Identity Resolution Daily

By Doug Wood, Infoglide Senior VP

That is the question.  Or is it?

We all know that financial institutions compete with each other at every turn.  They are all in the business of earning our business, so to speak.  One thing they share, however, is the need to be compliant across many different governmental requirements as they do so. 

Privacy, Disclosure, Fraud Prevention, and Anti-Money Laundering (AML) efforts require financial institutions to assist government agencies to detect and prevent terrorist financing.  Fines for non-compliance are heavy, and damage to reputation for penalized institutions directly affects top line revenues.  As a result, banks have implemented a variety of technology ‘point’ solutions across compliance efforts. 

Individuals looking to launder money, however, are typically well-informed and patient.  Their ability to test institutional alert thresholds, modify identifying attributes and seamlessly move from institution to institution is well documented.  As a result, when one bank works through the AML investigation triage process, the others remain completely unaware and are ‘sitting ducks’ for the terrorists’ next move.  Since it’s not feasible - and often unlawful due to data privacy laws - for banks to openly share their data with each other, fraudsters and terrorists easily move on to the next target bank.

Yet the U.S. Patriot act specifically addresses data sharing as an element of AML.  Specifically, sections 314(a) and 314(b) provide guidelines and a ‘safe harbor’ mechanism for organizations to share sensitive data with The U.S. Treasury Department’s Financial Crimes Enforcement Network (FinCEN), and with other financial institutions.

Section 314(b) specifically addresses voluntary data sharing between financial institutions. The section permits and encourages financial institutions, upon providing notice to the US Department of Treasury, to share information with one another in order to identify and report activities that may involve money laundering or terrorist activity.  In fact, a financial institution or association that shares information pursuant to this section is protected from liability under the safe harbor.

Many financial institutions, however, are reluctant to share information because of the complexity involved in determining the specific activities or transactions that may be considered money laundering or the fear that confidential information will somehow be inappropriately disclosed by a downstream recipient.  Throw in the reality that the voluntary process is largely manual - with large gaps in efficiencies - and it becomes clear that the system is in need of a technology infusion such as that provided by a new program called Inter-Bank Intelligent Risk Data Search (I-BIRDS).

I-BIRDS is a collaborative, member-based AML technology framework created by Infoglide Software Corporation (ISC) of Austin, TX.  In consultation with leading financial institutions and industry experts, ISC has developed a secure method for banks to perform AML due diligence by searching into each member’s known ‘bad guy’ data.  Unlike traditional search capabilities, I-BIRDS searches the data en situ (behind the secure firewalls of each member) and accounts for spelling and cultural variations of attributes and data quality. 

The key to maintaining this inter-bank framework is Infoglide’s flagship Identity Resolution Engine™ (IRE) software. With IRE at the core, I-BIRDS provides unique, patented capabilities to search into member data stores, and return only a mathematical probability that a match or relevant social link to the source data was found.  No defining attributes are ever returned to the requestor; only the probability that the search criteria exists in other members’ risk data.  To help banks become more compliant,  I-BIRDS delivers an accurate view of whether or not an entity is likely to have committed fraudulent acts upon a competitor bank.  Armed with this information, the querying bank can make decisions as to what - if any - additional due diligence might be required before approving or disapproving a transaction with that entity.

Even though no identifying attributes are returned, the search is productive as the enquiring bank knows that the person of interest was found in the AML data from other participating institutions.   So, if the question is whether or not to improve compliance efforts and keep terrorists out of our financial institutions via 314(b)… perhaps the answer is I-BIRDS.

Share This

By Doug Wood - Infoglide SVP of Sales

“There’s an old saying in Tennessee — I know it’s in Texas, probably in Tennessee — that says, fool me once, shame on — shame on you. Fool me — you can’t get fooled again.” - President George W. Bush

Notwithstanding the former president’s butchering of the expression, the point remains valid.  Anyone – any organization – can be fooled once.  A fraudster, or group of fraudsters, can take aim at an organization and score tens of thousands or more in ill-begotten gains.  It happens every day as a result of business’ desire to provide good customers with fast, easy access to the goods and services they want.  If they exploit that privilege – shame on them.

If, however, you don’t have systems in place that catch them trying to fool you twice – then shame on you.

Fighting fraud has always been a challenge.  As a result, technology vendors and consultants have flooded the market with tools that aim to help organizations predict fraud through behavioral analytics.  If a customer performs transactions outside of established norms, that transaction is red-flagged through this type of technology.

