Listen Up: Pindrop Security Uses Audio Technology to Fight Account Takeover Fraud
By Joe Bush
There is a man operating somewhere in northern Europe who makes approximately $1 million per month over the phone. A bad man.
He uses easily obtained personal information to take over accounts by fooling call-center personnel using what’s known as caller ID spoofing to commit phone fraud. It gets much less notoriety than security breaches like Target’s in late 2013, but phone-fraud detection company Pindrop Security’s research shows that phone fraud is real, growing and damaging.
“He’s a machine,” Pindrop Head of Marketing Matt Anthony says of the European fraudster. “He figures out all the answers to any potential knowledge-based authentication questions, he does it to four or five accounts at a time and then he hammers institutions. If someone tags him, he hangs up and dials again, and starts all over again.”
Anthony’s company fights this type of fraud with technology developed by co-founder and CEO Vijay A. Balasubramaniyan, whose PhD thesis in 2008 drew the attention of bank executives, who urged him to market it. The technology compares the unique sounds in a phone’s audio signal against a database to pinpoint location, whether the call is from a landline, cell phone or voice over internet protocol (VoIP), and even the type of operating system of the calling device.
The thesis described 39 “fingerprint” features that could be identified, and continuing development has discovered 100 more. Pindrop’s Phoneprinting technology verifies legitimate callers and flags suspicious ones. A study by Pindrop released in November of 2013 that compiled phone fraud activity affecting financial services institutions during the first six months of 2013 revealed:
- One out of every 2,500 calls into financial institution call centers is a fraud call
- The average potential loss from phone fraud per financial account was $42,546
- The two account categories with the highest losses were $1-$25,000 and $75,000-$99,000, which correspond to average credit card account size and average home equity line size, respectively
- Individual fraudsters targeted anywhere from 5-10 accounts to as many as 200-300 accounts
- Roughly half of all fraud calls originated from mobile devices, while one third came from VoIP and the remainder (14 percent) from landlines. This contrasts with legitimate calls, of which 14 percent are VoIP and the remainder split between mobile devices and landlines.
The majority of the threats involve financial institutions (FIs), says Anthony; Pindrop counts two of the top four banks as clients, as well as two of the top four online brokers, including E-Trade. Phone fraud has escaped large-scale notice says Anthony, because it goes for volume of smaller thefts. Merchants, while they are not currently Pindrop’s biggest customers, represent a lucrative market the company is exploring.
“They walk away with a million here and a million there, just by hitting things like home equity lines and large credit card files, doing things like selling someone’s stock and then transferring that money out of their account,” Anthony says. “Couple thousand with credit cards, hundreds of thousands with home equity or stocks. That still flies below the radar when you compare to a Target breach, but it’s substantial. They’ve got a lucrative business going.”
Anthony says Pindrop works with 90 percent of calls into phone centers, and is useful for providing warnings of inconsistency, sending suspicious calls to the fraud department so call center employees can focus on customer service, and because it works in real time, stopping transactions before they are completed.
Simply put, says Anthony, the technology during a call would identify approximately where the call originates on regional level, like the western United States, the eastern United States, or France, and that it’s coming from a cell phone or VoIP system, and if it’s VoIP, what network.
“The thing that’s interesting about those two pieces of data is that if you look at a caller ID record, it says who it is, what the phone number is, where they’re calling from and what type of device they’re calling with. Using our technology you can say, ‘Well, the phone number belongs to a little old lady in Topeka, Kansas who’s calling on a land line, and this call’s coming from western Africa on a voice over IP line.
“That’s an unequivocal smoking gun that someone’s being deceptive on the call, and that’s really the heart of our technology. We’ve built that technology out so we can tell more and more about callers and then we’ve added other things. Is this a phone number that’s currently in service? If it’s not, that’s also a pretty good indicator that somebody’s spoofing.”
Pindrop works with calls that are inbound, outbound, live, recorded, in the interactive voice response (IVR) system, and boasts false positive rates below 2 percent. The Phoneprint technology gives a risk score for every call and cross references call characteristics with its fraud database. Anthony says the analysis of the audio signal boosts the technology’s reliance.
“Everything we analyze is part of the audio signal of the call,” he says. “We do look at metadata when they come, but that’s not the Phoneprinting technology. The reason that’s important is because when it comes to phone calls, the only thing you’re going to get 100 percent of the time is the audio.
“The metadata does not come through consistently, carrier data doesn’t come through consistently or is partial. (Detection) techniques that have tried to rely on that stuff works some of the time but not all of the time.”
Visit Pindrop Security in person at booth 414 during the 2014 CNP Expo in Orlando, Fla. May 19-22. Visit www.CNPExpo.com for more information and to register.