The vendor has upgraded its Continuous Customer Protection platform in response to CISOs requirements and its own risk. Security and fraud prevention vendor Darwinium has updated its Continuous Customer Protection platform to provide shared intelligence on anonymized data sets. The company claims that the update ensures customers remain in control of users’ data while also preventing Darwinium from becoming a target of cybercrime. Use cases for the Darwinium platform include account security, scam detection, account takeover, fraudulent new accounts, synthetic identities, and bot intelligence.Darwinium services large B2C organizations (with $1 billion or more in revenue) and marketplaces, dedicated payments providers, ecommerce shops, banks, and some fintechs. In 2022, a study by Statista and Juniper Research estimated e-commerce losses to online payment fraud of $41 billion globally.How Darwinium fraud prevention worksDarwinium Continuous Customer Protection enables continuous visibility and control of a user’s journey and experience, whether it’s from the web, a mobile device, or through an API. It is deployed on the edge, which eliminates the privacy, security, and latency downsides of a traditional security tool, Darwinium CEO Alisdair Faulkner tells CSO, “for example, a bot detection solution which requires you to route traffic through a third-party provider or through a single point of failure.” DarwiniumDarwinium’s dashboard shows customer behavior.To understand the intent of attackers, Faulkner said it is necessary to go beyond identity. Darwinium is an intent engine that combines identity insights and behavioral insights. “What’s different about us than other tools like behavioral biometrics is that we consume those third-party signals if the customer uses them. But we also produce what we call digital signatures, which turn behavior into identity,” Faulkner says. Darwinium can run on existing cloud platforms used by Darwinium’s customers, avoiding another point of failure to exist between the customer and the user’s data center. “It does all the encryption and identification of sensitive data up front. Darwinium does not see any of this customer encrypted information. That is still stored within the organisation, but we do it in a way that enables us to encode, encrypt and anonymize data that we can use for shared intelligence sharing,” Faulkner says.It communicates with existing products such as bot detection, it consumes their scores to provide users with intelligence. Darwinium is a complimentary to the user’s existing security and fraud stack. “We don’t just consume risk scores. We also dynamically inject any risk scores, variables, features, signals detections that can be proprietary to Darwinium or they can be risk signals that customers themselves wish to define,” Faulkner says. What is new in Darwinium Continuous Customer ProtectionDarwinium is launching an update it defines as a “trust nothing architecture.” This means it has the benefits of shared intelligence on anonymized data sets while enabling customers to keep control of all customer data.The upgrade, Faulkner says, was in response to requests from CISOs and chief compliance officers, but also for Darwinium’s self-protection. “[Before the user] had a choice of either install something on premise so you have full control, no customer data leaves your infrastructure, or you have to compromise using some kind of SaaS solution where you’re sending them the data and hope that they’re encrypting and doing everything necessary, or that they don’t get hacked.”“You can get all around a lot of these things by having the right kind of compliance credentials as a vendor, but at the end of the day we realized that Darwinium, if we achieve the vision and the ambitions that we have and our track record suggests that we hopefully should, we become a target ourselves,” Faulkner explained. “That’s what we want to avoid…. There is no way that Darwinium can become a target if we destroy any value or there’s no value of data coming to us other than anonymized insights that can be used for machine learning.” Related content feature Some strategies for CISOs freaked out by the specter of federal indictments Experts at this year's RSA Conference offered strategies to help CISOs cope with the prospect of facing federal indictments over their handling of cyber incidents. By Cynthia Brumfield May 10, 2024 7 mins CSO and CISO Legal Security Practices interview Strong CIO-CISO relations fuel success at Ally CIO Sathish Muthukrishnan and CISO Donna Hart have forged a partnership steeped in Ally’s culture of radical candor that keeps the financial services firm secure and innovative. By Dan Roberts May 09, 2024 9 mins CIO CSO and CISO IT Leadership news Zscaler shuts down exposed system after rumors of a cyberattack Initially dismissing rumors, Zscaler now says it did have a system exposed but nothing important has been accessed. By Shweta Sharma May 09, 2024 3 mins Data Breach Cyberattacks news Palo Alto launches AI-powered solutions to fight AI-generated cyberthreats The suite is powered by Palo Alto’s proprietary solution, Precision AI, which integrates machine learning, deep learning, and generative AI technologies. By Prasanth Aby Thomas May 09, 2024 3 mins Generative AI Security Software PODCASTS VIDEOS RESOURCES EVENTS SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe