ThreatMetrix has acquired TrustDefender in order to integrate anti-malware capabilities to its advanced device-identification portfolio.
Australian company TrustDefender to add malware protection and secure browsing
to its portfolio of secure device-identification products.
The combined companies will
operate under the ThreatMetrix name and have operations in the United States,
Australia and Europe, ThreatMetrix officials said Jan. 10. However,
ThreatMetrix has adopted the TrustDefender name for all the products in its
existing portfolio, including TrustDefender ID, TrustDefender Cloud and TrustDefender
Client, Reed Taussig, president and CEO of ThreatMetrix, told eWEEK
ThreatMetrix has already
closed the deal with a combination of cash and stock, although it didn't
disclose the financial terms. The corporate headquarters of the combined
companies will be in San Jose, Calif., Taussig said. Andreas Baumhof,
co-founder and CEO of TrustDefender, will join ThreatMetrix as CTO.
"The natural synergies
between device identification and secure browsing are very obvious,"
With the acquisition,
ThreatMetrix can now offer an integrated fraud-protection product that can
verify the identity of a device trying to access secure data and also to check
the integrity of that device. If it has been compromised, either by malware or
identity theft, the ThreatMetrix platform can deny access.
examines more than 250 aspects of a device to determine its integrity, such as
the language used to display content, any hidden proxies and other historical
usage data. TrustDefender's products detect malware, such as Trojans and other
threats, such as man-in-the-browser-attacks.
TrustDefender's Baumhof said
there had been a "huge increase" in sophisticated man-in-the-browser
Trojan attacks that launched fraudulent transactions using stolen identities.
Device identification and
malware protection should actually be treated as "birds of a
feather," and combined, Taussig said. Prior to the acquisition, ThreatMetrix
had advanced device-identification capabilities that could detect whether the
transaction being conducted on the device was from a legitimate user or
fraudulent, Taussig said. But these products couldn't tell if there was malware
on the device, he said. TrustDefender can tell there was malware on the device,
but couldn't detect whether its integrity had been compromised in some other
way, he said.
"Why would you buy
device identification without malware protection, or malware protection without
device identification?" Taussig said. He added that up until now, that was
exactly what organizations had been forced to do. Then, they had to integrate
products from different vendors on their own to get broader protection.
It became increasingly clear
from speaking with customers that successful transaction profiling required
both sophisticated malware detection and intelligent-device identification to
determine if the device is compromised or if the transaction is at risk of
being fraudulent, said Taussig. With the acquisition, ThreatMetrix could now
offer customers a single product that could do both tasks, he said.
Malware protection and fraud
prevention are closely related, but historically have used different methods to
protect data, Taussig said. However, as more and more data leaves the
enterprise and is stored on mobile devices and cloud servers, IT professionals
are losing control over the data. The authentication and security measures
being used by the anti-fraud specialists become useful since the data is
outside the firewall, according to Taussig.