ThreatMetrix Reviews

The tool is integrated with the other solutions. It can be used to gauge threats and risks in the traffic, applications, network authenticity, and authenticity of people logging into an application. It has various use cases.

The solution can be easily integrated with applications. It provides risk flags that help mitigate risks. The real-time analytics provides a list of footprints on the application. It helps to identify and analyze real-time incidents and mitigate them.

The tool is very expensive.

I have been using the solution for five years.

The tool is currently being used only for integration with an internal application, which is exposed to customers. We have 7000 new customers every month.

The support is okay. We don't need to reach out to support frequently.

Neutral

The setup is not complex. It is pretty standard. I rate the ease of setup a nine out of ten. The deployment time depends on the applications and environment into which we integrate it. The product provides a lot of API documentation. The product is cloud-based. One or two people are enough to deploy the solution. We need some maintenance when new versions or patches need to be upgraded. It requires minimal maintenance.

An average of 8000 hits a year costs $60,000.

The solution is underutilized in our company. We must not spend much money where the requirement is less. I will recommend the product to others. It's a very popular tool. It all depends on the utilization. If a company needs the tool for many things, it will justify the cost. Overall, I rate the solution an eight out of ten.

The profiling of it that can show me many of the details of the client. 

The speed is very good. 

The way they set up rules from their experience, like collecting the rules from other banks and other enterprises, is very helpful. They can give us better rules and better solutions.

The interface is good. I haven't worked with the behavioral biometrics part yet and will need to explore it. 

It can scale. 

The solution is stable. 

We do have experiences where unknown sessions appear on the system. This is blamed on the internet on the client's side being weak.

The pricing could be better.

The interface does look a bit outdated. 

I've used the solution for half a year. 

So far, everything is okay with stability.

The performance is okay. That said, sometimes unknown sessions appear in the system. They clarify it by saying that the internet might not be good from the client's side and that is why unknown sessions might appear.

The solution is scalable. We are using it across our company and our clientele, and we haven't had issues. 

No more than ten to 20 people use it in our organization. These are technical people who deal with it directly.

We can get the support, however, every time we request some support, they charge us, which we do not like. Otherwise, if you do not consider the price side, technical support is good.

We did use a different solution that was based out of Russia and was very similar. 

I did not handle the initial setup process. I don't handle the technical aspects of the product. I'm more on rules and optimization. 

We have up to ten technical people who can handle deployment and maintenance tasks. 

The pricing could be lower. 

We are a young company. Maybe for big enterprises, price doesn't matter. However, for young companies, price-wise, it's not that good. It's a bit pricey. 

You also have to pay extra to receive technical support.

I'd rate the affordability a two out of five. 

We are customers and end-users.

I'd rate the solution nine out of ten. I've been satisfied with its functionality.

We use the solution for a banking domain to maintain device identity and vendor recognition. It prevents fraudulent activities. We also use it to perform device checks and obtain tokens for verified devices for secure transactions.

Integrating the solution with the banking APIs effectively provides a confidence score for calls. It helps users detect suspicious activities such as brute force attacks.

The solution's most valuable feature is its capability to thoroughly investigate a device and see all the sessions and login attempts. It creates a nice visualization displaying the device's location and activity. It also integrates quite well with other applications. It helps us track one application through another.

The solution needs upscaling in terms of interface. It could be intuitive.

We never had any issues with the solution's stability. We were always able to access it whenever needed.

The solution is scalable. We have five to ten users in our department.

We have two in-house solutions that perform tasks similar to ThreatMetrix. Thus, we had once considered stopping to use the solution.

I rate the solution a seven out of ten. It is worth it if you are looking for an application that can secure or authenticate your device utilized for an important source. It displays good visuals for detailed user insights. We encountered a couple of issues with API calls to ThreatMetrix. Its interface could be more intuitive in terms of details.

We have a mobile application for Android and iOS. We just want to know that the application installed on the mobile device is good or not. If some hacker is installing the application or the application is installed on compromised device, we should know this so we can block it.

