iovation Launches Passwordless Security for Consumer-Facing Websites

PORTLAND, OR and SAN FRANCISCO, CA--(Marketwired - Feb 29, 2016) - iovation, the provider of device intelligence for authentication and fraud prevention, today launched its new Customer Authentication service that allows consumer-facing websites to enhance security while streamlining and improving the customer experience. The easy-to-integrate device authentication service eliminates friction by allowing consumers with "known devices" to bypass passwords and immediately access relatively low-risk but still confidential sections of their online accounts -- like account balances, shopping records and activity histories. If needed, iovation's device authentication triggers stronger "step-up" authentications like one-time passwords for higher risk actions like user and account changes, money transfers, or purchases.

"If the first generation of Internet security was about finding holes and the second was about patching them to keep the bad guys out, the third generation -- especially for consumer sites -- is about striking a balance between fraud prevention and customer experience," said Scott Olson, vice president of product at iovation. "Advanced authentication technologies fingerprint devices of any type with astonishing accuracy, which helps information security teams enable and accelerate commerce and defeat identity-masking hackers while keeping real consumers in the fast lane."

iovation's newest authentication service incorporates "fuzzy logic" algorithms that flexibly accommodate updates and minor changes -- like fonts or colors that are added by new apps, or normal updates of browser or firmware versions -- to maintain accuracy even as devices evolve. Unlike competing algorithms that use only cookies or IP addresses or rely on algorithms depending on exact matches, the new Customer Authentication service offers greater elasticity for fewer false negatives while still identifying key device characteristics. This kind of SaaS-based device authentication is the first step along the road to "continuous authentication" that will validate not only logins, but still prevent man-in the-middle, man-in-the-browser and spoofing attacks at any point during a customer's session.

The new authentication service is built on iovation's 12 years of research in device identification and fraud prevention. It leverages iovation's intelligence about the behavior of more than three billion known devices to provide instant risk-based, real-time checks against devices attempting to access new areas of a site. Some of the world's largest financial services companies are already using the new service to quickly improve customer-centric workflows while maintaining the most advanced security practices.

"The usefulness of the username and password as a security mechanism is long behind us, thanks to the tendency of consumers to use the same passwords across all of their online relationships and the vast number of database breaches where credentials are compromised," said Julie Conroy, research director at Aite Group. "As a result, account takeover is rapidly rising for banks and e-commerce sites alike. Advanced authentication will address this through a number of emerging technologies -- adaptive, continuous, contextual, behavioral and risk-based authentication. But device-based authentication is a lynch-pin that can serve as the first line of defense, while also improving the customer experience."

iovation's Customer Authentication service provides an end-to-end solution encompassing both authentication and fraud prevention providing strong protection against account takeover while adding minimal friction to the login process. Pricing is based on use volume. For more information, go to iovation.com/authentication, sign up for our March 22nd webinar, "Authentifusion: Clarifying the Future of User Authentication," or visit iovation at booth #5014 at the RSA Conference.

About iovation
iovation protects online businesses and their end users against fraud and abuse, and identifies trustworthy customers through a combination of advanced device identification, shared device reputation, device-based authentication and real-time risk evaluation. More than 3,500 fraud managers representing global retail, financial services, insurance, social network, gaming and other companies leverage iovation's database of billions of Internet devices and the relationships between them to determine the level of risk associated with online transactions. The company's device reputation database is the world's largest, used to protect 15 million transactions and stop an average of 300,000 fraudulent activities every day. The world's foremost fraud experts share intelligence, cybercrime tips and online fraud prevention techniques in iovation's Fraud Force Community, an exclusive virtual crime-fighting network. For more information, visit iovation.com.