Profile: 41st Parameter - fraud detection and interventionby Steve Ragan - Sep 10 2009, 23:00
Profile: 41st Parameter - fraud detection and intervention
Financial firms and e-commerce operations know fraud is a major business buster. They know the attacks are coming, but are unwilling to risk usability on the customer side or risk performance degradation on their end of things to prevent it. So they turn to companies like 41st Parameter for help.
When it comes to fraud detection, 41st Parameter does something different. We’ve previously profiled another fraud detection and prevention company on The Tech Herald, Guardian Analytics, so when we started talking with 41st Parameter, we expected to hear the same strategy, methods, and company roadmap. Some of the goals are the same, but the processes used are completely different.
Started five years ago, and located in Scottsdale, Arizona, 41st Parameter develops a fraud prevention solution aptly named FraudNet. When we spoke to company founder and Chairman Ori Eisen, and CTO Raz Yalov, most of what we learned cannot be reprinted due to its sensitive nature. However, we were given permission to talk about some things the company does to help prevent fraud losses in the financial and e-commerce sector.
What 41st Parameter does with FraudNet is essentially risk detection. However, how they go about rating this risk is where their uniqueness comes from. Each device that is used to make a transaction online has unique features associated with it. For example, FraudNet will create a fingerprint of the device based on IP address, but that alone is not enough.
In addition, other things are calculated, including a unique hash assigned to the device, as well as location information, browser data, time zone information, and several other aspects are all joined to create the fingerprint. FraudNet also uses patterns, performed by the user, but those are only a small part of the overall risk model that 41st Parameter uses for their clients.
Each client starts with a raw transactional dataset, which is sent to 41st Parameter. This raw data is then used to create the basic risk model used by FraudNet to detect the difference between legit transactions and fraudulent ones. Yalov explained that the risk model creation process is based on pure science and math, and that no two clients are using the same risk model, even if both are using FraudNet.
The risk model is in a constant state of flux. Based on conversations with Yalov, and Pete Selda, the newly appointed CEO for 41st Parameter, a customer’s transactional HIT Rate is used constantly to improve Fraud Net’s performance for them. When Selda explained the method of fraud detection, you can almost see an image of a spider's web.
When you account for the fingerprint that is created, along with the risk model, patterns of fraud will stand out. A phone number used in a fraudulent transaction last week matched the phone number in use right now, along with the IP address, device location, and more.
If a transaction is given a high level of risk, it can be blocked outright or it can be allowed to pass and FraudNet will raise all sorts of alarms for investigators and fraud teams. Moreover, if there is a failure in the fingerprint pattern, for example the location, device hash, IP, and time calculations each fail to match established account patterns and fingerprint records, the transaction is marked as suspect and fraud teams within the client’s operations are notified. The client is the one that will determine if FraudNet blocks the transaction or if it is allowed to progress and raise an alarm.
FraudNet is the base program for 41st Parameter, but they offer other tools such as PCPrint, which creates a fingerprint on its own using various techniques, to monitor fraud on financial service or e-commerce accounts. PCPrint comes with an open API, allowing it to be used with any level of custom application, and the data collected from various logs are used to track fraud in the same level FraudNet operates.
ImageMask, another offering, works best for banks offering online statement or check images. If there is an image of a sensitive document, ImageMask will work to censor it, so brokerages and legal teams can benefit too. What it does is systematically strip sensitive information from an image without altering the original. So legal documents can be filtered, checks viewed online have the names and addresses removed, signatures can be removed, as well as account numbers.
During our interview with Selda, he explained that he plans to grow 41st Parameter, and he wants to take advantage of the position the company is currently in and run with it. As things stand now, the company is growing rapidly, and their customer profile is reaching beyond working with e-commerce and finance only, expanding to include the airline industry, with Continental Airlines and US Airways as their most recent clients.
This is because FraudNet would work equally as well for airline purchases online as well as kiosk terminals. In August, a 41st Parameter poll given to airline fraud investigators showed a strong desire to manage fraud in their industry, which is amounting to over $1.4 billion annually.
They have big goals and a unique approach to meeting them, but the five year old company could quickly become a big deal if fraud trends continue to grow. You can learn more about 41st Parameter here.