IBM’s Big Hope for Fraud

MARCH 20, 2014, 12:01 AM 1 Comments
IBM’s Big Hope for Fraud
By QUENTIN HARDY
IBM is changing with the crimes. So are other companies, and their collective efforts could affect more than catching tax cheats.
On Thursday, IBM announced the creation of a fraud and financial crimes prevention business that combines big data analytics, business know-how and data visualization.

According to the research firm IDC, the global market for financial fraud detection is about $5 billion. IBM also intends to work in preventing health care fraud, like false claims.
Target’s loss of millions of credit card numbers last year is a good example of the hazard to companies and the opportunity for companies that can spot new threats. Hackers apparently entered Target’s computers that held its customers’ financial information byfirst gaining access to the computers associated with Target’s heating and cooling system. As with many companies, all the machines were on the same network.
Compared with traditional means for spotting frauds, like matching payments to lists of stolen credit cards, “the challenge institutions have just begins with identification of threats,” said Steven A. Mills, IBM’s head of software and systems. He noted that online frauds and cyberattacks were frequently populated by “collections of people engaged in comprehensive attacks.”
IBM is not alone. Last October, Novetta Solutions, a company known mostly for government defense work, partnered with Teradata to provide corporations with cyberdefenses that include behavioral analysis. Palantir, a Palo Alto start-up firm that initially worked for intelligence services but increasingly does private sector work, in December announced a $100 million round of financing that valued the company at $9 billion.
“It’s no longer suitable to detect and stop fraud; you have to understand the attackers, the relationships and the techniques,” said Michael Versace, global research director at IDC. “The fraud scenarios are getting more complex.” The challenge for IBM, he said, would be “adding value while moving from legacy technology that is siloed in different parts of the bank.”
Like most things IBM, the move involves lots of people and resources. IBM said it had more than 500 fraud experts in the new organization and would draw on 290 fraud-related patents, as well as several large corporate acquisitions it has made in the last several years.
“Finding needles in haystacks is what we do,” said Mr. Mills. “We have a rich set of technologies, acquisitions and an understanding of technical domains.”
Part of the problem in the new sleuthing is finding weak and indirect relationships among bad actors. For example, whether two frauds months apart made use of a similar server traffic configuration. Compared with a Palantir, he said, “we do astrophysics. Finding fifth-, sixth-, seventh-, eighth-order relationships among weak signals is different.”
The company is initially focusing on areas like banking, insurance and health care, but this kind of relationship spotting can have other uses.
Mr. Mills said IBM might use the techniques in other areas, like industrial maintenance. “You look for wear patterns among machines, predict when things will break,” he said. “This moves from industry to industry, scenario to scenario.”