots without blocking any good user.
No trade-off between fraud defense and user experience
Device Intelligence is an important weapon in our armor to help businesses maintain the superior user experience they are known for. It allows businesses to pin down malicious users without meting out the same treatment for good users, who can enjoy their digital journey seamlessly.
To learn more about Arkose Lab’s Device Intelligence and how it can be a game-changer in fighting fraud while keeping user experience at the forefront, please book a demo now.