How customers are using big data to fight fraud, cheating and enforce compliance

Let’s look at how people are using big data to improve the operations of their enterprises. I think that this breaks down into three areas:

  1. Fraud, cheating, compliance
  2. Solving problems with the complex systems we have created
  3. Optimizing the complex systems we have created 
There is too much information for one blog post, so I’ve split it into three. Rather than take the “Game of Thrones” weekly release approach and keep everyone in suspense (and, if you’re like me, struggling to remember who is who for the first ten minutes of each episode), I’ve taken a “House of Cards” route, and have released all three at the same time :-)
 
Fraud, Cheating and Compliance
We’ll start with fraud, cheating and compliance. A lot of our customers are using big data in this way. Also, a high proportion of our HAVEn (HP’s big data platform) partners are creating solutions around fraud, cheating and compliance management. 
 
Let’s look at how customers are using HP’s big data solution to counter fraud, cheating and non-compliance.
 
card skimming.pngA Latin America Bank is using HP Vertica to record billions of card transactions (diagram on right).  They then use HP Vertica to correlate between cards that are reported as having been skimmed and the merchants who served these people. Merchants doing the skimming will only do so every few weeks, believing that the card companies won’t be able to see a pattern. With HP Vertica, the banks can store tons of data and do cross-correlation across all card skimming incidents.

 

Online gaming companies use click stream and touch stream analysis to look for cheats. Cheats zip up the games’ levels much faster than normal players, so the gaming companies look for this unusual behaviour.  
 
As an aside, cheats tend to be proud of their abilities, and are keen to post their cheats online. Analysis of web sites might alert companies to cheats. We’ll look at how we’ve introduced this functionality into our security products later on.

 

Lancope is a company that has created a product based on HP Vertica. They collect LAN traffic packets, up to 150,000 per second, and then look for security attacks and misuse of the customers’ resources (for example, someone using their employer’s servers to run a web-based business on the side). 
 
HP IT uses the Lancope product itself as a compliment to its HP ArcSight security monitoring.
 
finansbank fraud.pngThe Turkish bank FinansBank uses ArcSight for fraud detection (diagram left). They collect and correlate events using the ArcSight “logger” system. Once correlated, the events are put thru the ArcSight rules engine. The fraud-detection rules used by FinansBank are created by the fraud subject matter experts (SMEs) at the bank using the ArcSight modelling tool. This means that the SMEs can very quickly add new anti-fraud rules as required, without going into a queue of IT work.
 
Financial Institutions’ Compliance Departments : Every so often there is a high visibility incident where a rogue trader makes non-compliant trades and then it all goes south and years of abuse of the system is exposed.  In order to avoid the financial loss, the fines and the loss of reputation, banks are now using big data to ensure trader compliance. They use analysis of both trades (structured data analysis) and analysis of emails and voice conversations (human interaction analysis).
 
HP’s security product, ArcSight, has recently announced its integration with the HP Autonomy “human meaning engine”, IDOL. There are two use cases that ArcSight now supports :
 
1. Looking at emails for “data leaks" (see diagram below). ArcSight gives emails' text to the IDOL engine. In the example shown, the company has set a policy to send email going out of the company to IDOL for a “judgment”.
 
arcsight email.png
In the example above, we can see that Jameson Jones needs either a lot of privacy training or firing. He emailed merger information out of the company, he sent out research data and then he sent out sensitive HR data.
 
2. Looking for social media interaction for planned attacks (see diagram below). When hackers are about to launch an attack, they tend to gather momentum using social media, as shown in the example tweet.
 
arcsight SoMe.png
IDOL will scan a set of social media sites looking for hackers about to attack your company. 
 
In the next post, I look at how HP's big data platform is used to fix problems in complex systems like IT.
 
And in the post after that, I'll look at how customers are using big data to optimize complex systems.

 

Leave a Comment

We encourage you to share your comments on this post. Comments are moderated and will be reviewed
and posted as promptly as possible during regular business hours

To ensure your comment is published, be sure to follow the Community Guidelines.

Be sure to enter a unique name. You can't reuse a name that's already in use.
Be sure to enter a unique email address. You can't reuse an email address that's already in use.
Type the characters you see in the picture above.Type the words you hear.
Search
Showing results for 
Search instead for 
Do you mean 
About the Author
Mike has been with HP for 30 years. Half of that time was in R&D, mainly as an architect. The other 15 years has been spent in product manag...


Follow Us
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation