Presentation is loading. Please wait.

Presentation is loading. Please wait.

Mastercard® Threat scan

Published byMia Amundsen Modified over 5 years ago

Similar presentations

Presentation on theme: "Mastercard® Threat scan"— Presentation transcript:

1 Mastercard® Threat scan
Limit fraud exposure by assessing vulnerabilities in authorization networks Mastercard® Threat scan Issuer authorization networks are continually at risk of exploitation. Threat Scan assesses issuer production authorization networks for vulnerabilities that can expose them to criminal attacks, providing network insights that can help issuers realize fewer fraud losses with a proactive approach to fraud prevention. Fraudsters continue to find points of vulnerability in issuer networks Fraudsters are finding ways around seemingly secure authorization networks. It is estimated that 8% of all fraud losses globally are attributed to weaknesses in issuers’ authorization networks.1 By 2020, 60% of enterprise security budgets will be allocated to rapid detection and response approaches.2 Issuers may face challenges implementing in-house network testing efforts Exploitation of issuer networks warrants additional safety measures. To address this threat, issuers need to proactively assess vulnerabilities and gaps in their production authorization hosts. Learn from past fraud attacks by ensuring proper authorization validation is in place to prevent against future attempts Discover emerging fraud trends that expose their network to risk Ensure their network is functioning properly after a development release Over 1,530 issuers have experienced 62K+ fraudulent cryptograms this year meant to exploit gaps in authorization networks. If these had been successful, issuers would have lost > $6.7 million.1 8% of all fraud losses are attributed to weak authorization networks1 1. MASTERCARD DATA WAREHOUSE GARTNER. SHIFT CYBERSECURITY INVESTMENT TO DETECTION AND RESPONSE

2 Mastercard Threat Scan
August 28, 2019 Mastercard Threat Scan Identifying vulnerabilities within issuer authorization networks Threat Scan assesses issuer production authorization networks for vulnerabilities to fraud by emulating known criminal transaction behavior against a number of actual and theoretical vulnerabilities— highlighting potential points of exploitation for issuers. Issuers can: Gain critical insights into their authorization network—enabling a greater understanding of vulnerabilities and gaps in authorization security that require additional attention. Reduce fraud losses and preserve brand integrity by assessing vulnerabilities in their host authorization networks before exploitation can occur. Threat Scan offers a pragmatic way for issuers to identify gaps in authorization security by conducting assessments within production vs. testing environments. Threat Scan helps issuers find vulnerabilities that can expose them to criminal attacks such as: PIN manipulation Pre-play attacks Relay attacks Counterfeit fraud Card-not-present (CNP) fraud Lost or stolen card (Wedge) attacks Replay attacks (e.g., cryptogram replay) Fraudster-induced exception processing Cross-contamination fraud Implementing is easy To enroll, issuers must simply agree to terms and conditions on Mastercard Connect®. With no additional coding required, issuers can deploy and manage Threat Scan via Mastercard Connect. Issuers… Perform their own comprehensive set of assessments on their host production network based on account criteria Control assessment frequency and timing, performing them at their convenience Use accounts they have issued and card readers/devices they support Receive immediate detailed results via Scan Session Reports available via the Threat Scan application on Mastercard Connect For more information, contact your Mastercard account representative.

Download ppt "Mastercard® Threat scan"

Similar presentations

© 2014 Fair Isaac Corporation. Confidential. This presentation is provided for the recipient only and cannot be reproduced or shared without Fair Isaac.

© 2014 Fair Isaac Corporation. Confidential. This presentation is provided for the recipient only and cannot be reproduced or shared without Fair Isaac.
Information System Audit : © South-Asian Management Technologies Foundation Chapter 4: Information System Audit Requirements.

