Behavioral Analytics

Behavioral Analytics - Transaction Monitoring and Anomaly Detection to Defeat Today's Fraudsters

Cyber criminals are successfully defeating anti-virus, secure clients, multifactor and knowledgebase authentication, device ID, and other fraud monitoring solutions to break into a wide range of secure web-based systems. To protect their employees, customers, and financial assets, organizations need to start using the strategic advantage they have over the fraudsters—deep knowledge of legitimate user behavior.

As one example of the breadth of activity modeled by behavioral analytics, this graphic shows how it analyzes an online banking session from login to logout.

Behavioral analytics is a proven fraud detection and prevention methodology that uses behavior as the starting point to detect fraud. Different users quite naturally have different behavior from each other, as well as being different from a fraudster. Behavioral analytics takes advantage of this fact. Rather than solely looking for specific malware, fraud indicators or fraud patterns, which are all changing too rapidly for most institutions to keep up, behavioral analytics combines knowledge about fraud with activity monitoring and anomaly detection to determine if it is expected and legitimate behavior or suspicious behavior.

Dynamic Account Modeling™ Overview

FraudMAP's patented (see sidebar) implementation of behavioral analytics is Dynamic Account Modeling™. Dynamic Account Modeling works automatically—there are no burdensome rules to write or maintain, no algorithms to manually train—and from day one, it can detect fraudulent activity.

  • Using Dynamic Account Modeling, FraudMAP automatically creates and continually updates a model of normal behavior for each individual user or account holder.
  • With each subsequent access or session, Dynamic Account Modeling analyzes the userís activity. For example, in online banking this could include how they access their accounts, how they manage their accounts, the types of transactions they engage in, the frequency of activities, what kinds of activities take place during the same session, the type and amounts of payments, who the payees are, and more. Another example is an employee benefits portal, in which case FraudMAP could analyze device information, time of day, ISP and IP address, and the time lag since the last access.
  • Dynamic Account Modeling then determines if any of those events or combination of events are unusual, unexpected, or suspicious. Because it starts analyzing activity at login, Dynamic Account Modeling can detect fraud early on, allowing proactive intervention before money is lost or personal information is stolen.

Dynamic Account Modeling Catches What Others Miss

There are over 70,000 variations of Zeus. Phishing attacks via email, SEO, and mobile phones are rampant. Fraudsters use social engineering to acquire credentials. Criminals move money via the ACH network, wire transfers, bill pay, and execute varying forms of offline fraud. Some attacks are automated, some have a real human behind them. Some attacks target personal information that can be used in other attacks or sold to other fraudsters, while others simply attempt to complete fraudulent transactions. Companies across industries simply do not have the resources to understand, anticipate and respond to every possible fraud threat or scheme.

Solutions that detect fraud based on fraud rules, specific attack pattern definition or malware identification will miss fraud. Why? Unless the fraud happens exactly as the rule was defined and follows a specific pattern or uses a certain piece of malware, it will not be detected. There are too many types of threats and attacks to make these solutions effective.

By nature, malware detection, rules-based or pattern detection-based systems are reactive—security vendors and institutions need to know what the fraud looks like in order to define a rule or train an algorithm. But fraudsters rarely stick to the same attacks and are quickly innovating, meaning never-before-seen threats will be missed.

Because Dynamic Account Modeling is not dependent on rules or patterns, but instead looking for any deviation from established normal behavior patterns, it can find the widest array of attacks and automatically detect new and emerging attacks. And, because it is focused on each individual user or account holders and not generalized patterns or population norms of behavior, FraudMAP not only maximizes detection, it does so with minimal alerts.

Request a Demo

FraudMAP Demo

Request a live, personalized online demonstration of how FraudMAP uses behavioral analytics to stop fraud attacks.

Schedule a Demo

Anomaly Detection Toolkit

Guardian Analytics' Blog

This in-depth primer explains what anomaly detection is and how it works to stop the online banking fraud attacks that other solutions miss.

Learn More

Patented Technology

In 2012, Guardian Analytics was awarded a patent (U.S. Patent 8,280,833) for our innovative approach to behavior-based fraud prevention and risk scoring, specifically using probabilistic theory and a predictive fraud model to predict the expected behavior of an individual and generate a risk score indicating whether the behavior being observed is the expected behavior for any given individual or likely a fraudster.