The vendor has upgraded its Continuous Customer Protection platform in response to CISOs requirements and its own risk. Security and fraud prevention vendor Darwinium has updated its Continuous Customer Protection platform to provide shared intelligence on anonymized data sets. The company claims that the update ensures customers remain in control of users’ data while also preventing Darwinium from becoming a target of cybercrime. Use cases for the Darwinium platform include account security, scam detection, account takeover, fraudulent new accounts, synthetic identities, and bot intelligence.Darwinium services large B2C organizations (with $1 billion or more in revenue) and marketplaces, dedicated payments providers, ecommerce shops, banks, and some fintechs. In 2022, a study by Statista and Juniper Research estimated e-commerce losses to online payment fraud of $41 billion globally.How Darwinium fraud prevention worksDarwinium Continuous Customer Protection enables continuous visibility and control of a user’s journey and experience, whether it’s from the web, a mobile device, or through an API. It is deployed on the edge, which eliminates the privacy, security, and latency downsides of a traditional security tool, Darwinium CEO Alisdair Faulkner tells CSO, “for example, a bot detection solution which requires you to route traffic through a third-party provider or through a single point of failure.” DarwiniumDarwinium’s dashboard shows customer behavior.To understand the intent of attackers, Faulkner said it is necessary to go beyond identity. Darwinium is an intent engine that combines identity insights and behavioral insights. “What’s different about us than other tools like behavioral biometrics is that we consume those third-party signals if the customer uses them. But we also produce what we call digital signatures, which turn behavior into identity,” Faulkner says. Darwinium can run on existing cloud platforms used by Darwinium’s customers, avoiding another point of failure to exist between the customer and the user’s data center. “It does all the encryption and identification of sensitive data up front. Darwinium does not see any of this customer encrypted information. That is still stored within the organisation, but we do it in a way that enables us to encode, encrypt and anonymize data that we can use for shared intelligence sharing,” Faulkner says.It communicates with existing products such as bot detection, it consumes their scores to provide users with intelligence. Darwinium is a complimentary to the user’s existing security and fraud stack. “We don’t just consume risk scores. We also dynamically inject any risk scores, variables, features, signals detections that can be proprietary to Darwinium or they can be risk signals that customers themselves wish to define,” Faulkner says. What is new in Darwinium Continuous Customer ProtectionDarwinium is launching an update it defines as a “trust nothing architecture.” This means it has the benefits of shared intelligence on anonymized data sets while enabling customers to keep control of all customer data.The upgrade, Faulkner says, was in response to requests from CISOs and chief compliance officers, but also for Darwinium’s self-protection. “[Before the user] had a choice of either install something on premise so you have full control, no customer data leaves your infrastructure, or you have to compromise using some kind of SaaS solution where you’re sending them the data and hope that they’re encrypting and doing everything necessary, or that they don’t get hacked.”“You can get all around a lot of these things by having the right kind of compliance credentials as a vendor, but at the end of the day we realized that Darwinium, if we achieve the vision and the ambitions that we have and our track record suggests that we hopefully should, we become a target ourselves,” Faulkner explained. “That’s what we want to avoid…. There is no way that Darwinium can become a target if we destroy any value or there’s no value of data coming to us other than anonymized insights that can be used for machine learning.” Related content news Bug in EmbedAI can allow poisoned data to sneak into your LLMs The vulnerability can be used to deceive a user into inadvertently uploading and integrating incorrect data into the application’s language model. By Shweta Sharma May 31, 2024 3 mins Generative AI Vulnerabilities news OpenAI accuses Russia, China, Iran, and Israel of misusing its GenAI tools for covert Ops OpenAI’s generative AI tools were used to create and post propaganda content on various geo-political and socio-economic issues across social media platforms, the company said. By Gyana Swain May 31, 2024 4 mins Generative AI news Okta alerts customers against new credential-stuffing attacks Hackers are using credential-stuffing to attack endpoints that are used to support the cross-origin authentication feature. By Shweta Sharma May 31, 2024 4 mins Identity and Access Management Vulnerabilities feature 3 reasons users can’t stop making security mistakes — unless you address them Understanding what’s behind employee security mistakes can help CISOs make meaningful adjustments to their security awareness training strategies. By Ariella Brown May 31, 2024 5 mins Data Breach Risk Management PODCASTS VIDEOS RESOURCES EVENTS SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe