First Look: Catching the fraudsters

Share this article:
First Look: Catching the fraudsters
First Look: Catching the fraudsters

Computers don't commit crimes. In my 49 years in this field I never have seen one incident. People commit crimes with computers and that, in this case, is the bad guys' downfall. Because people have behavioral characteristics, the Silver Tail Forensics 3.0 – latest incarnation of this fine tool – can catch and stop them while providing analytical capabilities for forensic analysts.

Forensics looks at application level, spots patterns that it knows may suggest fraud and takes predetermined action. This product is focused on the financial e-commerce and government markets – markets where a little bit of fraud can have a huge impact. The tool sees everything that the user does on the website and makes continuous decisions about the validity of the action.

This tool has just about everything one needs to control fraud. It can address known threats at the page level, it follows each page click, each IP click and it completes the picture with geolocation for IP tracking. There are two ways to use Forensics: as an automatic response or as an analysis tool. In reality, most organizations will – and should – do both.

At a glance

Product: Forensics 3.0

Company: Silver Tail Systems

Price: Starts at $100,000 per year.

What it does: Advanced behavioral analysis for mobile application users.

What we liked: As forensics specialists, we found this product compelling for its strong analytical capabilities.

What we didn't like: Nothing. Although it may seem pricey, if it stops one major fraud, it has more than paid for itself.

When the tool alerts on a suspicious transaction, the incident can be blocked – with the ability for the analyst to release the block – or it can simply alert the analyst and wait for instructions. All this can be set up in advance, of course. However, if it becomes necessary to analyze a transaction, that is where Forensics 3.0 really shines, and we find ourselves a bit envious of other forensic analysts who get to use this to catch fraudsters.

Silver Tail claims that there is one dashboard with additional choices for looking at reports, pages, user and IP threats, profile analysis and a special list of bad actors. Our experience was that much of the tool has a dashboard-like look and feel for most of its top-level functionality. This makes it easy for the operator to spot a problem, focus in on it and take action. That is a key issue, by the way: this anti-fraud tool deals in action. Everything that it presents to the operator is actionable. There is no fluff or superfluous data on the screens. It's all straightforward and it is exactly what a fraud analyst need to do their job.

We took the product through its paces with the help of the Silver Tail folks, but as they went through the screens it became obvious that we could have done that ourselves without help. Administering the product is not particularly complicated, but there is a lot to manage. This comprehensiveness is another of Forensics 3.0's strengths – as with all of its predecessors. Setting up the tool requires a good knowledge of one's environment and with that users can beef up their anti-fraud program.

Overall, for the market this product serves, the licensing price is not unreasonable and the support is excellent and is included in the subscription price. The documentation is thorough and begins with a solid, easy-to-understand quick-start guide to get users going. Overall, especially if used with the rest of the Silver Tail product suite, Forensics 3.0 is an important addition to an anti-fraud arsenal. Catching actual fraud attempts without disrupting the legitimate customer experience is of critical importance to financial institutions. Silver Tail Forensics 3.0 can help do exactly that. 

Share this article:
close

Next Article in First Looks

Sign up to our newsletters

More in First Looks

Covering all the SAP bases

Covering all the SAP bases

X1 is an agentless SAP auditing tool that is able to map out entire SAP landscapes and display any insecure configurations on the individual elements of the landscape.

Digital forensic incident response in a box

Digital forensic incident response in a box

CIRT from AccessData Group is a full lifecycle forensic tool - from detecting to analyzing to remediating - and it's all in a single package.

iScan, uScan, we allScan... and its cheap and easy to do

iScan, uScan, we allScan... and its cheap ...

iScan uses a really neat approach to vulnerability and PAN (looking for credit card, etc.) scanning.