We have around 800,000 applications installed on Android and iOS. In the past, We've had fraud issues. After using ThreatMetrix solution, We were able to figure out the compromised devices and doing so helped to find that 1400 devices are compromised. We were able to not allow payment, a standing order, direct debit, or any other kind of payment, and that ultimately protects us and the user.

The most valuable feature for us is the fact that basically, we don't use paid metrics. We'd only use them for extensibility. We basically use it for device profiling and we just want to see if the device installed is correct or not. And if it is not correct, we don't allow them in there. We don't allow any kind of a standing order directive at any time.

The integration is fairly simple.

The solution has been stable over the two years we've used it.

There doesn't seem to be any issues with scalability.

Technical support was very helpful throughout the deployment process.

There is excellent documentation available.

They are very proactive in enhancing their product on a regular basis.

We are only using one feature. We haven't found the other features to be very good or very powerful.

We'd like more tools that could help notify us as to if something is happening. The solution is providing a similar feature, however, it's not powerful enough. It doesn't really capture the threats as we'd like it to. It's like root detection. Anyone can compromise/hide it and ThreatMetrix is not able to report correctly.

There should be an entire package that helps protect our users, instead of just one good feature. Currently, we have to use another tool to cover its shortcomings.

I've been using the solution for about two years so far.

The solution is stable. I would say it's really good. It's been two years and only once or twice did we have to change the certificate hash, however, that did not impact anything in terms of the customer. I'd say it's pretty reliable.

We haven't had any issues with scaling. I would say to various levels, we have a huge user base and we have not seen any issue yet. Not even a single issue or a product has been affected by an inability to scale so far.

Typically, we just have developers that actually have access to the solution.

Technical support from the very beginning has been excellent. They were invaluable during deployment and continue to be responsive and helpful.

We didn't previously use a different solution. We've only ever really used ThreatMetrix.

The implementation is in two parts, for the front end and back end. The front end is straightforward. You just need to add the SDK call for the profiling that's all. In the back end it's a little complex. There are little complexities to an installation in the on-premise deployment version. 

We had a back end team and an environment team that assisted with the deployment, along with ThreatMetrix. I'm not sure, in total, how many people ultimately got involved.

The deployment is ongoing. It's been two-plus years and we'll deliver the entire solution in two months.

The implementation strategy was to first have regular developers and a development server. The first thing we have done is to deploy on-premise ThreatMetrix to the deployment server, and, when everything is ready, come to the front end. The front-end is calling to the ThreatMetrix on-premise telematics server and the data, to create a multi-stack. Basically, there are four or five touchpoints.

Post deployment it does not require too much maintenance. However, we have one person who takes care of this product. He's largely checking on the fraud data. He'll watch to see if there is Is anything wrong or if any profile is missing, etc. He's a fraud detection analyst.

We tried on our own at first, however, we could not implement on our own, so we needed ThreatMetrix to help to install and assist with ordering everything for on-premise.

Their support is really good. They create a pretty good relationship with the customer. We have a relationship manager and we have some guys we can definitely call or send an email to. We can ask anything anytime.

I don't handle any aspect of payments or licensing.

I joined the company after ThreatMetrix was selected. I'm unsure of if other solutions were looked at or what they might have been.

I'm not sure which version of the solution we are using. It may be some variation of version five.

The solution in terms of implementation is pretty good and it can be a fairly simple deployment. It seems complex at first, however, it's very, very simple and the documentation is fairly good. That said, we thought we would be getting more benefit and only later realized some areas are not as robust as we had thought.

In terms of our requirements for device detection, I'd rate the solution a nine out of ten.

We're using the solution to help us identify scenarios where the same device is appearing to purchase multiple policies from us. There are two scenarios of what that entails. Number one is ghost brokering. The second is identity theft. The scenario would be, I steal your identity, and I come to our website, where I purchase a policy in your name. What doesn't make sense is why would two different people, looking at two different addresses, be using the same device? That's the scenario we're concerned about.