The complementary fraud technology is identity resolution and entity link analysis.  By focusing more on the ‘who’ of fraud, an identity resolution engine helps organizations understand who’s who… and who knows whom… within their disparate data stores.  Is the “Doug Wood” in a company’s credit application file the same as the “G. Douglas Woods” in the case management system, for example?  You might want to know that.  He fooled you once, so shame on him. 

By proactively comparing all of the attributes associated with one entity to those in a variety of internal and third party ‘negative’ lists, identity resolution and entity link analysis technology ensures that the fraudster can’t fool you again. 

Infoglide’s Identity Resolution Engine (IRE) provides companies with four strong cores of functionality:

1. Cross Database Identity Resolution allows single-request searching into multiple databases without the need to move or clean the data.  It eliminates time and effort in triaging fraud cases, and allows analysts to focus on the high-return cases. 
2. Social Link Discovery looks at non-obvious relationships between individuals across databases.  By understanding, for example, that a loan applicant shares an address with the loans officer, and also shares a telephone number with a known fraudster, a company can gain immediate insight into the risks associated with that transaction.
3.  Anonymous Resolution for Data Privacy allows organizations to productively search into restricted databases without violating international data privacy laws.  The analyst can understand if a match was ‘likely’ found in the restricted data, without ever seeing or retrieving the actual results.
4. Real Time Red Flag Analysis is the proactive, fool-me-twice implementation of the technology that looks at incoming transaction and compares them to internal and third party databases to understand possible identity matches and non obvious relationships.  If one is found, the software triggers an instant alert.

As an organization, you’re going to get burned by fraudsters from time to time.  Ensuring that you don’t get fooled again, however, requires a robust examination of the incoming data against all relevant ‘negative’ data sources.  The fraudsters are stopped in their tracks and head for an easier target.   

And there’s no shame in that.  

Share This

By Doug Wood - Infoglide SVP of Sales

 “Identity Resolution Engine”

 In hindsight, we may have given an overly generic name to very complex and powerful enterprise software.   The name itself says very little about the features, functions and benefits that the technology delivers to its users, and doesn’t exactly shout “Killer App!”  Oops… Our bad.

Even the generic term “identity resolution” is boring.  “An operational business intelligence process whereby organizations can connect disparate data sources with a view to understanding possible identity matches and non-obvious relationships across data silos.”  Yawn.  It’s a bit hard to get excited about that.

What the name lacks in ingenuity, however, the software more than makes up for in unique value and core functionality.  If you’re in the business of detecting and investigating fraud, in fact, you may want to put it at the top of your ‘must have’ list.  Why?  Because this is  the only technology on the planet that can help organizations quickly and effectively identify ‘persons of interest’ within a sea of identity data.  Here’s how, as defined in the four core functions of Identity Resolution Engine.

1.       Cross Database Identity Resolution performs single sign-on searching into multiple databases simultaneously, all the while accounting for spelling errors, changes of address, cultural variations, dirty data and so on.  This core function eliminates the need for ‘serial searching’ and endless logging on and off from different databases. 

2.       Social Link Discovery finds hidden, non obvious relationships between individuals in the data.  By connecting the ‘digital dots’ between individuals or clusters of individuals, organizations can quickly identify organized fraud rings, conflicts of interest, collusion and much more.

3.       Anonymous Resolution for Data Privacy allows users to search data across departments – or across the globe – and return ONLY the data elements that are approved for return – perhaps just a probability score that a match was found.  The disallowed data elements never leave the database or country of origin, yet the search has been profoundly productive.

4.       Red Flag Analysis performs real-time analysis of identities to determine if this person is entitled to do business with your organization.  If someone has burned you in the past, you can bet they’ll try again – either by changing their attributes or working with someone else.  Red Flag Analysis stops them in their tracks.

So, what’s in a name?  Perhaps in the case of Identity Resolution Engine, not enough.  A quick look at its four core functions, however, ought to excite just about anyone whose job it is to keep fraud out of their enterprise.

Share This

 By Julie Garcia, Infoglide Director of Channel Sales

I just got back from the PPM 2000 Perspective User Conference in Florida where we were a presenter, exhibitor and sponsor. PPM’s Perspective is an incident reporting and investigation management software. We have integrated with their technology for a shared customer of ours and are currently exploring the possibility of an OEM and referral partner agreement. PPM 2000 is an impressive company who, I learned, has the bulk of the incident reporting market.The attendees at the conference were primarily responsible for security and investigations for their organizations, which included Disney, Progress Energy, Microsoft, and Cox Communications to name a few. Although the main message from our presentation was the joint benefit of embedding our technology within Perspective’s database, a surprising amount of people wanted to know how we would perform a “federated search” across multiple data sources within the organization such as case management, black lists, and HR data as well as third party data such as Lexis Nexis and whitepages.com.The conference provided a good opportunity to engage with PPM’s staff and customers. I look forward to having a long, mutually beneficial partnership with them.

