print  Print
Glossary

A
C
E
G
K
L
M
P
R
S
T
All

  • Attribute
    An attribute is considered a standard field in the ThreatMetrix platform. Unlike entities, they do not have a corresponding set of entity attributes. An example of a Standard Attribute is 'screen_resolution'.
  • Attributes
    An attribute is considered a standard field in the ThreatMetrix platform. Unlike entities, they do not have a corresponding set of entity attributes. An example of a Standard Attribute is 'screen_resolution'.
  • CIS
    Client Intelligence Server: server component that TrustDefender Client communicates with for policy updates and enforcement.
  • Customer
    Organization that purchases products from ThreatMetrix
  • End User
    Individual person that utilizes ThreatMetrix Products on behalf of a customer. E.g.
    • Downloads TrustDefender Client onto their device
    • Renders a webpage containing the ThreatMetrix Web Profiling Tags
    • Uses an application containing the ThreatMetrix SDK
  • Entities
    Entities are key fields in the ThreatMetrix platform. They represent important objects, such as a devices, users, email addresses and IP addresses to name a few. They consist of a primary entity (E.g: true_ip) and a family (approx. 12) of entity attributes (E.g: true_ip_first_seen) that provide additional meta-data for their parent entity. The purpose of the entity attributes is to provide further information about the entity. Each time an entity performs an event in the ThreatMetrix Platform, the entity attributes are automatically generated and present alongside the entity in the API response and the Portal.
  • Entity
    Entities are key fields in the ThreatMetrix platform. They represent important objects, such as a devices, users, email addresses and IP addresses to name a few. They consist of a primary entity (E.g: true_ip) and a family (approx. 12) of entity attributes (E.g: true_ip_first_seen) that provide additional meta-data for their parent entity. The purpose of the entity attributes is to provide further information about the entity. Each time an entity performs an event in the ThreatMetrix Platform, the entity attributes are automatically generated and present alongside the entity in the API response and the Portal.
  • EULA
    End User License Agreement: an agreement between the End User, Customer and ThreatMetrix that is presented during the installation of the TrustDefender Client software on the User's device
  • GAP
     Guaranteed Authentication Program: a database containing customer's policies that govern the TrustDefender Client
  • KFE
    Kernel Forensics Engine: patented low-level operating system analysis engine used to detect cloaked malware, hidden processes and hooks.
  • legacy portal
    The old ThreatMetrix Portal. This was superceded by the new portal in August 2016.
  • Malware
    Malware, short for malicious (or malevolent) software, is software used or created by attackers to disrupt computer operation, gather sensitive information, or gain access to private computer systems.
  • Man in the Browser
    Man-in-the-browser (MitB) is a form of malware that infects a web browser by taking advantage of vulnerabilities in browser security to modify web pages, modify transaction content or insert additional transactions, in a covert fashion invisible to both the user and host web application.
  • MitB
    Man-in-the-browser (MitB) is a form of malware that infects a web browser by taking advantage of vulnerabilities in browser security to modify web pages, modify transaction content or insert additional transactions, in a covert fashion invisible to both the user and host web application.
  • Policy
    A policy is a collection of rules that are used to evaluate an event to determine risk. Policies are configured via the Portal.
  • Profiling
    Profiling is a mechanism which allows our platform to collect information about a visitor’s device that is accessing your web site or native application. Information about the device is securely transmitted to our platform in the form of Attributes. These Attributes allow our platform to uniquely identify the device and perform a risk assessment based on the current and historic behavior of that device. The profiling process is invisible to the visitor and does not impact their experience in any way. Profiling occurs differently depending on the product in use, as explained below:
    • ThreatMetrix Web uses JavaScript Profiling Tags that are placed on the desired pages in the customer’s web application.
    • ThreatMetrix SDK is a library embedded into customer's native applications.
  • Reason Code
    A Reason Code is the name a customer gives to a rule when it is created. The Reason Codes are returned during a Session Query to make it easy to identify exactly what rules were triggered. Multiple Reason Codes can be returned during a single Session Query. For Example, 'Address on Whitelist' and 'Hidden Proxy' are examples of Reason Codes commonly used by customers.
  • Reason Codes
    A Reason Code is the name a customer gives to a rule when it is created. The Reason Codes are returned during a Session Query to make it easy to identify exactly what rules were triggered. Multiple Reason Codes can be returned during a single Session Query. For Example, 'Address on Whitelist' and 'Hidden Proxy' are examples of Reason Codes commonly used by customers.
  • Review Status
    Review Status defines the outcome of an event according to the executed policy. This is derived from the resulting risk score generated during policy execution This is returned in the Session Query API and displayed in the portal for each event. Possible values are reject, review, pass.
  • Risk Score
    Risk score is a numerical value that ranges from negative 100 to positive 100 and is used to express the risk level of a transaction whereby negative 100 is considered high risk and positive 100 is considered low risk. It is calculated when the Rules Engine processes a Session Query. It is calculated by starting with a value of 0 and then adding and subtracting the Risk Score value from each individual rule as they are processed. For example, if a ‘Hidden Proxy Detected’ rule had a value of -10 and an ‘Email Address in Whitelist’ rule had a value of 50 the Risk Score would be 40.
  • Rule
    A rule is a configurable object that evaluates an event for particular conditions. Multiple rules are established and added to a policy. For a full list and description of all available rules, please refer to the Portal \ Rules category.
  • Session ID
    A Session ID is a unique identifier used to identify a point in time interaction made by the end user on the customer's application. Some examples of these interactions are logins, payments and account creations. When using ThreatMetrix Web, the Session ID must be generated by your web application. ThreatMetrix SDK can automatically generate a Session ID or can be passed one from your native application. It is important to understand that a Session ID does not 'follow' the user as Session IDs do in the typical sense. Instead, a new Session ID must be generated for each interaction. E.g: one Session ID is assigned when the user logs in and a second different Session ID is used when the user performs a payment. The Session ID is typically a randomized number and can be up to 128 bytes in length. An Example session ID is: f1bb34926bbf5339b110a514699a3a4a.
    For new customer instances (new org_id), session_ids will need to be at least 10 valid characters long, or an empty JS response, 200 (OK) will be returned. Existing organizations may now request to mandate a minimum length of 10 for a session_id. Minimum length is after sanitization (removal of non-conformant characters).
  • Session Query
    A Session Query is performed by a customer to retrieve information about a particular session (e.g. Login, Payment etc...) that a user has performed on their website. This is done by performing a HTTPS API Call and passing the Session ID to our platform. The Customer can optionally pass various additional Attributes that enable our Rules engine to perform a more detailed evaluation of the session. For example, passing the Username, Password and Email Address will enable our platform to determine if these user-specific attributes are commonly seen together which is valuable in verifying the legitimacy of a session. The Session Query will cause our Rules Engine to perform a detailed analysis of the session and return information such as a numerical risk score for the session, a recommendation as to whether the session should be accepted, rejected or reviewed as well as additional detailed information regarding the current state and history of the device.
  • SHN
    Security Health Notifications: messages presented to the user to notify them of any potential security threats or deficiencies on their device. Eg: Antivirus disabled, malware detected.
  • TDC
     TrustDefender Client
  • TrustDefender Client
    TrustDefender Client is an Internet security software solution that protects consumers and employees while banking or working online.