Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint

CSI: Atlanta? No, It's Phone Fingerprinting

Pindrop Security collects $11M in funding to build out next-gen solution for preventing phone fraud

A criminal dials into your company's call center, looking to steal data on one of your customers. He's pretending to be the customer, fishing to get a password, a mother's maiden name, or anything that might help him set up a fraudulent account.

About 18 seconds into the conversation, your company has identified the call as fraudulent. You know where the fraudster's calling from, what names and numbers he has used before, and even his calling patterns. The transaction is blocked, and the caller is identified and blacklisted.

Is this an episode of CSI? No, it's new technology from an emerging vendor called Pindrop Security, which received an $11 million round of venture funding from Andreessen Horowitz and other firms on Wednesday.

Pindrop has developed a patent-pending technology called Phone Fingerprint, which enables companies to identify fraudulent callers through forensic analysis of their calls. Phone Fingerprint analyzes information such as the phone number and device used, voice recognition, and even background noise to uniquely identify callers within 15 seconds. It then takes about three seconds to flag the company and terminate the transaction.

"A lot of criminals and fraudsters are finding that socially engineering an inexperienced employee or call center representative is a very effective attack vector," says Vijay Balasubramaniyan," co-founder and CEO of Pindrop. "Depending on human error to break into an account is a lot easier than most forms of online attack."

About 30 percent of all financial fraud begins with a phone call, Pindrop says, and some financial firms say that as much as 60 percent of the fraud they see takes place over the phone. About one in every 3,000 calls to a customer call center is a fraudster, Pindrop estimates.

"That doesn't sound like a lot, but what it means is that the average call center rep is probably not very experienced in recognizing a fraudster," says Matt Anthony, vice president of marketing at Pindrop. "Our goal is to recognize that fraudster and let [the company] do something about it before the transaction is completed."

Phone Fingerprint analyzes phone call audio signals to identify the caller's location and calling device type to create a unique fingerprint, which can be used to match the caller to other calls they've made, regardless of attempts to mask identity and calling activity.

After receiving a $1 million round of seed funding last year, Pindrop now has $11 million more to make its presence known in the enterprise arena.

"Financial institutions are on the front lines, facing a well-organized, well-funded growth industry of cyber criminals," said Arvind Purushotham, managing director at Citi Ventures, one of the investors that provided the funding. "Pindrop Security developed a truly unique technology, providing a legitimate solution to address two of the biggest problems financial institutions face today, detecting attackers and identifying legitimate callers."

Have a comment on this story? Please click "Add a Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message. Tim Wilson is Editor in Chief and co-founder of Dark Reading.com, UBM Tech's online community for information security professionals. He is responsible for managing the site, assigning and editing content, and writing breaking news stories. Wilson has been recognized as one ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
MALLYN971
50%
50%
MALLYN971,
User Rank: Apprentice
6/20/2013 | 7:27:12 PM
re: CSI: Atlanta? No, It's Phone Fingerprinting
There is also the possibility or RF finterprinting; ie; how the RF transmitter starts transmitting. To see this, connect a high speed storage oscilloscope to a receiving antenna close to your phone. Start transmitting. The start of the RF transmission is unique to every transmitter because of minute physical differences in the physical attributes of the RF components that affect how the signal starts transmitting. There is a ham radio operator in Seattle who pioneered this technology for the purpose of identifying jammers for a ham radio repeater.
Tor Weaponized to Steal Bitcoin
Dark Reading Staff 10/18/2019
Data Privacy Protections for the Most Vulnerable -- Children
Dimitri Sirota, Founder & CEO of BigID,  10/17/2019
State of SMB Insecurity by the Numbers
Ericka Chickowski, Contributing Writer,  10/17/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Flash Poll
2019 Online Malware and Threats
2019 Online Malware and Threats
As cyberattacks become more frequent and more sophisticated, enterprise security teams are under unprecedented pressure to respond. Is your organization ready?
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-18387
PUBLISHED: 2019-10-23
Sourcecodester Hotel and Lodge Management System 1.0 is vulnerable to unauthenticated SQL injection and can allow remote attackers to execute arbitrary SQL commands via the id parameter to the edit page for Customer, Room, Currency, Room Booking Details, or Tax Details.
CVE-2019-18212
PUBLISHED: 2019-10-23
XMLLanguageService.java in XML Language Server (aka lsp4xml) before 0.9.1, as used in Red Hat XML Language Support (aka vscode-xml) before 0.9.1 for Visual Studio and other products, allows a remote attacker to write to arbitrary files via Directory Traversal.
CVE-2019-18213
PUBLISHED: 2019-10-23
XML Language Server (aka lsp4xml) before 0.9.1, as used in Red Hat XML Language Support (aka vscode-xml) before 0.9.1 for Visual Studio and other products, allows XXE via a crafted XML document, with resultant SSRF (as well as SMB connection initiation that can lead to NetNTLM challenge/response cap...
CVE-2019-18384
PUBLISHED: 2019-10-23
An issue was discovered on TerraMaster FS-210 4.0.19 devices. An authenticated remote non-administrative user can read unauthorized shared files, as demonstrated by the filename=*public*%25252Fadmin_OnlyRead.txt substring.
CVE-2019-18385
PUBLISHED: 2019-10-23
An issue was discovered on TerraMaster FS-210 4.0.19 devices. An unauthenticated attacker can download log files via the include/makecvs.php?Event= substring.