Identity Resolution Daily

By Kevin Moore, Infoglide Software Director of Fraud Solution Sales

Several years ago, the Department of Homeland Security (DHS) published guidelines for creating fusion centers at the state, local, and federal levels. Since then, fusion centers have become a hot trend in the law enforcement community.  At last count, there were 72 designated centers around the country that are recognized by DHS (and that number is probably low by now). If governmental agencies with common concerns can band together to create fusion centers, it seems possible that private companies with common goals could use technologies such as identity resolution to achieve them.

Do businesses share common problems that could be better addressed by creation of “private fusion centers”? I thought of a few in a short time, so there are likely many more. It turns out that one called LERPnet already exists within the retail community:

The Law Enforcement Retail Partnership Network (LERPnet) is a secure national database for the reporting of retail theft and serious incidents, which allows retailers to share information with each other and law enforcement. In response to an alarming rise in organized retail crime, the retail industry and the FBI have teamed up to launch LERPnet. With LERPnet, retailers and law enforcement will be able to fight back against illegal activity including organized retail crime, burglaries, robberies, counterfeiting, and online auction fraud.

The details are on the LERPnet web site. Clearly, it took a lot of effort to resolve some key issues before it was launched. Companies are understandably concerned about complying with privacy laws and want some assurance that they won’t assume liability should a breach occur. They also consider their customer information to be proprietary, so solutions need to share only data about suspected fraud cases while leaving good customer data unshared. In many cases, scores instead of data can be shared. The general principle is to leave data in place as much as possible and don’t share proprietary data with others.

The LERPnet example could be classified as a “quasi-private” system since the participants include law enforcement agencies. What about your industry? Are there ways that well-protected information sharing could enable your company to avoid “doing business with people that, if they had a full view of that person, they would never even let them in the door”?

Share This

By Douglas Wood, Infoglide Senior VP

The Association of Certified Fraud Examiners (ACFE) held its annual conference and exhibition in Washington, DC this week.  Through the keynote address and the plethora of wonderful speakers, one message became loud and clear - fraudsters are becoming more and more creative in finding ways to circumvent your policies.

We heard stories of insider trading, bust-out fraud, mortgage fraud, insurance claims fraud and organized retail crime.  Despite the diligence and hard work by the certified fraud examiners, too many of these stories ended up with a common theme - the crooks got away with an awful lot of booty before getting caught.

Predictive analytics and behavioral analytics have provided organizations with a great weapon in combating fraud.  Establishing norms and ranking activities against those norms can have a dramatic effect on reducing losses to fraud and crime.  What has been missing, however, is the wide-scale adoption of a tool that allows fraud examiners to “automatically connect the dots” between the bits and pieces of forensic information they have.  Identity Resolution is that tool… and it has been the talk of the conference here.

The powerful federated similarity search capabilities of identity resolution help investigators understand the hidden relationships between individuals across enterprise data (Applicants, SARs, Incidents, Employees, Claimants, Witnesses, etc).  Let’s face it, the fraudsters are typically not stupid.  They know how to get around the systems by engaging their family and friends to form a profitable fraud ring.  Identity Resolution gives companies the power to search into ALL their data with  a view to understanding “who’s who” and “who’s working with whom” - despite deliberate attempts to deceive.

We believe this technology is becoming absolutely critical for corporations to predict and examine fraudulent activity, and that mainstream adoption is happening right now.

Share This

[Post from Infoglide] Fusion Centers Highlight Privacy Versus Security Issue

“It’s been quite awhile since we’ve addressed the challenge of balancing security and privacy. As authors of the software used more times every day than all other identity resolution software combined (video: Who Is Infoglide Software?), we are extremely conscious of how critical it is to strike a balance every day that ensures the security and protects the privacy of U.S. citizens.”

PBS: Getting dirty money clean

“‘Wachovia Bank willfully failed to establish an anti-money laundering program,’ said U.S. Attorney Sloman. Without a program to detect money laundering, here’s what happened: From 2003 to 2008, $420 billion flowed through Wachovia Bank from Mexico – including all that drug money – with no effective oversight.”

azcentral.com: Southeast Valley gets overall decrease in crime

“He also said that regional cooperation among agencies has improved greatly, particularly with the East Valley Gang and Information Fusion Center, where authorities sift through crime leads and data to battle crimes across city boundaries. The center allows Valley agencies to quickly share information on crimes and suspects.”

Green Valley News: Healing Health Care: Do efforts to combat fraud work?

“The Department of Health and Human Services, under which Medicare and Medicaid operate, beefed up the Recovery Audit Contractor program. This program, begun in 2005, uses contracted “bounty hunters” to recover improper paid monies. They receive a percentage of recovered dollars as a bounty. Sophisticated computer programs used to identify patterns of errors as well as other high-tech methods should improve the amount recaptured.”

Share This

By Mike Shultz, Infoglide Software CEO

It’s been quite awhile since we’ve addressed the challenge of balancing security and privacy. As authors of the software used more times every day than all other identity resolution software combined (video: Who Is Infoglide Software?), we are extremely conscious of how critical it is to strike a balance every day that ensures the security and protects the privacy of U.S. citizens.

As fusion centers proliferate, the tension between those who protect us from physical harm and those who protect our right to privacy plays out in public meetings. In Austin, for example, every meeting about the new Austin Regional Intelligence Center is well attended by law enforcement agencies who are challenged daily to keep citizens safe and by groups like the ACLU who point out the dangers of invading the privacy of citizens that fusion centers are meant to protect.

Although fusion centers highlight the privacy/security clash in a public way, any use of powerful identity resolution technology to catch people with bad intent must be weighed against the rights to privacy and confidentiality that we all enjoy. In every instance that the technology is applied – detecting money laundering, solving lottery ticket theft, monitoring retail merchandise exchange, uncovering workers’ comp employer cheating, and other uses – care must be taken to apply it judiciously and only in ways needed to achieve narrow objectives while always protecting individual liberties.

I have always believed that the back and forth between all of the stakeholders is healthy for our society and I continue to believe that today.  At Infoglide Software we are proud to be the “Gold Standard” for entity and identity resolution software and we are mindful of the balance that is required in the application of our technology.

Share This

By Robert Barker, Infoglide Senior VP & Chief Marketing Officer

In a recent post, Jonathan McDonald quotes one definition of entity resolution:

According to Gartner, entity resolution is “the capability to resolve multiple labels for individuals, products or other noun classes of data into a single resolved entity when pseudonyms, alias names or other synonym-style constructs exist. This is especially true in cases wherein there exists intentional falsification of information or the creation of false identities. While most prevalent in detecting perpetrators of criminal or illegal activity, more-commercial applications exist as well.

While the definition nicely captures the value of “first degree” entity resolution, it falls short by omitting non-obvious relationship detection.

Basic entity resolution determines “who’s who” by sifting through massive amounts of noun/attribute data in multiple disparate data sources. Cutting through ambiguity caused by missing attributes, pseudonyms, aliases, and obvious efforts to deceive, it mines and resolves the essential elements of identity to form an unambiguous picture that greatly enhances business decisions and reduces risk.

However, in many application domains, pinpointing “who knows whom” is equally valuable. In detecting insider trading, for example, it’s important to resolve identity information to achieve an unambiguous picture of a person of interest, but to expose fraudulent activity, it’s critical to identify second and third degree linkages between suspects and their friends, relatives, and business associates.

More examples abound. In insurance, fraudsters change roles each time they stage a car accident and also intentionally modify their identities in accident reports. Fraudulent employers who want to reduce their workers’ compensation premiums will close their company and start a new one with modified identities of corporate officers. In retail, non-receipted returns of merchandise are often linked to store employees and the customers they enlist to act as their confederates. The list goes on and on.

In each case, entity resolution finds hidden connections by evaluating multiple ambiguous attributes with the same algorithms used to resolve identities. A retail employee who takes a customer’s winning lottery ticket (while telling the customer he didn’t win!) can be traced through address and phone information to other suspiciously connected people, e.g. frequent lottery winners and lottery commission employees.

With apologies to the experts at Gartner, here’s a suggested addition to the definition that acknowledges the other half of entity resolution:

The capability to (a) resolve multiple labels for individuals, products or other noun classes of data into a single resolved entity when ambiguity from pseudonyms, alias names or other synonym-style constructs exists, and (b) to expose hidden connections between entities that are two or more degrees of separation apart. This is especially true in cases where there exists intentional falsification of information or the creation of false identities. While most prevalent in detecting perpetrators of criminal or illegal activity, more-commercial applications exist as well.

Share This

By the Infoglide Team

New York Times: Name Not on Our List? Change It, China Says

“By some estimates, 100 surnames cover 85 percent of China’s citizens. Laobaixing, or “old hundred names,” is a colloquial term for the masses. By contrast, 70,000 surnames cover 90 percent of Americans. The number of Chinese family names in use has tended to shrink as China’s population has grown, a winnowing of surnames that has occurred in many cultures over time.”

OCDQ Blog: All I Really Need To Know About Data Quality I Learned In Kindergarten

“When you present the business case for your data quality initiative to executive management and other corporate stakeholders, remember the lessons of show and tell.  Poor data quality is not a theoretical problem - it is a real business problem that negatively impacts the quality of decision critical enterprise information.”