The user interface, the portal, is very helpful in describing what attributes of concern are associated with the device. 

They created a related events report for us. What that does is it helps us quickly identify any time the same device is associated with three or more transactions that are seemingly not related. If it's the same household, we wouldn't be interested in that, however, if it's coming from different addresses, etc., that's where we become concerned. 

Those are the two most helpful features that we find.

There are no real pain points for us. 

One limitation is it only maintains six months' worth of data. It would be nice if it went back even further to help us really identify and flush out patterns that go on longer. I wouldn't say it's a pain point, however, it would be a nice feature and a nice enhancement of the tool.

It would be great if there could be a streamlining of the case management process. If we identify a device that we're concerned about, what we'd like to do is if that device comes into our network, that we would automatically route it into our case so that we would know immediately that the device of concern has reappeared. Right now, you have to manually do that and it would be good if that could be automated.

 We installed it in May of 2019.

We've never had any problems with either the website being down or any errors regarding the way it interacts with our website. No issues with that at all. I'd say the solution is quite stable.

The solution is scalable. A company shouldn't have any issues expanding it if they need to.

Within our organization, there's probably, I would say, between a dozen or two dozen, users. Some use it for technical purposes, and some use it from the business side.

Technical support is great. We have weekly meetings with them and they've been, honestly, outstanding. They've been very responsive. Anytime we have questions or we need clarification or additional information, their technical people have been very responsive, both by email and by phone. If we have meetings, they've made themselves available on short notice. The experience has been outstanding.

The setup isn't complex. We found the initial implementation relatively painless. From a technology standpoint, we didn't encounter any problems. The day we turned it on, it was working and we haven't had any outages or significant issues at all.

The actual deployment took place over a weekend. I'm not a technical person, so I don't know exactly how long it took due to the fact that other people in our company took care of that. However, I know it went in over a weekend and was working by Monday morning. 

The implementation took longer, from our standpoint, as we needed to get all the necessary approvals and the testing done to make sure that there was no impact on other parts of the dot com portal itself. That said, the installation, once we got past all of our internal affairs in order, was pretty quick.

In terms of maintenance, from the technical side, there's one main contact person. We use a company to help us. They assist in managing our websites, so it's a partnership between us and a third party. There's one lead person on our technical side and then myself on the business side who are the primary users of the tool.

We're just a customer. We don't have a business relationship with the company.

Due to the fact that contracts are handled by our procurement department, I don't know the exact price.

There are no licensing costs per se. The way they charge is by evaluation. We bought a bundle of evaluations. For example, 100,000 evaluations for a set amount of money. There are professional services that they charge for also, which go toward monitoring the rules that are in place and recommending adjustments and improvements to better isolate high-risk transactions, reducing false positives. There are two components of their charge, it's the evaluation charge that's on a per transaction basis, and then a professional services fee. You could also lump in SSL. There are a few other fees in there, however, they're minimal.

We spoke to a couple of different companies. We engaged with our procurement organization and they did a search of the marketplace, however, we only installed ThreatMetrix. We didn't install any other products. We spoke to people, however we didn't install any other products.

We're using the web version. I'm not aware of if they have multiple versions.

I would recommend the solution to others.

I would tell potential users that it's important to provide ongoing feedback to ThreatMetrix as to the outcomes. That will help them further refine the tool. If you don't have a commitment to providing the feedback loop, my guess is it would be less successful. One of the reasons we've had success is that we've been providing information back on the outcomes, which helps them fine-tune the model and improve on it from that perspective.

Overall, I would rate the solution ten out of ten. We've had a very good experience using it.

I was initially responsible for deploying this solution, and after that, I have done development for three major clients. I initially started using ThreatMetrix in an anti-fraud mobile application for detecting fraud. It was a mobile wallet, and I was responsible for the API in the mobile team, which was responsible for deploying it out in the field. The way ThreatMetrix works is that it has a corresponding mobile SDK and web service in the backend. My team was responsible for deploying it to effectively integrate it into the platform for the client.

