Fingerprint's Dan Pinto - ‘Device intelligence is an underutilized security tool'

YARMOUTH, Maine – With the rise of artificial intelligence (AI) and the popularity of electronic currencies and digital wallets, fintech is becoming an important tool for consumers, and few people recognize that better than Fingerprint CEO Dan Pinto.

Fingerprint is a platform dedicated to empowering developers to detect and prevent online fraud. Security Systems News (SSN) had the opportunity to speak recently with its CEO and co-founder Dan Pinto about some of the latest concerns and risks associated with new financial technology.

SSN: What are the most common and most dangerous forms of attacks used by criminals against payment tech?

PINTO: Fraudsters have found many ways to exploit payment tech and e-commerce retailers. Some prominent examples include:

       Account Takeover (ATO):

Criminals gain access to legitimate user accounts by using stolen credentials or exploiting vulnerabilities in login systems to steal funds, make unauthorized purchases, or commit other fraudulent activities.

Card cracking:

Fraudsters test stolen credit card details to try to uncover full card information.     

Social Engineering:

Phishing and other social engineering attacks trick users into revealing sensitive information or compromising their accounts.

Malware:

Malicious software like Trojans, keyloggers, and ransomware can infect devices to steal payment   information, hijack sessions, or disrupt operations.

SSN: What’s the most important security precaution a company or organization should start practicing right now that it isn’t?

PINTO: Device intelligence is an underutilized security tool. Fraudsters use advanced technology to execute their attacks and hide their identity, but device intelligence can detect suspicious users and behavior to prevent bad actors from doing damage.

This approach involves browser and device fingerprinting. The technology uses dozens of attributes like screen resolution, IP location, language, and operating system to distinguish individual devices, even when visitors try to hide their identity through VPN or incognito mode. Each device receives a unique visitor identifier, which allows companies to recognize it when it returns to the site.

Device intelligence helps companies spot suspicious visitor attributes and activities — such as browser tampering, mismatched time zones, and unusual or excessive login attempts — and block or investigate the activity. This capability also lets companies verify legitimate users and provide a better experience for them by reducing authentication steps and remembering preferences.

SSN: What are the greatest security threats facing fintech, and what role does AI play in that future?

PINTO: The greatest threat facing fintech is the increasing availability of advanced tools and automation. Capabilities like private browsing, VPNs, and anti-tracking browser settings give bad actors more ways to conceal their identities. Fraudsters can also use generative AI to execute more sophisticated attacks faster and at a larger scale. For example, they might build dozens of fake websites, write very realistic phishing emails, or even create deep fakes.

Fortunately, AI and machine learning also empower fintech to protect itself. Companies can use this technology to identify and fix vulnerabilities and detect subtle behavioral anomalies that indicate potential fraud. Continuous real-time monitoring through technology like device intelligence enables businesses to stop fraud before it happens.

You can learn more about Fingerprint online at fingerprint.com.