Vendors
BioCatch
BioCatch is a well-funded, late-stage venture-backed FRIP service provider that was founded in Tel Aviv in 2011. They have offices around the world and are focused on risk reduction for financial industry customers. Their suite is composed of modules handling Account Opening Fraud Protection, Account Takeover Fraud Protection, Social Engineering Fraud Detection, Mule Account Detection, Phishing Site Detection, and PSD2/SCA compliance. Of the six pillars of FRIP, BioCatch has identity proofing, device intelligence, behavioral biometrics, and bot detection. Their service is hosted in multiple Microsoft Azure locations across the EU and APAC regions. Subscriptions are priced per-user for ATO, Social Engineering, Mule Account, and Phishing Site Detection; and per-transaction for AO Protection and PSD2/SCA services.
Why worth watching
BioCatch has excellent behavioral biometrics which form the basis of their FRIP. The advanced cognitive analytics are highly innovative.
Akamai
Akamai Technologies is a cloud and security provider headquartered in Cambridge, Massachusetts, USA. Founded in 1998, the company is one of the veteran players in the market, providing a broad range of security, compute, and delivery solutions through its Akamai Connected Cloud, one of the world’s largest distributed edge and cloud platforms.
Why worth watching
Akamai now offers a native connector that integrates API security directly with the Akamai Cloud with a press of a button, providing full visibility and automated response integrations with the rest of Akamai’s security platform.
Arkose Labs
Arkose Labs is a mid-stage startup established in 2017 in San Francisco. Their solution is focused on reduction of ATO fraud, covering many finance, retail, gaming, etc. use cases, as well as inventory hoarding, screen scraping, loyalty card abuse, and fake reviews. Of the six core functional areas of FRIP, Arkose Labs has credential and device intelligence, user behavioral analysis, behavioral biometrics, and bot detection.
Why worth watching
Arkose is unique in offering an SLA for 100% remediation of automated attacks and $1M credential stuffing attack prevention warranties.
Broadcom
Broadcom has introduced light-weight desktop agent that allows users to connect to target systems using privileged account without having to log into the PAM user interface directly. Users can use their own tools for connecting and PAM will manage the credentials behind the scenes.
Why worth watching
Broadcom has now rationalized all its identity products into the Identity Management Security Division of Broadcom Software, including its PAM platform marketed as Symantec PAM.
Experian
Experian was founded in 1996 and is headquartered in Dublin. It is one of the “Big Three” credit rating agencies, processing information on over one billion people worldwide. It provides credit history information to financial institutions, and analytics and marketing information for other customers.
Why worth watching
Experian’s CrossCore is very scalable, handling millions of transactions per day.
F5
F5 is a leading network application delivery and security provider headquartered in Seattle. F5’s entry in FRIP is largely based on Shape Security’s tools which they acquired in 2020.
Why worth watching
F5’s portfolio includes BIG-IP, DDoS Hybrid Defender, and NGINX. For fraud prevention, their components described here include F5 Distributed Cloud Bot Defense, Account Protection, Authentication Intelligence, Data Intelligence, Aggregator Management, Client-Side Defense, and Malicious Activity Detection.
Forter
Forter, founded in 2013 and headquartered in New York, is a late-stage venture-backed fraud prevention specialist. The Forter Trust Platform is a suite composed of modules for improving customer conversions, reducing false declines, detecting policy abuse and adjusting policies, payments security, and ATO prevention.
Why worth watching
Forter Trust Platform has access to a wide range of device intelligence attributes including geo-location and geo-velocity; device type, ID/fingerprint, and hygiene; and IP address and reputation.
GBG
GBG is headquartered in Chester, UK, and was founded in 1989. GBG is a fraud prevention specialist. In 2019, they acquired IDology, and in 2021 they acquired Acuant.
Why worth watching
GBG’s suite of solutions has strong identity verification functionality and UBA, with credential intelligence, device intelligence, and behavioral biometrics capabilities coming from partners.
Group-IB
Privately held Group-IB was founded in 2003 and their global HQ is located in Singapore. Beyond FRIP services, Group-IB offers threat intelligence, Attack Surface Management, business email protection, and anti-piracy products. Group-IB Fraud Protection has functionality in compromised credential and device intelligence, UBA, behavioral biometrics, and bot detection.
Why worth watching
Group-IB Fraud Protection has advanced features in device intelligence, user behavioral analysis, behavioral biometrics, and bot management.
