Imperva: Protecting the Data that Drives Business Blog|Login|Chinese German Japanese|Follow @imperva
ThreatRadar Fraud Prevention Services

Detect and Stop Web-based Fraud

ThreatRadar Fraud Prevention Services: Detect and Stop Web-based FraudClick to enlarge
Web-based fraud, caused by identity theft, phishing attacks, malware, and other threats, costs organizations hundreds of millions of dollars every year. Web fraud also negatively impacts users’ perceptions of online businesses. In fact, 34% of victims reported avoiding certain merchants and 17% switched their primary bank as the result of a fraud event.1

Reducing online fraud not only benefits consumers, it helps businesses slash fraud remediation costs, avoid reputation damage, and prevent customer churn. Unfortunately, many Web fraud detection solutions require modifying applications. This additional development and testing can dramatically lengthen deployment processes. Further, many solutions excel at identifying certain types of risks, but cannot work with complementary fraud solutions to improve overall detection accuracy.

ThreatRadar Fraud Prevention Services enable organizations to rapidly provision and manage fraud detection solutions without needing to update Web applications. By integrating with leading fraud security vendors, the SecureSphere Web Application Firewall (WAF) can transparently identify and stop fraudulent transactions. ThreatRadar Fraud Prevention also provides powerful monitoring and enforcement capabilities, allowing businesses to centrally manage WAF and fraud policies together. Policies can assess results from multiple fraud detection solutions for advanced risk-based scoring.

Key Capabilities
Maintain brand and customer loyalty by preventing fraudulent activity
Correlate fraud and WAF policies for granular identification and blocking of illicit activity
Rapidly provision Web fraud solutions, eliminating the window of exposure imposed by manual integration
Reduce the cost and disruption of re-coding applications
Ensure fraud detection capabilities are up-to-date and support vendors’ latest features
Quickly enforce fraud policies using intuitive Web-based policies
Monitor and assess fraudulent events using SecureSphere’s powerful alerting and graphical reporting framework

To learn more, click on the Capabilities tab.

1 "True Cost of Fraud Study," LexisNexis

Intelligent Fraud Mitigation to Reduce Fraud-Related Expenses, Customer Churn

ThreatRadar Fraud Prevention Services enable organizations to lower fraud remediation costs, streamline fraud investigations and maintain customer loyalty. By integrating with leading Web fraud detection vendors, ThreatRadar Fraud Prevention offers best-in-class protection against online fraud. As an add-on service to the SecureSphere Web Application Firewall, this solution is the cost-effective, simple, and accurate way to detect and stop Web fraud.

Centralized Management of Fraud and Web Security Policies

ThreatRadar Fraud Prevention Services provides a single integration point for multiple fraud detection technologies. In addition, customers can combine fraud prevention policies with Web Application Firewall policies for granular access control. For example, SecureSphere administrators can define different outcomes based on Web browser agent, user reputation, geographic location, time of day, URL accessed, or other attributes. By correlating fraud, Web user, and attack activity, organizations can block fraudulent requests with pinpoint precision.

Rapid Time-to-Security

Imperva enables organizations to roll out Web fraud prevention quickly and cost effectively. ThreatRadar Fraud Prevention Services, a simple add-on to the SecureSphere Web Application Firewall, enables organizations to implement fraud detection without updating Web applications. ThreatRadar therefore offers rapid fraud provisioning, decreasing the window of exposure imposed by lengthy Web application development processes.

Lower Total Cost of Ownership

ThreatRadar Fraud Prevention Services eliminates the need to manually add fraud detection code to Web applications. By incorporating Web fraud prevention into the SecureSphere Web Application Firewall, organizations can avoid costly development costs and schedule disruptions. ThreatRadar Fraud Prevention also allows organizations to protect packaged enterprise applications and legacy applications—Web applications that may not support manual code changes.

Up-to-date Fraud Protection

Imperva promptly incorporates the latest updates and APIs from its fraud prevention partners into the ThreatRadar Fraud Prevention Service. This enables Imperva customers to take advantage of new fraud prevention features quickly, rather than waiting for developers to manually update Web application code.

Active Enforcement of Web Fraud Policies

ThreatRadar transforms fraud detection into fraud prevention, enabling businesses to stop fraudulent activity, instantly notify end users of fraud risk, or open a fraud investigation case. Using SecureSphere’s intuitive Web-based security policies, organizations can redirect compromised users to a custom error page, generate a syslog notification, or generate a ticket in a ticketing system. With SecureSphere, organizations can also monitor fraudulent events and easily adjust policies as needed.

Detailed Alerts and Graphical Reporting of Fraud Activity

Because of SecureSphere’s powerful reporting framework, customers can generate executive-level summary reports as well as detailed reports of fraudulent events. Security alerts capture full event detail for forensics analysis. Leveraging SecureSphere’s monitoring and reporting capabilities, organizations can assess fraud risks and investigate fraudulent activity.

Fast, Simple Validation of Fraud Security Solutions

Imperva has partnered with leading third party Web fraud detection vendors to offer instant evaluations of fraud detection solutions. With just a few clicks in the SecureSphere Web user interface, organizations can assess fraud security solutions. ThreatRadar Fraud Prevention eliminates the need to perform lengthy pilots and update existing Web applications to evaluate new fraud security solutions.

ThreatRadar Fraud Prevention Services Specifications


Specification Description
Fraud Prevention Partner Solutions
  • Trusteer PinPoint: a log-in and transaction monitoring system that enables real time detection of malware infected devices visiting Web applications. It prevents incidents of financial fraud and industrial espionage by identifying potential threats as they happen.
Fraud Detection Mechanism
  • SecureSphere transparently invokes third party fraud detection mechanisms. The process takes less than a second to complete and is completely transparent to end users. Fraud protection requires no changes to existing Web applications or Web infrastructure.
SecureSphere Integration
  • Geo-location of source IP
  • Pre-defined and custom SecureSphere security policies
  • SNMP
  • Syslog
  • Email
  • Incident management ticketing integration
  • Custom followed action
  • Custom graphical reports
  • Real-time dashboard
SecureSphere Deployment Requirements
  • Inline bridge, reverse proxy or transparent reverse proxy
Supported Products
  • SecureSphere Web Application Firewall