All posts by Crime Tech Solutions (www.crimetechsolutions.com)
IBM Crime Analytics: Missing the mark? CTS Hits the bullseye!
Posted by Crime Tech Solutions – Your source for analytics in the fight against crime and fraud.
September 7, 2015. IBM announced this week a major update to its IBM i2 Safer Planet intelligence portfolio that includes a major overhaul of the widely used Analyst’s Notebook product. The product, which has become increasingly abandoned by its user base over the past five years, is now being positioned as ‘slicker‘ than previous versions.
IBM suggests that the new version scales from one to 1,000 users and can ingest petabytes of information to visualize. (A single petabyte roughly translates to 20,000,000 four-drawer filing cabinets completely filled with text).
That’s a lot of data. Seems to me that analysts are already inundated with data… now they need more?
This all begs the question: “Where is IBM headed with this product?”
The evidence seems to point to the fact that IBM wants this suite of products to compete head-to-head with money-raising machine and media darling Palantir Technologies. If I’m IBM, that makes sense. Palantir has been eating Big Blue’s lunch for a few years now, particularly at the lucrative US Federal market level. Worse yet, for IBM i2, is the recent news of a new competitor with even more powerful technology.
If I’m a crime or fraud analyst, however, I have to view this as IBM moving further and further away from my reality.
The reality? Nobody has ever yelled “Help! I’ve been robbed. Call the petabytes of ‘slick’ data!” No, this tiring ‘big data’ discussion is not really part of the day to day work for the vast majority of analysts. Smart people using appropriate data with intuitive and flexible crime technology solutions… that’s the reality for most of us.
So, as IBM moves their market-leading tool higher and higher into the stratosphere, where does the industry turn for more practical desktop solutions with realistic pricing? For more and more customers around the world, the answer is a crime and fraud link analytics tool from Crime Tech Solutions.
No, it won’t ingest 20,000,000 four-drawer filing cabinets of data, and it’s more ‘efficient‘ than ‘slick‘. Still, the product has been around for decades as a strong competitor to Analysts Notebook, and is well-supported by a network of strategic partners around the world. Importantly, it is the only American made and supported alternative. Period. It’s also, seemingly, the last man standing in the market for efficient and cost-effective tools that can be used by real people doing their real jobs.
Is "Minority Report" pure fiction?
Posted by Douglas Wood.
Journalist Raj Shekhar had an interesting article in the Times of India this week.
It’s like PreCrime, only four decades early. The “predictive policing” system seen in the Tom Cruise blockbuster Minority Report is now taking shape in Delhi. But instead of the three slime-immersed psychic “Precogs” that system relied on, Delhi Police’s crime prediction will be based on cold, hard data.
Once Enterprise Information Integration Solution or ‘EI2S’—a system that puts petabytes of information from more than a dozen crime databases at police staff’s fingertips—is ready, Delhi Police will be able to implement its ‘Crime Forecast’ plan to predict when and where criminals will strike.
The technology is not as fanciful as it seems at first and is already being tried out in many important cities, including New York, Los Angeles, London and Berlin. Officers associated with the plan say the software will analyze police data for patterns, compare it with other data from jails, courts and other crime-fighting agencies, and alert police to the likely threats. Data will be available not only on the suspects but also their likely victims.
A global tender has been floated for the project and Delhi Police is in talks with various firms for the technology.
According to the article, the system can help pre-empt many situations. For example, a violent clash between two gangs. It can identify individuals who are likely to join gangs or take to crime in an area based on the analyses of their behaviour and network. It can also curb domestic violence by identifying a pattern and predicting the next attack, the article said.
It all boils down to spotting patterns in mountains of data using tremendous computing power. A police document about the plan states that investigators should be able to perform crime series identification, crime trend identification, hot spot analysis and general analysis of criminal profiles. Link analysis will help spot common indicators of a crime by establishing associations and non obvious relationships between entities.
Using neighbourhood analysis, police will be able to understand crime events and the circumstances behind them in a small area as all the crime activity in a neighbourhood will be available for analysis. Criminal cases will be classified into multiple categories to understand what types of crime an area is prone to and the measures needed to curb them. Classification will be done through profiles of victims, suspects, localities and the modus operandi.