Share This

By John Talburt, PhD, CDMP, Director, UALR Laboratory for Advanced Research in Entity Resolution and Information Quality (ERIQ)

In the last post we examined how entity resolution (ER) systems are actually implemented, starting with the most basic merge/purge process and heterogeneous join systems. Both of these approaches focus on collecting equivalent references from among the sources provided, either as a large batch of references in a single file, or through queries against a federation of databases.  The entity identities found by these ER systems are transient in the sense that they depend upon the sources input into the process.  When different sources are provided, different identities will emerge.

On the other hand, there are ER systems that retain and manage identity information.  By doing this they are able to “recognize” the same identity over time and assign that identity the same entity identifier (sometimes called “persistent identifiers” or “persistent links”).  In Customer Data Integration (CDI) applications, these kinds of systems are sometimes called Customer Recognition Systems.

Two major types of ER systems perform identity management.  The first type is the “identity resolution” system.  It is most effective in situations where a fairly stable set of known identities of interest exists, such as the set of vendors or customers of a company, a set of products, or the students enrolled in a school.  The attributes of these identities are pre-loaded into the system and assigned identifiers.  When a reference is given to the system, it then decides whether the reference is to one of the known identities, and if so, returns the identifier of that identity.

Identity resolution systems can operate in either batch or transactional mode.  In cases where there are a large number of pre-stored identities, the performance of batch operations can be improved through distributed processing where the identities are partitioned over multiple processors and resolved in parallel.

However, there are many situations where the identities are not necessarily known in advance, or in some cases  the entities are known but simply not organized in such a way that they can be easily pre-loaded.  For example, suppose two companies merge and each company has its own customer database. The customers are identified in different ways in each database, and furthermore, for the customers of one company, poor systems and practices prevent having any confidence that the master records are unduplicated across business lines or company locations.

The type of system often applied in these situations is an “identity capture” system.  The identity capture architecture can be seen as a hybrid of  merge/purge and identity resolution systems.  It supports identity management and persistent identifiers, but without starting with a preloaded set of identities.  In my next post, we’ll delve deeper into the identity capture process.

Share This

By Douglas Wood, Infoglide Senior Vice President

I read with interest yesterday’s article at SeekingAlpha which discusses rumors swirling around the MDM software industry.  According to the article, sources suggest that two deals are very near completion.  The first of those rumored transactions would see Informatica picking up MDM provider Siperian.  On the heels of their acquisitions of Identity Systems and AddressDoctor, the Siperian purchase could not be totally unexpected – but would most certainly create some ripple effect worth watching.

The first thing that springs to mind is what Oracle would intend to do with Informatica.  A long-time business partner of Oracle, strengthened through the 2008 purchase of Identity Systems, Informatica could now only be classified as a true and direct competitor to Oracle.  Can Oracle continue to OEM technology (SSA Name3, for example) from what would instantly become a major competitor?  Sleeping with the enemy is one thing… leaving money on the nightstand afterwards is another thing altogether!  It will be interesting to see what happens here, to say the least.

The other rumored acquisition is that of Initiate Systems by IBM.  Thought to be roughly twice the size of Siperian, Initiate would tend to give further credibility to IBM’s vast – and growing – presence in the Health Care industry, where Initiate has become a recognized industry leader.  What muddies the waters, however, would be the question of what IBM would intend to do with Initiate’s entity resolution engine.  In a nutshell, Initiate has been one of two software vendors doing an excellent job of providing technologies applicable for both MDM and fraud/risk related implementations.  Infoglide Software Corporation is the other.

Marketed in an eerily similar fashion to Infoglide’s earlier-released Identity Resolution Engine (is imitation the most sincere form of flattery?), Initiate’s offering in this identity resolution space could become short-lived given IBM’s large and ongoing investment in InfoSphere Identity Insight Solutions (formerly Entity Analytics Solutions).  How soon that would happen, of course, is anyone’s guess.

One thing is certain, however: the need for technology that is applicable to both MDM initiatives and that exposes risk and fraud through matching and linking of entities is very real and growing.  How the other major industry players react – should either or both of these rumors become reality – will define the industry for years to come.

