Tala and Fraud Protection
Tala is focused on credential theft, which is usually the first stage of the fraud process. In contrast to traditional user profiling, Tala uses a unique server profiling approach to detect and block credential theft.
One of the really exciting conversations we are having with customers today is around fraud protection and how Tala can help. This blog post will clarify how Tala is different from your existing fraud protection solutions.
The 3 Stages of Fraud
To understand how Tala fits into your fraud initiatives, it’s important to understand that a fraud attempt has multiple stages.
- Stage 1 – Credential Theft: In the first stage, the hacker steals or obtains user credentials. Increasingly, we are seeing credential theft happening via formjacking, with nearly 5,000 websites falling victim to such attacks every month.
- Stage 2 – Stolen Credentials are Sold: In the second stage, fraudsters obtain the stolen credentials from hackers through the dark web or other means.
- Stage 3 – Stolen Credentials used for Fraud: In the final stage, a fraudster uses the stolen credentials or credit card information to perpetrate fraud.
Profiling: Traditional Fraud Detection Mechanisms vs. Tala
Traditional fraud detection systems are focused on the third-stage of fraud. Companies like IBM, F5, RSA and others offer solutions in this space. These products are interested in detecting misuse of credentials.
Traditional fraud detection systems are focused on the third-stage of fraud.
As a very rudimentary example, the fraud system might have profile user John who typically uses a Windows PC to login to his bank account during the daytime from California. Tomorrow, if the fraud system detects a login from John’s account coming from a mobile phone from North Korea, the system will automatically flag a suspicious login attempt, potentially fraud.
Tala is focused on the first stage of fraud.
On the other hand, Tala is focused on the first stage of fraud – Tala’s focus is on detecting the theft of credentials (stage 1) as opposed to the misuse of credentials (stage 3). With the advent of formjacking, hackers are able to steal user credentials right from the browser. Tala blocks such browser-side attacks right on their tracks.
Like traditional fraud detection systems, Tala also builds a profile. However, our profile is quite different in that we sit on the client-side and build a behavioral model of the servers, rather than the users. Tala builds a surgically precise model of all the code, content and data collection by all the servers, whether they are your own, or belong to third-party services. We perform static and dynamic analysis as well as risk assessment. We extract 50+ behaviors on every page of a website. Tala builds this profile without requiring any instrumentation. Tala then uses this profile to build a sophisticated behavioral model and risk map of the website.
Traditional fraud solutions sit on the server and profile user behavior. Tala does the opposite – we sit on the browser (without needing instrumentation) and profile server and device-side behavior.
Tala’s profiling also helps us detect and block credential theft attacks. As an example, if one of the third-party services integrated into your website has malicious, card-skimming code added to it (e.g., Magecart), Tala will automatically determine that the third-party has been compromised and block the code from getting executed, or block the malicious behavior (e.g., data exfiltration attempt).
We are truly excited to be working with some of the largest enterprises in filling an important gap in their fraud protection systems. Drop me a note or comment if you have any questions.
If you’re interested in taking a look at Tala’s profile for your website, contact me as well.