BTNonline: Secure Flight Roils Booking Tech

“To facilitate the implementation of Secure Flight’s new data requirements for the travel industry, officials from the International Air Transport Association and Department of Homeland Security this year decided to use passenger data fields already used to transmit visa and passport information. TSA noted those IATA standards go into effect May 1.”

Security Systems News: Retail industry to ’speak with a single voice’

“There will now be a single entity both helping to establish best practices for loss prevention and lobbying state and federal government in regard to major security issues like organized retail crime.”

Share This

This post is based on a March 31 interview with Infoglide Senior Vice President Douglas Wood by Linda L. Briggs for TDWI (The Data Warehousing Institute), March 31, 2009. Click here to read the entire interview.

In a comprehensive discussion, Doug Wood of Infoglide Software spoke about an area of confusion that exists when people discuss identity resolution. He pointed out that the term is sometimes misapplied to describe software that performs data matching alone.

[An identity resolution engine is] software that allows organizations to connect disparate data sources in order to understand possible entity matches and non-obvious relationships. It boils down to this: Providing capabilities for organizations to understand “who’s who” and “who knows whom” across multiple data silos. Occasionally, when we introduce the concept of identity resolution technology to a new customer, their immediate response is “I see, but we already have a data matching engine.” The truth is, identity resolution engines have data matching at the core, but [they] provide much more functionality and flexibility than that.

So if identity resolution incorporates data matching, what really differentiates it from data matching products?

Perhaps the key element of an identity resolution engine is the ability to take the entity match and relationship results, then apply domain-specific rules to them. How does the enterprise treat Customer A by virtue of the fact that he or she has some non-obvious relationship with Customer B? The answer to that question is specific to the domain.

Most of us are familiar with the use of data matching for removing duplicates from databases and in cleansing input for data warehouses and master data management, but identity resolution is used in unique ways.

With identity resolution technology, data isn’t subjected to deterioration processes such as cleansing or record merging. Rather, the data can remain in its original state and in its original location.

What this means is that identity resolution is especially adept at uncovering risk, fraud, and conflicts of interest since the “forensic value of individual records is preserved for ongoing analysis.” While government is a key market for identity resolution engines, a growing number of commercial applications are emerging in financial services (e.g., PATRIOT Act compliance, detection of loan fraud and credit card fraud), retail (e.g., uncovering organized retail crime activities by comparing shoplifters with employees or frequent merchandise returners), workers compensation (e.g., finding employers that change attributes to avoid paying premiums), lottery corporations (e.g., compare winning ticket holders against lottery retail employees to discover potential fraud), and customer relationship management (e.g., keeping two similar records unmerged until birth date attribute uncovers a father/son relationship).

What prevents traditional data matching products from addressing these problems?

There are no problems with matching engines per se. They just aren’t identity resolution engines. Matching engines typically use one or two algorithms, perhaps mathematical in nature, that examine structured data looking for name matches. They provide an improvement over Soundex, but little more. What they do is say “Yes, this is a match” or “No, this is not a match.”

Common requirements for solving identity resolution problems include connecting to more diverse data types and formats, handling higher volumes, and delivering deeper insight into non-obvious relationships from existing uncleansed data sources.

If identity resolution engines have existed for years, what has caused the recent rush to employ them?

As part of the 9/11 Commission recommendations, the Department of Homeland Security began a robust search for identity resolution technology that could keep terrorists off airplanes by comparing passenger attributes against terrorist watch lists, no-fly lists, and other types of threat-related data. Through a few iterations, the selection and implementation process evolved into the Transportation Security Administration’s (TSA) Secure Flight Program, which ultimately thrust identity resolution technology into the limelight. Secure Flight is now widely recognized as the pre-eminent use case for identity resolution technology requirements today, and a number of companies are involved in delivering that solution.

Share This

By the Infoglide Team

Background Now: AG Seeks Injunction Against Contractors Asset Protection Association, Inc. (ConAPA) and Eugene Magre

“‘This company falsely promised its clients that if they gave their employees empty titles and worthless shares of stock they could avoid tens of thousands of dollars in workers compensation premiums,’ Attorney General Brown said. ‘But you can’t simply call a security guard a vice president and avoid complying with the law through a sophisticated and fraudulent scheme.’”

DailyTech: New Bills Target Stolen Merchandise Sold Online

“Under the new legislation, the brick and mortar retailers would score a major coup in that they could order eBay.com, Overstock.com, and Amazon.com to remove numerous goods without any proof.  Under the proposed laws, failure by the online retailers to ‘expeditiously investigate’ and remove the items would result in criminal penalties.”

BeyeNetwork: Business Drivers and Master Data

“Is the actual business need for a single version of the data, or just multiple versions, each of which is of higher quality? Drill down into this a little bit and you may need additional information from your business customers. What constitutes a requirement for master data? A situation in which two business processes need to have a fully shared view of the same representation of a data item?”

