Kaspersky Lab has shared the results of an investigation that has troubling implications for digital security providers, exposing a massive darknet e-shop that sells stolen digital identities. The storefront is called Genesis, and its vendors are able to copy and even create unique ‘digital masks’ – profiles associated with behavioral and device data that some anti-fraud systems use to verify online transactions.
According to Kaspersky Lab, Genesis carries more than 60,000 stolen digital masks, which are built with machine learning technology that analyzes an individual’s behavioral tendencies online. The stolen Genesis masks can be purchased for anywhere from $5 to $200, and come with passwords and login credentials that allow the buyer to access accounts and perform fraudulent transactions that seem completely legitimate when run through a proxy browser.
“Digital doppelgangers are hard to catch,” said Sergey Lozhkin, a security researcher at Kaspersky Lab. “An alternative way to prevent the spread of this malicious activity is to shut down the fraudsters’ infrastructure. That is why we urge law enforcement agencies across the world to pay extra attention to this issue and join the fight.”
Fortunately, the cause is not completely hopeless. Kaspersky recommends that businesses use two-factor authentication and biometric authentication to better protect their customers, which only underscores the growing demand for biometric security.
Kaspersky has previously found security gaps in mobile apps for connected cars. The global biometrics market is expected to hit $10.72 billion by 2022 as behavioral biometric providers like BioCatch continue to develop more effective anti-fraud technology.
April 11, 2019 – by Eric Weiss