We interviewed Matt Anthony (VP of Marketing) and Raj Bandyopadhyay (Principal Data Scientist) at Pindrop Security to learn more about how the company. Pindrop Security provides solutions to protect enterprise call centers and phone users, where it combines authentication and anti-fraud detection technology to verify legitimate callers while detecting malicious callers.
Can you tell me a little bit about yourself and your role within the company?
My name is Matt Anthony and I’m responsible for marketing at Pindrop. I’ve been here for two years and my background is information security startups, where I first worked at CipherTrust in 2000 with Dr. Paul Judge – who is one of Pindrop’s founders. I then went to SecureWorks, which is in the managed security space, and was later acquired by Dell. About a year after the acquisition I heard from Dr. Judge and thought the project was too great an opportunity to turn down.
So my name is Raj Bandyopadhyay and I joined Pindrop last August. I have a PhD in
Computer Science from Rice University in Houston, Texas and was introduced to Pindropthrough a mutual connection. I decided to join the team as their principal Data Scientist.
What does Pindrop do?
Pindrop Security has been around for three years and was founded in 2011. The origin of the company comes from a PhD thesis by our founder Vijay Balasubramaniyan, where he was analysing audio signals to determine what data could be gleaned from simply looking at a phone call. After the paper was published, Vijay received immediate interest from financial institutions in the U.S. about using the technology to detect fraud calls into their environment.
What we do for companies is sit in their call center, flag and score every call, and then analyse what steps the company needs to take to prevent fraud. With our technology, we predict and prevent rather than let the crime happen and spend millions trying to solve the problem.
We can detect things that show obvious fraud. For example, if there is a phone number that says it should be coming from Topeka, Kansas on a landline but it was really coming from Nigeria on a voice over IP line, we would instantly identify that as Caller ID spoofing, a common technique for fraudsters.
Within only a few years since we began, we have found ourselves with 2 of the top 4 banks and 2 of the largest brokerages using our technology.
What types of technologies are you using to analyse these calls?
Our system is primarily based on Data Science and Machine Learning. What this means is that when a costumer approaches us we send one of our signal processing engineers to the client’s premises to collect data, specifically examples of fraudulent audio that the client has recorded. Once have this, we analyse the audio of the call – but the crucial thing to know is that we are not only analysing the voice, language or speaker. All of these things can be spoofed or changed.
Rather, what we are analysing is background artefacts in the audio, which are a result of the networking and infrastructure of the device that is making the call. These things cannot be spoofed and can give us accurate information on where the call is coming from and which device has been used to make the call.
After this, we break the audio into 147 different audio features and then feed it into our machine learning system that assigns a risk value to every call. With our model, any subsequent call that comes into the clients call center will then, in real time, be automatically assessed to see whether it is fraudulent.
In terms of implementation, we primarily use tools like C++ to transform the audio into features. To do the actual machine learning training we use Weka, and for data storage we use MySQL.
What are the main countries that have the highest activity of fraudulent calls?
We see a lot of activity out in the UK, mainly because it is a central place to take over telco equipment and use it as a routing point. Eastern Europe, Nigeria, Columbia and Mexico are hot spots also. Interestingly, what we have found is that the really organised and sophisticated activity is happening out of Africa and Eastern Europe. To deal with this, we have models that recognise international and domestic device types. Our models are finely tuned for the countries we are operating in.
Any specific challenges you’re facing?
Given that there hasn’t been much change in this space for a long time, one of the challenges is just getting the word out that there is technology that can make a difference. What we have found is that the market in the UK is much more mature, probably because of EMV technology that’s been around for a few years. For that reason we are more likely to see a telco security individual in the UK banks than we have ordinarily seen in the USA. Aside from this, the main problem is finding the right people to hire.
What kind of talent are you looking for?
We are looking for audio engineers, data scientists, and of course sales engineers that have a combination of network security and telco experience.
Plans to Expand?
We have just begun hiring a team in London and have added Canada to our portfolio this year. Brazil and Australia are likely to follow at the end of this year or the beginning of next year. Our clients tend to be large financial institutions and have global operations already, so all of these markets made a lot of sense to us.
Pindrop Security provides solutions to protect enterprise call centers and phone users. Pindrop’s solution combines authentication and anti-fraud detection technology to verify legitimate callers while detecting malicious callers. Named SC Magazine 2013 Rookie Security Company of the Year, a Gartner “Cool Vendor” in Enterprise Unified Communications and Network Services for 2012 and one of the 10 Most Innovative Companies at the 2012 RSA conference, Pindrop Security’s solutions restore enterprises’ confidence in the security of phone-based transactions.
Interested in more content like this? Sign up to our newsletter, and you wont miss a thing!
(Image Credit: raindog808)