We started using this solution because the company was given a ransom or DDoS threat. A malicious group targeted the company and said that because they are a huge mobile wallet company, being used a lot for international money transfers, if the company doesn't give a payment, they are going to DDoS the company's service. Effectively, we decided to use ThreatMetrix to understand what our clients were using and which device they were using so that we can block and whitelist IPs which were coming in, and basically, giving us DDoS. That was the first time I was introduced to ThreatMetrix.

Since then, I have deployed it in a few places. We have deployed it in a bank as well as in one of the new digital-only or mobile-only banks. It was again deployed for detection to whitelist IPs and manage the devices that were trying to steal your account. In the most recent use case, which was about three years ago, I created an open-source library that effectively allows you to easily integrate ThreatMetrix. I haven't actually maintained this library, but I am in the midst of talking to ThreatMetrix to see if I can revive that project.

We initially deployed ThreatMetrix on-premises, but this was before the cloud became available. My last solution was on AWS, but ThreatMetrix is a SAS service. You don't deploy ThreatMetrix, you effectively call the API. They have their own SAS network, so you can call out to ThreatMetrix. They don't really care where you deploy your solution. They don't install anything on your network basically because you're going out and pushing information back to ThreatMetrix, and they are giving the response back to you. All you use is an SDK. You configure the SDK, and the configuration file lives on their server. You make a call out to their server. It gives you back the configuration details, and then from there, you configure the system and talk back to them effectively.

The most valuable thing is about the IP. They have a database of malicious IP addresses against which they check. They have a huge database for routed devices and the devices that have been used in the past to commit fraud. They have extensive historical records of all of that information, and that's probably the most valuable thing about ThreatMetrix.  Over the years, they have been collecting and persisting globally across all the banking and financial services. They have been storing all this information. 

It is this stored information that I and my team find valuable; it is not so much their technology. If you are running it on a simulator and trying to maliciously clone and copy IP addresses and stuff like that, they have a bunch of technologies, like routes section and all the other stuff. It is just that they have something that no one else can deal with, that is, massive amounts of big data about the malicious IP addresses, malicious device fingerprinting, the fingerprinting router devices, and the fingerprints. 

You can query against this stored information to find out whether your app is in a good, nice environment. If yes, you get a green light. The last time I checked, there were about 400 or 500 features that they can stack against, which is pretty extensive. They give you a score against all those features for every application that you installed on it. It is pretty good in that sense.

SDK is probably where the biggest issue is. The SDK configuration is a bit lacking. If you are integrating it into your workflow, it is very cumbersome and very difficult to integrate. You have to understand and be an expert in low-level mobile applications to integrate this stuff. Integration should be easy based on what they are providing, but unfortunately, it is not. It is very difficult. 

My work has been trying to simplify the integration process because integrations bring a lot of value. Most companies don't see their value because it is such a difficult process. For integration, you have to get it right as well, but it is very difficult to get it right because they don't help you in tuning your future parameters. Because of this, it is very difficult to tune your future parameters and your risk score. If you are Uber, your risk score will be very different from a banking client that is pushing funds. These two things need to be improved for me. The rest is pretty good.

I have been using this solution since 2010 or 2011. 

It is pretty stable. The biggest issue is false positives. For poorly configured applications, ThreatMetrix may end up kicking customers out of your platform because it would flag them as fraudulent when they are not. 

When a user is about to log in to an application, such as a banking application, if you base your login credentials based on the information from ThreatMetrix, it would basically log the user out of the application. So, people who are legitimate users of your service will get kicked out of the service because ThreatMetrix will think that they are up to no good. For me, that's the biggest complaint and issues you get from customers on the field because basically, they can't log into your service.

ThreatMetrix itself has gone down. ThreatMetrix is based on five-year-old data. It is the biggest information data. If you have a high-volume application, ThreatMetrix may end up going down, which will impact service delivery to your client and customers. Apart from that, it is pretty stable. There are false positives, which, if you design the application properly, shouldn't really be kicking people out of the application.

