Protezione Avanzata Contro le Frodi

Each year, I interview roughly 400 cyber security firms, and I blog one-third of them. And where it’s become routine to sync my talk time with Tel Aviv or Palo Alto, I’ve never once had to Google the ora a Milano before an interview. Until now. And why would I care to sync with Northern Italy? Well, according to 23andme, my blood is almost entirely Italian, so finding a great security company from that region is a matter of orgoglio personale.

Last week, I spent quality time with my new amico Italiano, Guido Ronchetti, CTO of XTN Cognitive Security. After two hours deep-diving the XTN platform, Guido was kind enough to fly from Milan to his US headquarters in NYC to spend another half-day taking me through his advanced fraud protection (which, by the way, is the English translation of the title of this article). Let me explain to you what I learned about this Italian company:

“If you are a consumer doing your on-line banking in Italy,” Ronchetti explained, “then there is a very good chance that the XTN Cognitive Security platform is protecting your transactions from fraud. Our solution is installed in more than half the on-line banks in Italy, as well as across Southern Europe and Latin America. And we are now in the process of expanding our reach to the larger global market, with primary focus in United States.”

The first component of the XTN platform is called Smart Endpoint Advanced Protection (SEAP), which uses passive biometrics to profile normal usage, interactions, and behaviors on the browser or mobile device. The web and mobile versions are available as SDKs, either an agentless JavaScript running in the browser environment or directly integrated into the mobile app. Machine learning assistance is provided, as is so common today, in the cloud.

The second component is called Smart Authentication (SA), which supports strong, adaptive multifactor authentication and digital signing of transactions in financial services and eCommerce settings. The primary communication channel for these tasks is the mobile device, supported by a cloud-based risk evaluation engine. The SA signing process is consistent with the European Payment Services Directive (PSD2).

The third component is called Smart Antifraud Shield (SMASH), which provides an integrated transaction monitoring solution for financial services and eCommerce. The fraud detection algorithms combine behavioral correlation, machine learning based on fraud usage patterns, and profiling based on hundreds of parameters. The resulting enterprise fraud management learns to recognize fraud and provides commensurate security.

XTN also offers the mobile risk evaluator mentioned above. Marketed as the Mobile Operative Risk Evaluator (MORE), the tool visualizes transactions so that threats can be monitored in real-time. Ronchetti provided an extensive demonstration of the tool for me, and I could see how this might evolve into a real-time fraud dashboard for any eCommerce or financial services company dealing with on-line risk.

Everyone knows that platforms exist that use behavioral analytics, MFA, and machine learning to reduce transaction fraud. So this is not news. But I sensed a unique approach at XTN. And I like the team’s eclectic approach to fraud, and their varied backgrounds. (Ronchetti has worked as a sound engineer and musician.) I believe dealing with fraud requires out-of-the-box thinking, and pure CS geeks sometimes live too inside-that-box.

As the XTN Cognitive Security team now lands on this side of the pond and begins to aggressively market their anti-fraud solutions (and they have two prominent US customers already), I think it would be worth your time to meet with Guido Ronchetti to learn more. Ask him how the XTN team managed to capture 50% del mercato in Italia. I don’t think a vendor captures that much attention unless they are offering good value.

As always, condividi le tue opinion. (Share your insights.)