In an earlier blog, we talked about how user behavior analytics are a key part of the future of fraud detection.
However, caution is advised. Any time that a new technology starts garnering attention, it can be presented as a silver bullet solution. The same is true for the evolution of UBA – there is more to it than meets the eye. While yesterday’s security concepts used rules and signatures to prevent “bad” occurrences, today we need to look under the hood of UBA to detect the ever-increasing sophistication of attacks.
Some vendors are offering UBA solutions – but they only identify single actors.
There is a real differentiating factor that separates the wheat from the chaff: Entity linking.
What is entity linking? It’s the real-time determination of relationships based on emergent behavior patterns and making accurate decisions based on those patterns.
Fraudsters are experts at shifting tactics as old ones are thwarted, resulting in an ever-escalating game of cat-and-mouse. This might mean hiding their location in a more sophisticated way or slowing their attack velocity to pass under the radar, putting institutions at risk.
Entity linking sees through these comprehensive attempts to mask behaviors that often go unnoticed by velocity rules and data-scientists.
The unfortunate reality is that we can no longer assume that users and their information are valid. Credit card numbers, usernames, passwords and even the device they are using should be assumed false. While the pool of information we can’t trust continues to increase, we need to combat that distrust with information we can trust — observed behaviors.
Without a holistic view of the users’ relationships, one system might flag a transaction as suspicious, but it could be innocuous. What if we could see that the account was linked? Collectively, suspicious transactions may be deemed high-risk, even if they appear normal when viewed in isolation. Imagine the power of having a holistic view – not just for a customer relationship, but spanning a network of potentially related profiles.
That is what NuData Security’s network provides. It records hundreds of individual elements of behavior that combine to build a holistic profile to offer better accuracy and added protection: 38 billion behavioral events monitored last year (and on track to log 80 billion by the end of this year).
Entity linking is key to understanding, in real time, which of those thousands of behaviors to trust, revealing the true intention of the user. The ability to detect your trusted good user should be paramount in an organization’s effort to predict and prevent fraud online and to protect your business from brand damage and financial loss caused by fraudulent or malicious acts.
The moral here is “caveat emptor” – buyer beware. Look past the promises vendors are making and see if they can link entities in real time. If not, it’s nothing more than an advanced rules engine.
Want to read more posts like this? See our full blog here.