It is scalable, but I haven't tested it to the point. It is a SAS solution, and it is global. What we have used in the past is very scalable. We had 3,000 or 4,000 requests per second, and it easily handled them. It sometimes might end up going down. They might have improved since then, but it is actually pretty scalable.

Technical support is probably the most lacking thing in my opinion. They are very responsive, but it would be great to have highly technical people on their support team, rather than just sales engineers. It would be good to speak to actual engineers who are configuring the product.

I understand that it is going to be difficult because they are global and have clients across the world, but most of the time, every client has very specific needs. Understanding the client domain is important. The sales engineers or the engineers that are sent out to the floor may not necessarily have that expertise in the client domain, which is a problem because the client is an expert in its own domain and ThreatMetrix is an expert in its own domain. It is marrying these two and making sure that you are solving a client's problem effectively. If you hire a technical engineer, you will be able to have someone with domain knowledge. 

As far as we are concerned, ThreatMetrix is fine, but most of the time, it is an integration issue. That's really what it comes down to, but they are highly responsive. They do send engineers out to the client's site.

It is very complex, which is a problem. There are a few issues. Because of what it does, it needs low-level access to where it is used as an SDK. The problem with that is that most mobile developers don't have that knowledge. Therefore, if you are an advanced developer or an expert developer, then it is fine, but if you are just a junior and mid-level developer, you would find it difficult. That is because they make reference to things that as a developer, you don't really use much on a day to day basis. That's why it is a problem. There are ways to make it easier. There are various ways to make integrations very easy, but last time I did it, it wasn't the best, but it could be improved. It is usable, but there is definitely room for improvement.

Because it is a SAS solution, you just integrate it into your build flow and your product. It shouldn't take you more than a week or two. It should take a week or two for integration to work. The difficult part is tuning the deployment, which takes time because you need data to include in your workflow. The actual deployment and implementation would probably take about a week or two and probably less if you know what you are doing.

The implementation strategy depends on the client. It has an extensive knowledge base, which unfortunately is hidden behind and is not easily available. You have to be using their product to be able to see the knowledge base. This is a huge and massive knowledge base, which in itself is a problem because people just get lost. I found myself getting lost a few times trying to use the knowledge base. 

Most of the time, they give you an engineer, but it is normally a sales engineer, which is not the best. You prefer to have a real engineer who will help you, but you normally get a sales engineer to assist you. It would be better to get a real engineer who comes out and assists you with the integration. I have spoken to ThreatMetrix engineers, but I have never actually had them come out on the client-side to assist me. The appointed sales engineer helps you with the integration, especially into your backend because you need to explore all the feature sets. 

The actual deployment should not take more than a week or two, but you see it stretching out to a month because of the issues and the lack of knowledge and expertise within the development team to do this integration. If your application is not flexible enough to store these feature parameters, you will run into issues. Badly assisted applications have difficulty integrating with ThreatMetrix, mainly because these feature sets are set in stone. ThreatMetrix has got this massive feature set, but most platforms are not designed to ingest this much information, tune it, and then just make a decision based on these parameters. This is effectively where the issue lies. 

Integration is where most people have issues. That's why it takes such a long time because you have to develop your application according to the API from ThreatMetrix. It is not the other way around, which makes things a little bit difficult. If you are just starting, it is excellent, but if you have an application that has been used for a long time, it makes the integration a little bit tricky. This is mainly because you need to go back and re-engineer and re-integrate it.

I am not aware of the price. I have always come in after it has been negotiated.

The clients do get a return on their investment. It mitigated a massive DDoS, and it definitely detects fraudulent activities on banking platforms. They have definitely got their ROI back because there is continued investment in ThreatMetrix over time.

I have assessed some solutions that deal with detection. They are not exactly in the same area as ThreatMetrix. They were not as extensive as ThreatMetrix, especially with threat detection. ThreatMetrix has a massive database of blacklist IPs, which I think is more valuable than those we assessed. 

