New Algorithm to Invisibly Protect SaaS Users

11 April 2016

ThisData Releases New Algorithm to Invisibly Protect SaaS Users

ThisData is pleased to announce the release of a new risk-scoring algorithm that will reduce the number of login anomaly alerts generated by a factor of ten.

ThisData provides login intelligence to the Software as a Service (SaaS) industry to help identify fraudulent activity on a user’s account, by monitoring how a user typically accesses the service and alerting on login anomalies.

ThisData founder Rich Chetwynd says the new algorithm means ThisData can now add in a number of new factors to the service.

“The new approach still takes into account things like a user’s known browsers, devices, locations, and velocity between event locations but we now have the ability to introduce a number of new vectors. First off the rank is a check against high risk IP addresses and TOR exit nodes.”

TOR is the browser that hides a user’s location by bouncing the connection around through a number of secure access points. ThisData now monitors for TOR exit nodes - where the connection emerges back into the legitimate internet - as a way of ensuring unauthorised access to data is flagged in real time.

“A large number of TOR users are clearly doing so for suspicious reasons. Recent data suggests a large percentage are using TOR maliciously and we want to make sure ThisData customers are protected in that scenario.” says Chetwynd.

As more customers use ThisData’s service the wealth of understanding about how users connect with SaaS services in the real world will increase and be applied to all ThisData customers.

“By having more data points in our decision making we’re able to remove many alerts that we considered as false positives.” Fewer false positives means the end user is less likely to be interrupted in their use of the service they have signed up to use.

“Our goal is to remove the end user from the security equation as much as possible. We believe that end users should be protected, but that protection shouldn’t add friction to their use of services.” Passwords, two-factor authentication, and most other forms of security all require the end user to have an active involvement in their security protocols. For many users, that’s a step too far.”

“That’s when we see weak passwords or two-factor authentication (2FA) not being enabled at all. With ThisData we passively and invisibly monitor the end users’ use of the service and if something abnormal occurs - like a new browser is detected or the user suddenly logs in from different country - we can alert them to the potential breach.”

ThisData customers don’t have to make any changes to their setup. The new algorithm is applied automatically to their applications.

ENDS

About ThisData

ThisData is a private venture backed company leading the way in login intelligence.

www.thisdata.com

© Scoop Media