Fighting Identity Theft with Analytics

Security vendor Guardian Analytics is using behavioral modeling to prevent online identity theft and bank fraud. The small security vendor is entering a crowded market for authentication technologies and is banking on its ability to build models based on user behavior to predict user activity and thereby detect fraud.

Security firm Guardian Analytics is banking on behavioral modeling to beef up authentication and protect online financial transactions against fraud and identity theft.

The company has extended what it calls dynamic account modeling. With its technology, now inside its recently launched FraudMAP 2.0 product, the Los Altos, Calif.-based company models individual account holder activity session to session in a bid to detect suspicious activity inconsistent with the account holder's predicted behavior.

The predictions are crafted based on a number of factors beginning with session history but also including things such as the physical location of the machine and how the user normally connects to the Internet. The IP address intelligence and geo-location information is provided through a partnership with Quova. The risk score, however, weighs heavily on what the user does online as well.

"We have more behavioral kinds of things, like do you access your account during the week or during the weekends," said Tom Miltonberger, CEO of Guardian Analytics. "All those things go into the model for you so that we can predict what you might do next. There's no single profile, there's no single indicator, there's no rule, if you will. It's all very complex, multi-dimensional prediction of things that you might do, and then we're comparing the new activity to how likely we think that would be you versus how likely we think that activity might be someone else."

The fight against online identity theft has many combatants, each with their own authentication and anti-fraud technologies. The bigger players include EMC's RSA security division, Entrust and Oracle, which entered the space with both feet with its acquisition of Bharosa last year. And there is no shortage of fraudsters either, as evidenced by news of the Coreflood Trojan and the recent arrests of 11 members of an international fraud ring.

The congestion of the market and the often blurred lines between anti-fraud and authentication technologies may mean Guardian Analytics' technology has a bit of an uphill climb. However, analysts have opined that the Red Flag provision of the Fair and Accurate Credit Transactions Act provides an opportunity for financial institutions to increase investment in anti-fraud technologies. A March 2008 survey conducted by Gartner found about 60 percent of the 50 banks surveyed expected to spend more on fraud-prevention technologies in 2009 than they did this year.

Guardian Analytics is looking to differentiate itself by targeting what it calls multi-channel fraud, where identity thieves use a compromised online banking account to obtain information such as account numbers and signature blocks to commit financial fraud later via another banking channel, such as the call center or through writing fraudulent checks. These schemes leave no suspicious online financial transactions for account holders or transaction monitoring systems to detect. By using its analytical capabilities, the company contends financial institutions can better detect identity thieves and thereby thwart this kind of activity.

"What we're really about is the entire online process, from when you log in to when you log out, all the different activities you do, is there anything unusual or suspicious that would indicate some kind of fraudulent activity," Miltonberger said.