Every mobile device has a unique identification number. This device ID can be used for various purposes. Website operators can use it to track and analyze the activities of individual users. This is not only used to identify usage problems or to display personalized advertising, but also to protect the company from attacks, attempted fraud and espionage.
Ultimately, device identification tools can increase security in 9 different ways. Roman Borovits, Senior Systems Engineer at F5, explains how companies can expose fraud, cyberattacks and other suspicious activity.
1. Detect attackers, fraudsters and bots
With the help of the unique device ID, it is possible to see how many accounts each device is registered with. On average, only one in 1.000 legitimate devices accesses more than three accounts - and only one in 10.000 accesses more than 10 accounts. So if a device is accessing more than three or even more than 10 accounts, it is likely an attack.
2. Let known legitimate users through
If repeat customers experience difficulty signing up, they may become frustrated and give up. This leads to lost business and lost revenue. Recognizing known legitimate users through the device ID reduces the hurdles to log in so that they can access the website faster and more reliably.
3. VPN can no longer deceive
Forging IP addresses is one of the oldest tricks used by cyber criminals. You can easily deceive IP-based identification systems via VPNs - high-quality device identifiers that examine a large number of data points, on the other hand, cannot.
4. Detect proxy networks
Cyber criminals also use proxy networks to hide their identities. A reliable and unique device identifier reveals this obfuscation tactic. This enables companies to determine if a device is visiting their website from many different IP addresses using proxy networks.
5. Measure the number of transactions
When a device is making an unusually high number of transactions, it is rarely legitimate. By checking the number of transactions per device and time, an organization can discover suspicious or malicious activity.
6. Check the number of devices used
Most legitimate users only use a few devices to access a website - a cell phone, tablet, and maybe a computer or two. If a user accesses their account on a large number of different devices, it indicates fraud.
7. Spoofing the environment
Legitimate users also update their browsers or switch devices - but not too often. Having many user agents on a single device means that an attacker is probably doing environment spoofing.
8. Session hijacking
Some attackers hijack sessions from legitimate users. If many unique device identifiers are observed in one session, it is likely malicious activity such as man-in-the-browser (MitB) attacks.
9. Problems with login / credential stuffing
Every corporate website has an average percentage of successful and unsuccessful logins via password entry or multifactor authentication. Calculating this average per device over a longer period of time shows significant fluctuations, either due to problems logging in for legitimate users or credential stuffing by attackers and fraudsters.
More on this at F5.com
Via F5 Networks F5 (NASDAQ: FFIV) gives the world's largest companies, service providers, government agencies and consumer brands the freedom to deliver any app securely, anywhere, with confidence. F5 offers cloud and security solutions that enable companies to use the infrastructure they choose without compromising speed and control. Please visit f5.com for more information. You can also visit us on LinkedIn and Facebook for more information about F5, its partners and technologies.