Manage Aggregator Traffic
Aggregators provide value-added services that improve the overall customer experience for financial institutions (FIs). However, aggregators can use valid credentials to scrape compliant data and can be used as a vector for account takeover. FIs need a way to manage aggregator traffic and mitigate risk.
Many of the most damaging attacks – those which cost the most money, harm the greatest numbers of customers, and occur most often – leverage novel and emerging attack techniques. These attacks are powered by fake traffic: synthetic identities and the emulation
of real customers. The attackers simply walk in the front door of an application, pretending
to be real customers or prospects. These attack techniques bypass mainstream security
controls because they don’t require any coding flaws or vulnerabilities in an application; they
even work against correctly-coded applications that are part of a well-run, secure software
development lifecycle. As a result, telling real from fake online is one the biggest challenges
FIs face in today’s security environment.
Fake traffic to FI applications drives many forms of attacks, unwanted automation, fraud
and abuse.
| Fake Traffic Threat or Challenge | Business Impact |
| Credential stuffing | Credential stuffing attacks on web and mobile apps, APIs, and OFX lead to account takeover and new account creation fraud – and drive material fraud losses. Large-scale credential stuffing attacks also contribute to site performance issues and can even lead to site outages. |
| Unmanaged third-party Fintech apps | By default, user-enabled, third-party fintech tools log into FI apps as if they are actual users. Without proper visibility, management, and controls, these tools can create unnecessary application load and are also being used by cybercriminals as an attack vector to disguise credential stuffing attacks against FI apps. |
| Client-side maware attacks | Man-in-the-browser (MiTB) client-side malware can abuse Zelle and Interac systems to make fraudulent money transfers by hijacking legitimate user browser sessions. |
| Manual fraud | Fraudsters emulate real users in order to take over accounts or create fake new accounts. |
Why Distributed Cloud Aggregator Management?
Increased visibility
Establish a baseline to understand all traffic and label traffic as human, automated, or aggregator.
Attack prevention
Block attacks from malicious actors posing as legitimate aggregators and prevent credential stuffing.
Access policy enforcement
Ensure aggregators can only access data via authorized channels and under pre-defined limits.
Platform Overview
Securely enable customers to utilize financial aggregators while managing risk
The Distributed Cloud Aggregator Management platform includes an interactive dashboard to provide visibility into aggregator traffic and enforcement mechanisms to ensure that aggregators adhere to agreed usage policies. It also provides user cohort mapping between customers and verified aggregators. The platform incorporates intelligence from a globalized network of known aggregators from world’s top FIs and enables adaptive mitigation that combines high-precision machine learning, powerful AI, and human intelligence.
Authentication visibility
Labels all login attempts as human, automated, or aggregator.
Credential stuffing protection
Detects when attackers are credential stuffing through an aggregator.
Least privilege access
Enforces adherence to access policies required by aggregator.
Anomaly detection
Alerts FIs and aggregators when attacker framework has been detected.
Distributed Cloud Aggregator Management Use Cases
Give your customers full access to their data—anywhere, anytime, and through the apps they choose—while also protecting against credential stuffing and ATO risks.
Aggregator Detection
Telemetry models behavior, determines intent, maintains profiles.
Aggregator Identifiers
IPs, ASNs, headers, user agents, user cohort and device mapping.
Mitigation
Universal policy management, plus AI and human intelligence.
Contract Enforcement
Enforce rate-limits and report on violations.
Aggregator Reporting
Detailed aggregator traffic analysis and dashboarding.