Another technique, called proximity analysis, will provide information about criminals, victims, witnesses and other people who are or were within a certain distance of the crime scene. By analyzing demographic and social trends, investigators will be able to understand the changes that have taken place in an area and their impact on criminality.
Network analysis will also be a part of this project to identify the important characteristics and functions of individuals within and outside a network, the network’s strengths and weaknesses and its financial and communication data.
While the system could help fight crime and rid Delhi of its ‘crime capital’ tag, it is bound to raise concerns over privacy and abuse as no predictive system can be foolproof.
Biometrics and Authentication – A new world of possibilities
This article was written 
by Sacha Breite, head of future payments at SIX Payment Services. It originally appeared here on July 20, 2015.
The search for a common, international standard of payment authentication is in full flow.
Governments, retailers, banks and (not least) consumers are all eager to find a means of confirming someone’s identity beyond any doubt, secure from external hacking and technologically reliable.
The situation has become more urgent with the wildfire spread of mobile technology, opening up countless opportunities for remote transactions, but placing a growing burden on payment systems to prevent fraud and theft, both of assets and identities.
So, what are the best ways forward?
Here are some of the key technologies, with an analysis of their pros and cons:
Fingerprints and vein recognition
Already in common use at border controls and in many smartphones, fingerprint identification has become widely accepted. But concerns over its reliability and security has dissuaded banks from adopting it for payment authentication.
Some consumers fear that their fingerprint hashdata could be copied and used fraudulently, so they have switched back to pin ID. Younger consumers are more relaxed with the technology and ApplePay can be activated using fingerprint ID.
As technology develops and sensors are more widespread, some are concerned that their fingerprint ID could be captured simply by touching something, without realizing. The technology is likely to remain popular, but probably in combination with other forms of ID.
Facial recognition
Another border control technology which is likely to spread into the commercial world, this once again raises reliability concerns. What happens if one’s face alters its appearance? Can someone be impersonated by showing an image of their face?
A number of extra aspects can tighten security: infrared scanners can tell the difference between a live person and an image; a 3D scan of someone’s head provides further authentication; and iris recognition is becoming more sophisticated.
The new ‘Hello’ function on Windows 10 includes a means of unlocking one’s computer simply by looking at it. So the prospect of going to an ATM, looking at it and then getting cash out, may be possible in future (though some people will object to being filmed, on privacy grounds).
Customers taking ‘selfies’ and using these as authentication, either as a still image or a video, is another emerging form of authentication. Recently MasterCard announced plans to pilot this solution and replace passwords in 3-D Secure protected payments.
Heartbeats
Like our fingerprints and irises, everyone has a unique heartbeat. Using this for identification has the advantage that is it dynamic rather than static and therefore harder to replicate and proves that you are an actual human being.
The technology is part of many current and emerging devices, particularly for sports and fitness use, providing a ready means of integration with other systems, such as transactions or establishing ID.
Wearable technology, whether for health, fashion or communication, will give this type of authentication further impetus. So we can expect to see more of it in the years to come.
Beyond the technologies employed, there are further debates over whose responsibility it should be to develop any common standard. Governments are an obvious place to start, and indeed they have collaborated successfully to introduce border controls using biometric ID.
Yet transactions involving large amounts of money, especially ones using mobile devices, require greater security than this. People are physically present at border points and have to show their passports, so the biometrics are simply an additional security layer.
Most of the initiatives rolled out by governments using biometric ID authentication for health insurance (for example) have failed to work in the commercial sphere.
Card Schemes such as Visa and MasterCard would love to introduce such a system and have it commonly adopted internationally, since it would increase brand loyalty and probably win them new customers.
But so far, the lack of clarity over what kind of technology will be most widely accepted, by governments, consumers and by the legal world, has prevented any major financial service provider taking a leap of faith. Reliability, security and privacy issues remain unresolved.
In some ways, technology is leaping ahead of the best efforts of governments and banks, through applications like Google Street View and Google Image, where individuals can be identified through pictures taken of them without necessarily having their consent. And commercial services such as Amazon, PayPal and eBay have pioneered slimmed-down ID procedures, which may become more widely adopted.
