We do have experiences where unknown sessions appear on the system. This is blamed on the internet on the client's side being weak. The pricing could be better. The interface does look a bit outdated.
Lead Android Developer at a financial services firm with 10,001+ employees
Real User
Nov 22, 2020
We are only using one feature. We haven't found the other features to be very good or very powerful. We'd like more tools that could help notify us as to if something is happening. The solution is providing a similar feature, however, it's not powerful enough. It doesn't really capture the threats as we'd like it to. It's like root detection. Anyone can compromise/hide it and ThreatMetrix is not able to report correctly. There should be an entire package that helps protect our users, instead of just one good feature. Currently, we have to use another tool to cover its shortcomings.
Product Owner at a tech services company with 51-200 employees
Real User
Nov 17, 2020
As much as I liked the rule engine, I would say that I didn't find it particularly intuitive. Thankfully, we had good engagement managers who walked us through what the fields meant, as it wasn't immediately obvious. There wasn't a clear mapping or description of these fields so that could be improved. We had to create an internal dictionary for distribution to users of the platform. While there were lots of data points, which was a positive, it was also somewhat of a negative. When you have 125 fields, it can be an overload of data that makes it difficult to know which are valid and useful. ThreatMetrix relied on us to understand some of that intelligence, but that's not our expertise. More understanding of which fields would be applicable for our use case, and that kind of collaboration, would have been helpful. You learn it over time anyway, but it creates challenges when setting up. I think the solution has some way to go in terms of its user-friendly nature, and in terms of some of the dashboards and metrics that it provides. In terms of some of the out of the box functionality, it would be good if there were some out of the box rules set up. We worked with the engagement manager to set it up, but having options would have been better.
Senior Manager at a insurance company with 10,001+ employees
Real User
Nov 16, 2020
There are no real pain points for us. One limitation is it only maintains six months' worth of data. It would be nice if it went back even further to help us really identify and flush out patterns that go on longer. I wouldn't say it's a pain point, however, it would be a nice feature and a nice enhancement of the tool. It would be great if there could be a streamlining of the case management process. If we identify a device that we're concerned about, what we'd like to do is if that device comes into our network, that we would automatically route it into our case so that we would know immediately that the device of concern has reappeared. Right now, you have to manually do that and it would be good if that could be automated.
Payment Solutions Architect at a computer software company with 11-50 employees
Real User
Nov 12, 2020
I'm not sure if I could answer questions about limitations accurately. Our implementation of it could definitely have used some improvement, however, that was a limitation on our part rather than on the part of the product. The initial setup is a bit difficult. During our implementation, we chose not to do a real-time integration. The integration was more of a batch asynchronous process. That could have been improved to make it more real-time. I'm not aware of any areas in which the product needs to be improved. The solution could be more powerful. It would be useful if they could offer real-time processing. There could be more features similar to what eCertify offers.
SDK is probably where the biggest issue is. The SDK configuration is a bit lacking. If you are integrating it into your workflow, it is very cumbersome and very difficult to integrate. You have to understand and be an expert in low-level mobile applications to integrate this stuff. Integration should be easy based on what they are providing, but unfortunately, it is not. It is very difficult. My work has been trying to simplify the integration process because integrations bring a lot of value. Most companies don't see their value because it is such a difficult process. For integration, you have to get it right as well, but it is very difficult to get it right because they don't help you in tuning your future parameters. Because of this, it is very difficult to tune your future parameters and your risk score. If you are Uber, your risk score will be very different from a banking client that is pushing funds. These two things need to be improved for me. The rest is pretty good.
ThreatMetrix leverages a large database of malicious IP addresses and device fingerprints to enable effective fraud assessment using historical data. Real-time analytics and customizable scoring rules help identify suspicious transactions, supporting fraud detection across diverse platforms.ThreatMetrix is renowned for its seamless integration with custom applications and device profiling, offering a robust system for risk mitigation through real-time analytics. While documentation is...
The tool is very expensive.
The solution needs upscaling in terms of interface. It could be intuitive.
We do have experiences where unknown sessions appear on the system. This is blamed on the internet on the client's side being weak. The pricing could be better. The interface does look a bit outdated.
We are only using one feature. We haven't found the other features to be very good or very powerful. We'd like more tools that could help notify us as to if something is happening. The solution is providing a similar feature, however, it's not powerful enough. It doesn't really capture the threats as we'd like it to. It's like root detection. Anyone can compromise/hide it and ThreatMetrix is not able to report correctly. There should be an entire package that helps protect our users, instead of just one good feature. Currently, we have to use another tool to cover its shortcomings.
As much as I liked the rule engine, I would say that I didn't find it particularly intuitive. Thankfully, we had good engagement managers who walked us through what the fields meant, as it wasn't immediately obvious. There wasn't a clear mapping or description of these fields so that could be improved. We had to create an internal dictionary for distribution to users of the platform. While there were lots of data points, which was a positive, it was also somewhat of a negative. When you have 125 fields, it can be an overload of data that makes it difficult to know which are valid and useful. ThreatMetrix relied on us to understand some of that intelligence, but that's not our expertise. More understanding of which fields would be applicable for our use case, and that kind of collaboration, would have been helpful. You learn it over time anyway, but it creates challenges when setting up. I think the solution has some way to go in terms of its user-friendly nature, and in terms of some of the dashboards and metrics that it provides. In terms of some of the out of the box functionality, it would be good if there were some out of the box rules set up. We worked with the engagement manager to set it up, but having options would have been better.
There are no real pain points for us. One limitation is it only maintains six months' worth of data. It would be nice if it went back even further to help us really identify and flush out patterns that go on longer. I wouldn't say it's a pain point, however, it would be a nice feature and a nice enhancement of the tool. It would be great if there could be a streamlining of the case management process. If we identify a device that we're concerned about, what we'd like to do is if that device comes into our network, that we would automatically route it into our case so that we would know immediately that the device of concern has reappeared. Right now, you have to manually do that and it would be good if that could be automated.
I'm not sure if I could answer questions about limitations accurately. Our implementation of it could definitely have used some improvement, however, that was a limitation on our part rather than on the part of the product. The initial setup is a bit difficult. During our implementation, we chose not to do a real-time integration. The integration was more of a batch asynchronous process. That could have been improved to make it more real-time. I'm not aware of any areas in which the product needs to be improved. The solution could be more powerful. It would be useful if they could offer real-time processing. There could be more features similar to what eCertify offers.
SDK is probably where the biggest issue is. The SDK configuration is a bit lacking. If you are integrating it into your workflow, it is very cumbersome and very difficult to integrate. You have to understand and be an expert in low-level mobile applications to integrate this stuff. Integration should be easy based on what they are providing, but unfortunately, it is not. It is very difficult. My work has been trying to simplify the integration process because integrations bring a lot of value. Most companies don't see their value because it is such a difficult process. For integration, you have to get it right as well, but it is very difficult to get it right because they don't help you in tuning your future parameters. Because of this, it is very difficult to tune your future parameters and your risk score. If you are Uber, your risk score will be very different from a banking client that is pushing funds. These two things need to be improved for me. The rest is pretty good.