Manage Aggregator Traffic
Aggregators provide value-added services that improve the overall customer experience for financial institutions (FIs). However, aggregators can use valid credentials to scrape compliant data and can be used as a vector for account takeover. FIs need a way to manage aggregator traffic and mitigate risk.
Many of the most damaging attacks – those which cost the most money, harm the greatest numbers of customers, and occur most often – leverage novel and emerging attack techniques. These attacks are powered by fake traffic: synthetic identities and the emulation
of real customers. The attackers simply walk in the front door of an application, pretending
to be real customers or prospects. These attack techniques bypass mainstream security
controls because they don’t require any coding flaws or vulnerabilities in an application; they
even work against correctly-coded applications that are part of a well-run, secure software
development lifecycle. As a result, telling real from fake online is one the biggest challenges
FIs face in today’s security environment.
Fake traffic to FI applications drives many forms of attacks, unwanted automation, fraud
|Fake Traffic Threat or Challenge||Business Impact|
|Credential stuffing||Credential stuffing attacks on web and mobile|
apps, APIs, and OFX lead to account takeover and
new account creation fraud – and drive material
fraud losses. Large-scale credential stuffing
attacks also contribute to site performance issues
and can even lead to site outages.
|Unmanaged third-party Fintech apps||By default, user-enabled, third-party fintech|
tools log into FI apps as if they are actual users.
Without proper visibility, management, and
controls, these tools can create unnecessary
application load and are also being used by
cybercriminals as an attack vector to disguise
credential stuffing attacks against FI apps.
|Client-side maware attacks||Man-in-the-browser (MiTB) client-side malware|
can abuse Zelle and Interac systems to make
fraudulent money transfers by hijacking
legitimate user browser sessions.
|Manual fraud||Fraudsters emulate real users in order to take|
over accounts or create fake new accounts.
Why Distributed Cloud Aggregator Management?
Establish a baseline to understand all traffic and label traffic as human, automated, or aggregator.
Block attacks from malicious actors posing as legitimate aggregators and prevent credential stuffing.
Access policy enforcement
Ensure aggregators can only access data via authorized channels and under pre-defined limits.
Securely enable customers to utilize financial aggregators while managing risk
The Distributed Cloud Aggregator Management platform includes an interactive dashboard to provide visibility into aggregator traffic and enforcement mechanisms to ensure that aggregators adhere to agreed usage policies. It also provides user cohort mapping between customers and verified aggregators. The platform incorporates intelligence from a globalized network of known aggregators from world’s top FIs and enables adaptive mitigation that combines high-precision machine learning, powerful AI, and human intelligence.
Labels all login attempts as human, automated, or aggregator.
Credential stuffing protection
Detects when attackers are credential stuffing through an aggregator.
Least privilege access
Enforces adherence to access policies required by aggregator.
Alerts FIs and aggregators when attacker framework has been detected.
Distributed Cloud Aggregator Management Use Cases
Give your customers full access to their data—anywhere, anytime, and through the apps they choose—while also protecting against credential stuffing and ATO risks.
Telemetry models behavior, determines intent, maintains profiles.
IPs, ASNs, headers, user agents, user cohort and device mapping.
Universal policy management, plus AI and human intelligence.
Enforce rate-limits and report on violations.
Detailed aggregator traffic analysis and dashboarding.