Web of Data: Report on Data Discovery by Bloor Research

“…there are now a number of products on the market that can discover data relationships that do not fall within the category of either data profiling or data quality. As a result, it is time to consider the importance of data discovery, and its requirements, as a market in its own right.”

Share This

[Post from Infoglide] The Human Element in Identity Resolution

We’ve written quite a few posts here on the subject of identity resolution’s application to a broad range of problems that include terrorism, insurance fraud, crime, lottery fraud, sexual predators, workers comp employer fraud, and retail returns fraud. What we haven’t discussed very much is the relationship between the technology and the human beings that employ it.

Boston Globe: Woman to be sentenced in asbestos case

“Deleon ‘cheated the system’ in two ways to enrich herself, according to the government’s case. Under her ownership, Environmental Compliance Training issued false asbestos removal training certificates and lied about it to the state. She also evaded payroll taxes and workers’ compensation insurance premiums by paying hundreds of employees of Methuen Abatement Staffing under the table. The company had a gross unreported payroll of $4.6 million from 2002 to 2006, according to a government document introduced at the trial.”

New Mexico Independent: Homeland security ‘fusion centers’ are working, but concerns abound

“The federal assessment of the nation’s fusion centers — which borrows heavily from earlier reports by such internal watchdogs as the Congressional Research Service (CRS) and General Accountability Office (GAO) — lists a few privacy, transparency and oversight concerns about the fusion centers.

Wall Street Journal: Tips for TSA to Make Flying Safer, Easier

“Some experts suggest that the TSA cut back on the air marshal program, which puts law-enforcement agents on some flights, and shift spending to more effective security measures. Experts also want to see major changes in the current Registered Traveler program to further speed up security procedures for frequent travelers and focus resources on travelers who haven’t undergone background checks. They also want to see more variation to today’s predictable screening so bad guys don’t know exactly how to circumvent security.”

Gartner: Can “single view” of master data be achieved without an MDM technology?

[Andrew White] “Certainly users have been trying to achieve ’single view’ for many years, before the phrase master data management was coined.  The problem of trying to maintain a semantically consistent definition of master data across the business has been a long standing desire for most firms.  It is because business (and to a great extend, IT also) has grown to be so complex, that since 2000 many firms have begun to look to specific tools to help.”

WorkersCompensation.com: Chenango Man Charged As Fraud In Fish Story

“Investigators from NYSIF’s Division of Confidential Investigations said Mr. Panus was receiving workers’ compensation payments for a work-related back injury that occurred in 1988. The investigation, conducted in cooperation with the New York State Insurance Department Frauds Bureau and the Office of the Workers’ Compensation Fraud Inspector General, found that Mr. Panus was allegedly self-employed as the owner of Ponderosa Fish Farm while receiving benefits totaling $66,100.”

Share This

By Robert Barker, Infoglide Senior VP and Chief Marketing Officer

We’ve written quite a few posts here on the subject of identity resolution’s application to a broad range of problems that include terrorism, insurance fraud, crime, lottery fraud, sexual predators, workers comp employer fraud, and retail returns fraud. What we haven’t discussed very much is the relationship between the technology and the human beings that employ it.

We software marketers are sometimes tempted to make it sound as though our products solve problems automatically. The truth is that identity resolution software performs tasks that humans could do, but it does them at a level of speed and precision that significantly enhances the results accomplished through those tasks. In order for the software to achieve excellent results, however, human judgment is required both in implementing the software and in applying the results.

The specifics of a particular problem differ markedly, and every solution is different. A person of interest in airline passenger screening has very different characteristics from a person of interest in workers compensation fraud, for example. Solutions differ even within a single problem domain, e.g. Nordstrom and Walmart have very different philosophies for merchandise returns.

In simpler data quality applications, default configurations can address many problems, but in identity resolution, a little tuning by experts greatly increases the solution’s value.  A domain expert may not understand the technology, but they understand their problem, industry, application, and company. And because of their depth of understanding of their domain, they can tell great results from good results in a heartbeat.

For maximum benefit, human domain experts work with technology experts to tune the software during implementation to apply similar “judgment” as the experts themselves would use to resolve multiple identities, uncover hidden relationships, and minimize false positives and false negatives. Technology’s critical role is to automate the process of sifting through the data to find likely matches and non-obvious relationships and to prioritize the cases that require human intervention so that finite human resources can focus on the most important things first.

While it’s critical to have software that can produce results right “off the shelf,” it is the domain expertise coupled with the technology expertise that creates a solution that is perfectly matched to the needs of a particular industry, application, and company.

Share This