Formerly known as Shape Aggregator Defense, now F5 Distributed Cloud Aggregator Management. Learn more ›
F5 Distributed Cloud Aggregator Management
Gain the Benefit of Data Aggregators without the Risk
Mitigate the potential security and fraud risks posed by aggregators, while harnessing the power of open banking to innovate and drive revenue growth.
Manage Aggregator Traffic
Aggregators provide value-added services that improve the overall customer experience for financial institutions (FIs). However, aggregators can use valid credentials to scrape compliant data and bad actors can use aggregators as a vector for account takeover. FIs need a way to manage aggregator traffic and mitigate risk.
Challenges
Consumers enjoy the simplified user experiences and value-added services provided by financial service aggregators. However, aggregators pose risks to FIs and their customers.
Parsing aggregator traffic is difficult; most FIs are blind to aggregator usage among their customer base.
Bad actors can exploit aggregators and use them as a vector for account takeover (ATO).
Aggregators can exploit their privileged levels of access to scrape sensitive customer data.
Websites and APIs are vulnerable to runaway scripts or abusive aggregators that overload infrastructure.
Why Distributed Cloud Aggregator Management?
Establish a baseline to understand all traffic and label traffic as human, automated, or aggregator.
Block attacks from malicious actors posing as legitimate aggregators and prevent credential stuffing.
Ensure aggregators can only access data via authorized channels and under pre-defined limits.
Platform Overview
Securely enable customers to utilize financial aggregators while managing risk
Distributed Cloud Aggregator Management is a managed service that enables organizations to leverage the benefits of aggregators without the risk. Combining intelligence from a global network of known aggregators from the world’s top financial services firms and the power of our rules-assisted machine learning engine, high performance AI, and team of data scientists, we continually monitor aggregator traffic and take corrective actions to ensure aggregators adhere to agreed-upon usage policies. |
Labels all login attempts as human, automated, or aggregator.
Detects when attackers are credential stuffing through an aggregator.
Enforces adherence to access policies required by aggregator.
Alerts FIs and aggregators when attacker frameworks have been detected.
Distributed Cloud Aggregator Management Use Cases
Give your customers full access to their data—anywhere, anytime, and through the apps they choose—while also protecting against credential stuffing and ATO risks.
Telemetry models behavior, determines intent, maintains profiles.
IPs, ASNs, headers, user agents, user cohort and device mapping.
Universal policy management, plus AI and human intelligence.
Enforce volume and data access limits and report on violations.
Detailed aggregator traffic analysis and dashboarding.
Ways to Deploy
Distributed Cloud Aggregator Management is a cloud-managed service that leverages and extends the capabilities of Distributed Cloud Bot Defense to manage the unique security and fraud risks posed by aggregators, while enabling consumers to experience the value aggregators provide. Distributed Cloud Aggregator Management can be deployed on-premises, in a managed cloud, or in the F5 cloud.
Deploy as a part of our Enterprise Defense solution as reverse proxy in your datacenter.
Deploy as part of our Enterprise Defense solution as a reverse proxy in a managed public cloud environment.
Deploy as part of our Enterprise Defense solution as a reverse proxy in our cloud.
