We have updated our Terms of Service as of May 23, 2018 to comply with GDPR. Please review the updated terms and policies carefully to understand how it may impact you. X


Account Takeover

Whether it’s a successful phishing, spear phishing, or whaling campaign that leads to an account takeover, security breaches involving these sophisticated social engineering techniques have become very common.

User authentication to prevent account takeover

Even security professionals fall victim to sophisticated phishing attacks. While we can’t prevent the attacks, we can stop a bad actor from gaining access once they have maliciously acquired authentic login credentials.

ThisData’s complex login intelligence monitors every user login for behavioural risk anomalies that may indicate a breach is in process. Our multi-layered approach passes the characteristics of each login through various filters and analyzers so that we can establish whether a user is actually who they say they are.

95% of all attacks on enterprise networks gained entry through a spear phishing attack.


These Analyzers Include

  • Unknown devices
  • High risk IP addresses
  • Suspicious login locations
  • Tor usage
  • Whitelist and blacklist countries
  • Velocity checking
  • Geo-location anomalies
  • Project Honey Pot
  • AlienVault Open Threat Exchange

Automated User Notifications

When high-risk logins are detected ThisData can automatically send whitelabelled “Was this you?” notifications to your users by email or SMS. Your users have become accustomed to receiving this type of notification from Facebook, Google, Apple, or perhaps their bank, and they will appreciate this level of service from your company too.

User Notifications
Customized Security Workflows

Customized Security Workflows

Every Security or DevOps team is aware of the concept of alert fatigue. With so many security alerts it becomes a challenge to investigate them all and ultimately, the job is not done. By integrating ThisData your users are helping to reduce false positive alerts by confirming whether it was or was not them who logged in. If it was not the user, webhooks are triggered and can automatically be processed by your app to kill a user session or initiate a threat response plans that you have in place.

Account Takeover
Two Factor Authentication
Continuous Authentication
Fraud Detection
Adaptive Authentication
Risk Scoring