Share This

By Infoglide Marketing

The recent “Christmas Bomber” incident incited many posts about applying technology to address the gaps that allowed it to happen. For example, David Loshin wrote about a piece for BeyeNETWORK about a “master terrorist system” while Lawrence Dubov suggested improving the watch list process using entity resolution. While technology is a critical component of any solution, some specific issues about the technology are important to understand.

In an address this week, President Obama outlined the shortcomings in people, processes, and technologies that gave the now infamous Christmas Bomber the opportunity to take down a Detroit-bound flight.

President Obama identified three major problem areas:

It’s now clear that shortcomings occurred in three broad and compounding ways. First, although our intelligence community had learned a great deal about the al Qaeda affiliate in Yemen called al Qaeda in the Arabian Peninsula — that we knew that they sought to strike the United States, and that they were recruiting operatives to do so — the intelligence community did not aggressively follow up on and prioritize particular streams of intelligence related to a possible attack against the homeland.

Second, this contributed to a larger failure of analysis — a failure to connect the dots of intelligence that existed across our intelligence community, and which together could have revealed that Abdulmutallab was planning an attack.

Third, this in turn fed into shortcomings in the watch-listing system which resulted in this person not being placed on the no-fly list; thereby allowing him to board that plane in Amsterdam for Detroit.

CNN highlighted one additional failing that’s relevant to the topic of Identity Resolution (my emphasis):

A timeline provided by the State Department officials, who spoke on condition of anonymity, showed that an initial check of the suspect based on his father’s information failed to disclose he had a multiple-entry U.S. visa. The reason was that AbdulMutallab’s name was misspelled. “That search did not come back positive,” said one official, who called it a quick search without using multiple variants of spelling.

What are the specific technology issues?

While the details of the technologies used by the State Department are not identified, the story is typically the same for government and industry. Simple equivalency lookups are not enough. “John Kennedy” will not match “Jhon Kennedy” with standard database lookups. Furthermore, some technologies rely on strategies that actually destroy the forensic integrity of the data. They force it into pre-existing molds in a variety of ways to perform similarity matching. We’ve addressed the many challenges to matching names in this blog in the past, especially in “Playing the Name Game with Terrorist Watch Lists and Shoplifter Databases”.

Indexing is one approach that can fail. It tries to turn common names and known variations and nicknames into identical easily matched tokens. So John, Jack, and Johnny might all translate to “F12391″, facilitating a quick match. But what happens when John’s name — like AbdulMutallab’s — is misspelled? “Jhon” will fail to be matched to the common code and, thus, the match will quickly fail. Encoding is another common example that we addressed. Algorithms like “soundex” attempt to translate words into a fuzzy phonetic equivalent. But the promise of these algorithms falls short, especially when they encounter misspellings, nicknames, and cultural variations.

So while merging all information into a common view or improving watchlist management might be part of the solution, they will still fail if the technology used to merge or search is not up to the task.

Not all identity resolution technologies are the same. Ours can be configured using a number of strategies to fit particular customer performance requirements, sensitivity to false positives or false negatives, and Similarity Search behaviors, including specialized name algorithms that catch misspellings, nicknames, and ordering variations.

Although the consequences are grimmer in homeland security situations, the challenges are the same for financial, healthcare, gaming, state and local government, and marketing applications. While it remains to be seen what improvements the US government will apply to the people, processes, and technology used to secure the country, it’s easy to see that simple misspellings need not break the system or, for that matter, any other system.

Share This

[Post from Infoglide] Avoiding False Positives: Analytics or Humans?

“The European Union recently started a five-year research program in conjunction with its expanding role in fighting crime and terrorism. The purpose of Project Indect is to develop advanced analytics that help monitor human activity for ‘automatic detection of threats and abnormal behaviour and violence.’ Naturally, the project has drawn suspicion and criticism, both from those who oppose the growing power of the EU and from watchdog groups concerned about encroachments into privacy and civil liberty…”

SDTimes: Old thinking does a disservice to new data hubs

“The enterprise needs to be able to understand the origin, the time and possibly the reason for a change. These audit needs must be supported by the data hub at the attribute level. MDM solutions that maintain the golden record dynamically address this need by supporting the history of changes in the source systems record content.”

Accision Health Blog: Surveys Show Importance of EHR

“A new Rand study is one of the first to link the use of electronic health records in community-based medical practices with higher quality of care.  Rand Corporation researchers found in a study of 305 groups of primary care physicians that the routine use of multifunctional EHRs was more likely to be linked to higher quality care than other common strategies, such as structural changes used for improving care.”