I would say to definitely consider it at a design stage, or at least to have an extensive sandbox where you can set it out. The major thing is integration into your current system and also false positives from poorly configured systems. If you actually do have a system that is already running, then definitely look at the integration and look at the knowledge base to understand exactly what it takes and how do they integrate.

It is not just integrating the SDK or the API in the product; it is understanding the massive parameters that you can tune. ThreatMetrix helps you with that aspect, but it is really up to you to tune them for your application on your platform. If they are not tuned properly, you would definitely get into trouble because you have started flagging up false positives, which you don't want to do.

I would rate ThreatMetrix an eight out of ten. It needs a few improvements, but it is definitely good. 

The solution is used for fraud assessment of credit card transaction processing in a retail environment. That's the main thrust of it. Basically, it's a fraud assessment tool.

We were able to take steps to control fraud in several countries. That was the biggest benefit. It would be difficult for me to quantify in terms of dollars and cents what the benefit was, however, it did help control fraud.

The most valuable feature the solution has is that it is able to do a fairly accurate fraud assessment of a credit card transaction.  The rules used in fraud scoring can be based on many transaction attributes such as purchased IP address (country), amount, email address, etc.  Scoring rules can be configured by the merchant. The accuracy in its assessment is the most important thing for such a tool.

I'm not sure if I could answer questions about limitations accurately. Our implementation of it could definitely have used some improvement, however, that was a limitation on our part rather than on the part of the product. 

The initial setup is a bit difficult. During our implementation, we chose not to do a real-time integration. The integration was more of a batch asynchronous process. That could have been improved to make it more real-time.

I'm not aware of any areas in which the product needs to be improved.

The solution could be more powerful.

It would be useful if they could offer real-time processing.

There could be more features similar to what eCertify offers.

I had probably started using the solution from about 2012 or 2013, or somewhere in there, up to the present. It's been about 7 years.

The solution is quite stable. We didn't experience outages and downtime. There aren't bugs or glitches. It's reliable.

I would not be able to answer the question of scalability since our implementation was that not real-time. Therefore, responsiveness and scalability were not an issue.

There are three or four people in particular in our call center that deal with threat defense. There's a fairly limited number of people who use the solution in our organization.

We did want to increase usage for not only the US but other markets as well. However, that was not accomplished. It was limited by the company's flexibility.

I have no access to technical support. I can't speak to the company's responsiveness or knowledgeability in this area.

We did not use a different solution before this product, however, eCertify has since replaced ThreatMetrix.

We switched due to the fact that eCertify was more powerful, and it was also a technical requirement in relation to other enhancements that were made to the payment architecture. These other enhancements included tokenization. This added feature required that we changed the fraud processor.

I wouldn't say that in our case, the solution had a straightforward implementation. My understanding from the people who did the set up was that it was somewhat complex. There was difficulty from their standpoint.

It took quite a bit of time to set up. It was a month or so. It may be a bit longer than the standard implementation of competition on the market.

I'm not sure if we followed a specific implementation strategy or not.

The solution does not require very much maintenance. There's hardly any needed.

We've definitely seen an ROI in relation to not only money but in product and risk reduction as well.

The solution is a SaaS offering.

My understanding was that the pricing was pretty good. 

I would suggest that a potential new customer that's in the market for such a product get quotes from the top three or four players. These would be ThreatMetrix, Kount Retail Decisions, eCertify, and CyberSource. Those are the main fraud assessment platforms that I'm aware of.

Fraud assessment is a good thing for merchants to implement. Fraud, in general, in the transaction processing space, is a big issue and becoming larger as the years go by. I would advise merchants to do engage with such fraud assessment tools as ThreatMetrix.

Overall, I would rate the solution seven out of ten.

It's not a higher ranking due to the fact that the integration has limitations with other vendors like Credit Card Gateway. Some of these things may change over time, however, the other products that I mentioned have more integration options with other vendors, and therefore that would be a limitation ThreatMetrix.

Our primary use case for ThreatMetrix was for our device intelligence, to help us with our fraud detection and monitoring capabilities. This is primarily for our lending products, so a supplier driven lending product. We were customers of ThreatMetrix. 

The effect it had on the company was the fact that we were able to much more easily detect if people were using VPN for travels, which country they were accessing the platform from, and we had access to a large amount of new data points that we previously didn't have. That was really useful for us, as well as the fact that it was easily customizable and there were dashboards that showed the threat model and where they were potentially coming from. Especially in instances of fraud, we could actually go back and retroactively look at the data, and see if there was anything that we could potentially use to pick up and feed into future models.

I liked the rules engine, the fact that there were custom rules that were accessible, that we then got an update every month in terms of how it was performing. It meant we could keep updating our rules and tweaking them to suit. Sometimes they gave false positives and sometimes we made them a bit too lax. It was quite easy to use and customize as we went through that journey. The other thing was that we had our own proprietary admin console, so we could easily consume the API and bring the data onto our custom application. It was easy to use and implementation was fairly quick.

As much as I liked the rule engine, I would say that I didn't find it particularly intuitive. Thankfully, we had good engagement managers who walked us through what the fields meant, as it wasn't immediately obvious. There wasn't a clear mapping or description of these fields so that could be improved. We had to create an internal dictionary for distribution to users of the platform. 

While there were lots of data points, which was a positive, it was also somewhat of a negative. When you have 125 fields, it can be an overload of data that makes it difficult to know which are valid and useful. ThreatMetrix relied on us to understand some of that intelligence, but that's not our expertise. More understanding of which fields would be applicable for our use case, and that kind of collaboration, would have been helpful. You learn it over time anyway, but it creates challenges when setting up. 

I think the solution has some way to go in terms of its user-friendly nature, and in terms of some of the dashboards and metrics that it provides. In terms of some of the out of the box functionality, it would be good if there were some out of the box rules set up. We worked with the engagement manager to set it up, but having options would have been better.

This is definitely a scalable solution. It took time to get people on board, primarily because of the lack of understanding of the data point. 

The initial setup was quite straightforward. There's maintenance involved in terms of updating the rules, doing some end-of-month checks, and that was primarily carried out by me as the business analyst. Credit analysts were also involved, interpreting any instances of fraud, but nothing got back to the ThreatMetrix system.

I think the solution was reasonably priced. I think our licensing was through a partnership with Equifax, which complicated the procurement, to be honest. It's something to be mindful of, and I would suggest going directly with ThreatMetrix, as opposed to these convoluted license agreements through a third party, that make it more difficult to get support.

ThreatMetrix seems like a fairly complete solution. Because of the rise of mobile, we were moving to a mobile based lending product. Given that fact there was a concern that there was a new vector for attack and that's what we wanted to protect ourselves against. 

It's important to understand your use case very clearly. I think the challenge we had was the understanding that this was a capability that we needed, but we were not particularly clear as to how extensively we would use it. That's worth figuring out in advance. You can access the admin console and view performance once it's been implemented. That's worth doing as well as making use of the ThreatMetrix dashboard.

One of the things that I learned was just the sheer number of vectors that a potential attacker could use when they access your service, or your platform. That was a whole journey, discovering the many ways attackers can access the system, try to create multiple accounts, and do lots of accessing on servers in hidden locations. The fact that it's actually possible to track that information based on the browser, and based on the user ID, and being able to link that through different devices was interesting. 

I think device intelligence is still relatively new, and not everyone in the risk team fully understood it. We had a few people who didn't think that it provided much value from the outset, and getting them on board was more challenging. It slowly improved over time, as we became more embedded in part of the credit check, primarily by the credit risk team. It was used more to identify, to ensure that people are who they say they are, and they're contacting from devices that we know to be safe and secure.

I would rate this solution a seven out of 10.