Antifraud | FraudHunt

Online Fraud Detection

Real time monitoring of your website visitors and their quality scoring

How it works

Our system gathers massive amounts of information about every visitor of your website. This information is then checked against a large number of conditions or triggers that determine the quality of every visitor and detect fraudsters of all sorts.

Information in question includes but is not limited to Proxy services, Operating System information, Browser information, and their behavioral patterns.

Our system establishes a certain Fraud Score for every visitor, depending on the number of triggers that have fired in any particular case. The Score of every trigger varies depending on a number of factors and combinations of the said triggers.

There are three types of users depending on their score: Quality Users, Low-risk Users, and Potential Fraudsters.

Triggers

TOR

The name TOR is derived from an acronym for the original software project name “The Onion Router”. The network is actively used to conduct a wide range of illegal and fraudulent activities online.

Anonymous sessions

Anonymous sessions mean that the browser of a user will not save cookie files and all cookie based analytical solutions will count those as new users every time they visit your website.

Do-Not-Track option

When this option is on, it instructs the browser not to keep track of the user. In certain conditions and environments Do not track option may be a clear sign of fraudulent activities.

User agent change

User agent describes a situation when a user changes his/her user agent in a browser (with the help of extensions, for example (Linux posing as iOS, etc). User agent change is one of the types of emulation.

Ad blocking

The user cannot see advertising content on your page. AdBlock is not a sign of a typical fraudster in itself and has an extremely low fraudscore, but combined with certain other triggers it indicates certain bots and is useful for detecting specific fraud types. It also comes in handy when analyzing behavioral patterns of your real users.

Out-of-date operating systems

Old Operating System is one of the most common features of bot farms and automated systems. Such systems are extremely hard to update and they are pretty effective against less advanced antifraud solutions. Our Fingerprinting technology allows us to determine the OS used by your visitor and you to not waste time on bots instead of real users.

Emulation devices

Using virtual machines or emulators users disguise their activities. Fraudsters may use virtual machines to create appropriate environments, for example one emulates iOS on Linux platform and installs a legitimate Safari browser or, in case of some bot farms, they emulate an appropriate environment on the server side. The server then sends information to your website stating it is a machine with a number of parameters like platform, browser, etc.

PROXY services

People use PROXY services to hide their real IP address. PROXY Types are: Anonymizing VPN services, Tor Exit Nodes, Hosting Providers, Data Centers or Content Delivery Networks, and Web Proxies. Although Proxy services are sometimes used by real legitimate users to protect their privacy, they are a valid and widespread fraudster tool. Our solution is able to detect all kinds of proxy services as well as scan and extract a whole array of user ip addresses.

Out-of-date browser versions

Old Browser trigger fires for versions that the manufacturer of the said browser does not recommend to use (around 2 years old). The thing here is that bot farms and automated systems do not change their browser versions for years for the procedure is technically difficult and costly.

Country restriction list

Every business has a target audience. It is highly unlikely for someone from Peru to visit Canadian local retailers and vice versa. Our sophisticated fingerprinting solution determines the real location of a user irrespective of techniques used to hide it.

Bots

The user is a bot. Nearly 50% of all web traffic is coming from various Bots with around 20% coming from Good or Legitimate Bots and around 30% from Bad or Malicious Bots.

Time zone inconsistency

Analyzing different parameters of users’ equipment allows us to establish whether a certain user tries to hide his/her real location and their actuall time zone is a sure sign of such actions.

Language inconsistency

Users try to hide the culture/language they belong to/speak. Discrepancies in information about user’s location, culture, language, etc. is a sure sign of a fraudster.

How it can help your business

ANY QUESTIONS?

What is FraudScore?

FraudScore (user quality score) – an indicator calculated by a response/no-response of a number of triggers. These triggers are based on information about user’s equipment. Every discrepancy is found on the basis of this information.

How long does it take to calculate FraudScore?

FraudScore works on the fly. A user enters your website and the score is displayed on the radar in real time, based on the number of triggers that have fired.

How is user quality calculated?

The user score is calculated on the basis of information about the user’s equipment and discrepancies on their profile. This information is collected by Device Fingerprint from Fraudhunt.

How many triggers take part in the user quality assessment?

The number of working triggers is growing day by day, for we are constantly monitoring new trends and technologies hackers and fraudsters use.

Can I get raw data about users to assess it by myself?

You can get a file with data about any visitor of your site, using a special option on your personal account in our system.

Can I get summary reports on traffic quality on my resource?

Yes, you can get this information using the analytics functionality of our system. Go to offline Anti-FRAUD analytics tab to learn more about this functionality.