Account takeover is a fraud investigator's worst nightmare. Most tools simply do not get to the problem in time to remedy it - even though they might offer a detailed analysis at some point in the future. There are many pieces of the fraud picture in account takeovers and most of them have been monitored and used to create risk scores. However, all of these focus on current activity and do not take into account historical behavior.

One of the things that makes the use of statistical models less than optimum is the small percentage of fraud attempts compared to the entire clickstream. For example, the number of fraud attempts per day in a population of 10 million logins might be as small as 20. That's a ratio of about .0002 percent, statistically insignificant. By comparison, voice recognition and online marketing - both of which are less than perfectly reliable - are several orders of magnitude greater. Clearly, statistical analysis of this small target population is not viable. 

To counter that problem, Trusteer Pinpoint Criminal Detection looks at account compromise history from phishing or malware, gathers device intelligence to create a complex device ID, watches in-session user activity along with account access and transaction history, and applies intelligence data on known fraudsters. Organizations can, if they wish, add specific risk data to the mix to refine the evidence even more.

All of these data are applied to a real-time risk assessment that results in a recommendation for action to take, why there is a risk and how great the risk is. This lets risk analysts make the decision to allow the login and transaction or not.

At a glance

Product IBM Security Trusteer Pinpoint Criminal Detection

Company IBM

Price Starts at $25,000 based on number and type of users.

What it does Account takeover detection and prevention.

What we liked Designed to detect complex takeover fraud using evidence-based detection based on such data as malware history, phishing history, remote access and proxy use.