Information System Audit : © South-Asian Management Technologies Foundation Chapter 4: Information System Audit Requirements.
Session 4: Data Privacy and Fraud Moderator: Bill Houck, Director, Risk Management, UATP Panelist: Peter Warner, EVP, Retail Decisions Cherie Lauretta,

Session 4: Data Privacy and Fraud Moderator: Bill Houck, Director, Risk Management, UATP Panelist: Peter Warner, EVP, Retail Decisions Cherie Lauretta,
Vice President, e-Business Development Dubai United Nations Conference on Trade & Development Conference on Electronic Commerce.

Vice President, e-Business Development Dubai United Nations Conference on Trade & Development Conference on Electronic Commerce.
Contactless Payment. © Family Economics & Financial Education – January 2007 –– Financial Institution Unit – Contactless Payment - 2 Funded by a grant.

Contactless Payment. © Family Economics & Financial Education – January 2007 –– Financial Institution Unit – Contactless Payment - 2 Funded by a grant.
Is There a Security Problem in Computing? Network Security / G. Steffen1.

Is There a Security Problem in Computing? Network Security / G. Steffen1.
Introducing Computer and Network Security

Introducing Computer and Network Security
Are Large Scale Data Breaches Inevitable? Douglas E. Salane Center for Cybercrime Studies John Jay College of Criminal Justice Cyber Infrastructure Protection.

Are Large Scale Data Breaches Inevitable? Douglas E. Salane Center for Cybercrime Studies John Jay College of Criminal Justice Cyber Infrastructure Protection.
SELECTING AND IMPLEMENTING VULNERABILITY SCANNER FOR FUN AND PROFIT by Tim Jett and Mike Townes.

SELECTING AND IMPLEMENTING VULNERABILITY SCANNER FOR FUN AND PROFIT by Tim Jett and Mike Townes.
Website Hardening HUIT IT Security | Sep 30 2011.

Website Hardening HUIT IT Security | Sep
Cybercrime Outlook on African banks Adwo Heintjes Global Head IT Audit & Ops Rabobank.

Cybercrime Outlook on African banks Adwo Heintjes Global Head IT Audit & Ops Rabobank.
Academy of Risk Management | Innovate. Collaborate. Educate. Fraud Management Solutions Innovative Products & Thought Leadership.

Academy of Risk Management | Innovate. Collaborate. Educate. Fraud Management Solutions Innovative Products & Thought Leadership.
Introducing Computer and Network Security. Computer Security Basics What is computer security? –Answer depends on the perspective of the person you’re.

Introducing Computer and Network Security. Computer Security Basics What is computer security? –Answer depends on the perspective of the person you’re.
What does “secure” mean? Protecting Valuables

What does “secure” mean? Protecting Valuables
CREDIT CARD FRAUD. TYPES OF CREDIT CARD FRAUD Counterfeit credit card use. Card lost or stolen by the card holder. Fraud committed without the actual.

CREDIT CARD FRAUD. TYPES OF CREDIT CARD FRAUD Counterfeit credit card use. Card lost or stolen by the card holder. Fraud committed without the actual.
Controlling Fraud Risk Exposure and Loss Sherri Goodman Director of Fraud Operations September 22, 2005.

Controlling Fraud Risk Exposure and Loss Sherri Goodman Director of Fraud Operations September 22, 2005.
Managing Data Against Insider Threats Dr. John D. Johnson, CISSP.

Managing Data Against Insider Threats Dr. John D. Johnson, CISSP.
Data Security and Payment Card Acceptance Presented by: Brian Ridder Senior Vice President First National September 10, 2009.

Data Security and Payment Card Acceptance Presented by: Brian Ridder Senior Vice President First National September 10, 2009.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
KASPAR T., SILBERMANN M., PAAR C. (2010) FINANCIAL CRYPTOGRAPHY AND DATA SECURITY, VOLUME 6052, PP 343-350 All You Can Eat or Breaking a Real- World Contactless.

KASPAR T., SILBERMANN M., PAAR C. (2010) FINANCIAL CRYPTOGRAPHY AND DATA SECURITY, VOLUME 6052, PP All You Can Eat or Breaking a Real- World Contactless.

Similar presentations

Ads by Google