Gurucul
Gurucul was founded in 2010 and is a privately-owned company headquartered in Los Angeles. Gurucul has a suite of products and services including SIEM, UBA, Open XDR, Network Traffic Analysis, Network Detection & Response, and Fraud and Risk Analytics.
Why worth watching
Gurucul is HIPAA and PCI-DSS certified but has not achieved ISO 27001 or SOC 2 Type 2 for its cloud-hosted services.
HID Global
HID Global is a subsidiary of ASSA ABLOY Group AB of Stockholm. Assa Abloy AB is a Swedish conglomerate whose offerings include products and services related to locks, doors, gates, and entrance automation. HID Global’s US headquarters are located in Austin, TX. With over 4,000 employees worldwide and international offices that support more than 100 countries, the company develops highly secure solutions for identity and access management, including physical access controls, smart identity card manufacturing, credential issuance and management, biometric authentication, and identity proofing.
Why worth watching
HID Global is a solid option for organizations with highly regulated industries, high security requirements, and complex integration. However, even large businesses, in particular outside of the very heavily regulated industries, might benefit from the integrated approach and the flexible deployment options.
HUMAN
HUMAN Security was formed in 2012 in New York and has offices across the US and in Singapore, Israel, and the UK. In summer of 2022, HUMAN merged with PerimeterX, another bot management specialist, and acquired Clean.io, a malvertising protection specialist.
Why worth watching
HUMAN’s Human Defense Platform is ISO 27001 and SOC 2 Type 2 certified.
IBM
IBM Corporation is a multinational technology and consulting company headquartered in Armonk, New York, USA. Founded in 1911, IBM has evolved from a computing hardware manufacturer into offering a broad range of software solutions, infrastructure hosting, and consulting services in such high-value markets as business intelligence, data analytics, cloud computing, virtualization, information security, and identity and access management. With a strong global presence and customers and partners across the globe, IBM is a major player in the market.
Why worth watching
Organizations that are looking for mature, highly scalable, and secure enterprise authentication solutions built on state-of-the-art micro-services architecture should put IBM on the list of solutions to consider.
ID Dataweb
ID Dataweb was founded in 2011 and is headquartered in Northern Virginia. ID Dataweb is a late-stage startup that was initially backed by venture capital. AXN was originally designed to gather authoritative attributes for ID proofing for both government and commercial applications, but the solution now covers all aspects of fraud reduction.
Why worth watching
ID Dataweb has enhanced their risk engine since the last report. Customers can select attribute sources and modify their own evaluation rules in a flowchart style workflow editor. Handling recommendations and reason codes can be provided in addition to risk scores.
LexisNexis
LexisNexis Risk Solutions formed in 1998 from progenitor companies that started in the 1960s. LexisNexis Risk Solutions has an array of solutions accessible via the LexisNexis Dynamic Decision Platform (DDP) that contribute to their overall FRIP offering: Fraud Intelligence, InstantID, TrueID with Portrait Match, MultiFactor Authentication, ThreatMetrix, BehavioSec, Emailage, PhoneFinder, and WorldCompliance DataPlus.
Why worth watching
LexisNexis Risk Solutions have obtained SOC 2 Type 2 certifications.
Outseer
RSA was acquired by Symphony Technology Group in 2020, and in June 2021 Outseer brand was launched. Outseer is the new brand for what used to be RSA’s Fraud and Risk Intelligence business unit and its FRIP offerings are comprised of the products listed above. Outseer is widely used in the financial sector, protecting over two billion consumers.
Why worth watching
Outseer Fraud Manager, 3-D Secure are SOC 2 Type 2 certified.
Sift
Sift was formed in 2011, and it is headquartered in San Francisco. Sift is a fraud protection specialist, with services for payments security, content protection, ATO protection, and PSD2 compliance.
Why worth watching
Sift is SOC 2 Type 2 certified. ISO 27001 certification has not been achieved.
Transmit Security
Transmit Security was founded in 2014 and is headquartered in Tel Aviv and Boston. The company provides innovative authentication and risk management solutions to small and large companies worldwide. Its portfolio is built to address B2C, B2B, and B2B2C IAM needs.
Why worth watching
Transmit Security’s platform processes over a billion transactions daily for their customers worldwide. The platform has one of the most feature-rich offerings in the passwordless authentication market and would likely be suitable for any type of organization looking to adopt a passwordless solution.