NYSIF: Central NY Contractor Hit with Workers Comp Fraud Charges

“Investigators said Mr. Decker previously had an insurance policy with NYSIF when he operated RD Builders in November 2005, a policy cancelled for non-payment a few months later. In 2008, he applied to NYSIF’s Syracuse office for workers’ compensation insurance doing business as Bull Rock Development, Inc.”

public intelligence: Office of Intelligence and Analysis (DHS)

“These entities are unified under local fusion centers, which provide state and local officials with intelligence products while simultaneously gathering information for federal sources.  As of July 2009, there were 72 designated fusion centers around the country with 36 field representatives deployed. The Department has provided more than $254 million from FY 2004-2007 to state and local governments to support the centers.”

Share This

By Robert Barker, Infoglide Senior VP & Chief Marketing Officer

The European Union recently started a five-year research program in conjunction with its expanding role in fighting crime and terrorism. The purpose of Project Indect is to develop advanced analytics that help monitor human activity for “automatic detection of threats and abnormal behaviour and violence.”

Naturally, the project has drawn suspicion and criticism, both from those who oppose the growing power of the EU and from watchdog groups concerned about encroachments into privacy and civil liberty:

According to the Open Europe think tank, the increased emphasis on co-operation and sharing intelligence means that European police forces are likely to gain access to sensitive information held by UK police, including the British DNA database. It also expects the number of UK citizens extradited under the controversial European Arrest Warrant to triple. Stephen Booth, an Open Europe analyst who has helped compile a dossier on the European justice agenda, said these developments and projects such as Indect sounded “Orwellian” and raised serious questions about individual liberty.

Shami Chakrabarti of Liberty, a UK human rights group, said, “Profiling whole populations instead of monitoring individual suspects is a sinister step in any society. It’s dangerous enough at [the] national level, but on a Europe-wide scale the idea becomes positively chilling.”

At IdentityResolutionDaily, we’ve consistently supported open and civil discussion about balancing security requirements with individual rights of privacy and liberty (e.g. “Walking the Privacy/Security Tightrope“) . We’ve also dealt with the criticality of using analytic technology that minimizes false positives (e.g. “False Positives versus Citizen Profiles“).

Not long ago, James Taylor of Decision Management Solutions made an excellent point about whether using analytic technologies (e.g. identity resolution) versus relying totally on human judgment increases or decreases the risk of false positives:

Humans, unlike analytics, are prone to prejudices and personal biases. They judge people too much by how they look (stopping the Indian with a beard for instance) and not enough by behavior (stopping the white guy who is nervously fiddling with his shoes say)… If we bring analytics to bear on a problem the question should be does it eliminate more biases and bad decision making than it creates new false positives… Over and over again studies show analytics do better in this regard… I think analytics are ethically neutral and the risk of something going “to the dark side” is the risk that comes from the people involved, with or without analytics.

We couldn’t have said it better ourselves.

Share This

[Post from Infoglide] Privacy – A Dying Concept?

“An intriguing post by Nate Anderson on Ars Technica highlights a difficult reality about today’s easy availability of vast quantities of ‘anonymized’ data. Quoting from a recent paper by Paul Ohm at the University of Colorado Law School, Anderson writes that ‘as Ohm notes, this illustrates a central reality of data collection: data can either be useful or perfectly anonymous but never both.’”

ComputerworldUK: Data quality tools sub-par, says analyst

“A recent study on data quality by the Information Difference revealed that respondents view data quality as something that is not restricted to one area within the organisation. Instead, two-thirds of respondents said it is an issue spanning the entire organisation…Specifically, 81 per cent of respondents reported being focused on a broader scope than merely customer name and address data.”

BeyeNETWORK: Master Data Management and the Challenge of Reality

“One of the central problems of master data management, which is often poorly stated, is the need to determine if one individual thing is the same as another individual thing. But the only way we have to do this is by matching records, and a record is not the same as the thing it represents. Unlike The Matrix, we are more in danger of confounding two ‘realities’ rather than recognizing them as distinct.”

Information Management: Business Intelligence: A Blueprint to Success

“Fraud detection. Claims managers are using predictive analytics to help identify potentially fraudulent claims as early as the first notice of loss, and are analyzing claims costs to get a better handle on negative trends.”

Government Computer News: How entity resolution can help agencies connect the dots in investigations

“Imagine a law-enforcement scenario. A local police department has information on a crime suspect. Court systems, corrections facilities, the department of motor vehicles and even child-support enforcement may also have information on this person of interest, each specific to its own needs and applications. Implementation of an entity-centric environment would enable each of the organizations and systems to continue its operations while also providing the police a much more holistic view of the crime suspect along with potentially important pieces of information.”

Share This