Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint

CSI: Atlanta? No, It's Phone Fingerprinting

Pindrop Security collects $11M in funding to build out next-gen solution for preventing phone fraud

A criminal dials into your company's call center, looking to steal data on one of your customers. He's pretending to be the customer, fishing to get a password, a mother's maiden name, or anything that might help him set up a fraudulent account.

About 18 seconds into the conversation, your company has identified the call as fraudulent. You know where the fraudster's calling from, what names and numbers he has used before, and even his calling patterns. The transaction is blocked, and the caller is identified and blacklisted.

Is this an episode of CSI? No, it's new technology from an emerging vendor called Pindrop Security, which received an $11 million round of venture funding from Andreessen Horowitz and other firms on Wednesday.

Pindrop has developed a patent-pending technology called Phone Fingerprint, which enables companies to identify fraudulent callers through forensic analysis of their calls. Phone Fingerprint analyzes information such as the phone number and device used, voice recognition, and even background noise to uniquely identify callers within 15 seconds. It then takes about three seconds to flag the company and terminate the transaction.

"A lot of criminals and fraudsters are finding that socially engineering an inexperienced employee or call center representative is a very effective attack vector," says Vijay Balasubramaniyan," co-founder and CEO of Pindrop. "Depending on human error to break into an account is a lot easier than most forms of online attack."

About 30 percent of all financial fraud begins with a phone call, Pindrop says, and some financial firms say that as much as 60 percent of the fraud they see takes place over the phone. About one in every 3,000 calls to a customer call center is a fraudster, Pindrop estimates.

"That doesn't sound like a lot, but what it means is that the average call center rep is probably not very experienced in recognizing a fraudster," says Matt Anthony, vice president of marketing at Pindrop. "Our goal is to recognize that fraudster and let [the company] do something about it before the transaction is completed."

Phone Fingerprint analyzes phone call audio signals to identify the caller's location and calling device type to create a unique fingerprint, which can be used to match the caller to other calls they've made, regardless of attempts to mask identity and calling activity.

After receiving a $1 million round of seed funding last year, Pindrop now has $11 million more to make its presence known in the enterprise arena.

"Financial institutions are on the front lines, facing a well-organized, well-funded growth industry of cyber criminals," said Arvind Purushotham, managing director at Citi Ventures, one of the investors that provided the funding. "Pindrop Security developed a truly unique technology, providing a legitimate solution to address two of the biggest problems financial institutions face today, detecting attackers and identifying legitimate callers."

Have a comment on this story? Please click "Add a Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message. Tim Wilson is Editor in Chief and co-founder of Dark Reading.com, UBM Tech's online community for information security professionals. He is responsible for managing the site, assigning and editing content, and writing breaking news stories. Wilson has been recognized as one ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
MALLYN971
50%
50%
MALLYN971,
User Rank: Apprentice
6/20/2013 | 7:27:12 PM
re: CSI: Atlanta? No, It's Phone Fingerprinting
There is also the possibility or RF finterprinting; ie; how the RF transmitter starts transmitting. To see this, connect a high speed storage oscilloscope to a receiving antenna close to your phone. Start transmitting. The start of the RF transmission is unique to every transmitter because of minute physical differences in the physical attributes of the RF components that affect how the signal starts transmitting. There is a ham radio operator in Seattle who pioneered this technology for the purpose of identifying jammers for a ham radio repeater.
News
FluBot Malware's Rapid Spread May Soon Hit US Phones
Kelly Sheridan, Staff Editor, Dark Reading,  4/28/2021
Slideshows
7 Modern-Day Cybersecurity Realities
Steve Zurier, Contributing Writer,  4/30/2021
Commentary
How to Secure Employees' Home Wi-Fi Networks
Bert Kashyap, CEO and Co-Founder at SecureW2,  4/28/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-31755
PUBLISHED: 2021-05-07
An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN. A stack buffer overflow vulnerability in /goform/setmac allows attackers to execute arbitrary code on the system via a crafted post request.
CVE-2021-31756
PUBLISHED: 2021-05-07
An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN. A stack buffer overflow vulnerability in /gofrom/setwanType allows attackers to execute arbitrary code on the system via a crafted post request. This occurs when input vector controlled by malicious attack get copie...
CVE-2021-31757
PUBLISHED: 2021-05-07
An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN. A stack buffer overflow vulnerability in /goform/setVLAN allows attackers to execute arbitrary code on the system via a crafted post request.
CVE-2021-31758
PUBLISHED: 2021-05-07
An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN. A stack buffer overflow vulnerability in /goform/setportList allows attackers to execute arbitrary code on the system via a crafted post request.
CVE-2021-31458
PUBLISHED: 2021-05-07
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handlin...