Blog

Tala and Fraud Protection



Summary

Tala is focused on credential theft, which is usually the first stage of the fraud process. In contrast to traditional user profiling, Tala uses a unique server profiling approach to detect and block credential theft.

One of the really exciting conversations we are having with customers today is around fraud protection and how Tala can help. This blog post will clarify how Tala is different from your existing fraud protection solutions.

The 3 Stages of Fraud

To understand how Tala fits into your fraud initiatives, it’s important to understand that a fraud attempt has multiple stages.

  • Stage 1 – Credential Theft: In the first stage, the hacker steals or obtains user credentials. Increasingly, we are seeing credential theft happening via formjacking, with nearly 5,000 websites falling victim to such attacks every month.
  • Stage 2 – Stolen Credentials are Sold: In the second stage, fraudsters obtain the stolen credentials from hackers through the dark web or other means.
  • Stage 3 – Stolen Credentials used for Fraud: In the final stage, a fraudster uses the stolen credentials or credit card information to perpetrate fraud.

Profiling: Traditional Fraud Detection Mechanisms vs. Tala

Traditional fraud detection systems are focused on the third-stage of fraud. Companies like IBM, F5, RSA and others offer solutions in this space. These products are interested in detecting misuse of credentials.

Traditional fraud detection systems are focused on the third-stage of fraud.

These products first profile end-user behavior and then detect fraud-like anomalies in real-time. The profile is typically built via insertion of JavaScript which then collects user or device information such as cookies, device fingerprinting information, OS details, location and other user patterns. Once the user profile has been built, if the fraud detection product detects behavior that seems anomalous, the system issues an alert, and the user might either be asked for additional information (e.g., biometric information), or the session might be blocked completely.

As a very rudimentary example, the fraud system might have profile user John who typically uses a Windows PC to login to his bank account during the daytime from California. Tomorrow, if the fraud system detects a login from John’s account coming from a mobile phone from North Korea, the system will automatically flag a suspicious login attempt, potentially fraud.

Tala is focused on the first stage of fraud.

On the other hand, Tala is focused on the first stage of fraud – Tala’s focus is on detecting the theft of credentials (stage 1) as opposed to the misuse of credentials (stage 3). With the advent of formjacking, hackers are able to steal user credentials right from the browser. Tala blocks such browser-side attacks right on their tracks.

Like traditional fraud detection systems, Tala also builds a profile. However, our profile is quite different in that we sit on the client-side and build a behavioral model of the servers, rather than the usersTala builds a surgically precise model of all the code, content and data collection by all the servers, whether they are your own, or belong to third-party services. We perform static and dynamic analysis as well as risk assessment. We extract 50+ behaviors on every page of a website. Tala builds this profile without requiring any instrumentation. Tala then uses this profile to build a sophisticated behavioral model and risk map of the website.

Traditional fraud solutions sit on the server and profile user behavior. Tala does the opposite – we sit on the browser (without needing instrumentation) and profile server and device-side behavior.

Tala’s profiling also helps us detect and block credential theft attacks. As an example, if one of the third-party services integrated into your website has malicious, card-skimming code added to it (e.g., Magecart), Tala will automatically determine that the third-party has been compromised and block the code from getting executed, or block the malicious behavior (e.g., data exfiltration attempt).

We are truly excited to be working with some of the largest enterprises in filling an important gap in their fraud protection systems. Drop me a note or comment if you have any questions.

If you’re interested in taking a look at Tala’s profile for your website, contact me as well.

blog

Magecart PCI Advisory on CSP

by admin

An important update from the Payment Card Industry Security Standard Council was issued August 1st defining a set of recommendations […]

read more

whitepaper

Tala is powered by advanced AI and threat intelligence.

Get the most comprehensive view into how your users are being attacked. Understand the where, how and when of attacks, in real-time. Tala’s AI driven analytics helps you focus on attacks that matter the most.

download now

Request A Demo

Learn how Tala’s technology works and can help you protect your users against malicious attacks.

Bitnami