An ever increasing amount of data is being stored on all of us, which will enable identification through many differing avenues. Irrespectively of the current position of biometrics and technology, it is vital for banking and payment infrastructure providers like SIX Payment Services, to provide high levels of security and reliability. In the near future we can expect further innovations to appear in this space, however it is still unclear which will form the basis of a single global standard, until the dust has settled from the current burst of activity.
Medicaid Fraud – The NAMPI Conference Wrap
Posted by Douglas Wood, Editor.
The National Association for Medicaid Program Integrity (NAMPI) wrapped up its 31st annual conference yesterday (August 12) in New Orleans with the theme “Jazzing up Program Integrity in the Big Easy.” I’m glad that the conference itself was full of cool presentations and networking events, because the temperature outside was Hot Hot Hot! (Note to self: One ‘Hurricane’ at Pat O’Briens on Bourbon Street is enough.)
50 years after President Lyndon Johnson signed into law legislation creating two new national health insurance programs – Medicare and Medicaid – the latter is the largest source of medical and health-related services in the US, providing healthcare to over 68 million Americans with a low income. As the number of enrollees continues to grow, so then does the challenge of maintaining program integrity and fighting the inevitable fraud that hurts us all.
As someone who markets technology solutions in the fight against fraud and crime, I found much of the conference to be right up my alley. As with any conference, much of the agenda was sponsored by vendors of data solutions and technology. Kudos to LexisNexis for sponsoring keynote speaker Elizabeth Smart, former kidnapping victim and advocate for children’s safety. Her story was a powerful way to begin the conference and the packed room was riveted by her story and courage.
NAMPI president John McCormick’s Monday morning remarks were short and sweet and set the tone for what turned out to be an excellent couple of days. In particular, I thought the breakout session on program integrity by the US Government Accountability Office was excellent, as well as a session discussing the facts and myths about Return on Investment. The panel included Illinois Inspector General Brad Hart, Ohio’s Lalita Jambhale, and Oklahoma’s Cindy Roberts. A session called Advanced Analytics was also well-attended and, in my opinion, one of the better forums.
There were several excellent vendor-specific sessions as well, most notably a session entitled “The Next Generation of Medicaid Program Integrity: Where Identity Data, Linking Technology, and Clearing Houses Intersect”, and a look at Missouri’s Medicaid Audit and Compliance programs sponsored by Truven Analytics.
A walk around the Exhibitor floor showed most of the usual suspects – HMS, Truven, SAS, IBM, and others. Each vendor had some uniqueness and most had interesting fraud detection and visual analytics. Still missing from the end-to-end solution equation, however, is an investigative case management system that is purpose designed for Medicaid fraud investigations. Most vendors talked a good talk… few could walk the walk in that area. And what about a biometrics play? Identity assurance is a key element to medical care, why not in program integrity? When will someone fill those voids?
Of note, 21CT was in attendance and had, from what I could see, one of the better overall demonstrations. Their Torch offering continues to impress. Also interesting, Appriss‘ continued push into the industry with their ever-growing database of incarceration records. All vendors performed well, and a full list of those sponsors and exhibitors can be found on the NAMPI Conference website.
Congratulations to NAMPI on an excellent conference, and here’s hoping that the ideas shared continue to put a dent in the billions lost to fraud each year.
Swoop 'n Squat, Army strong, and major case management: This week's Crime Technology headlines:
Posted by Douglas Wood, Editor.
Swoop and Squat…
http://www.propertycasualty360.com/2015/03/09/swoop-squat-beware-of-these-insurance-fraudsters
Army strong analytics…
http://www.military.com/daily-news/2015/03/27/army-improves-systems-testing-to-deliver-more-capability-to-figh.html
Investigative Case Management…
http://www.mvariety.com/cnmi/cnmi-news/local/75212-commonwealth-bureau-of-investigation-has-a-new-building
WorksafeBC introduces new Major Case Management (MCM) protocols…
http://www.workerscompensation.com/compnewsnetwork/workers-comp-blogwire/20898-worksafe-bc-posts-update-on-safety-review-plan.html
The Name Game Fraud
Posted by Douglas Wood, Editor. Alright everybody, let’s play a game. The name game!
“Shirley, Shirley bo Birley. Bonana fanna fo Firley. Fee fy mo Mirley. Shirley!” No, not THAT name game. (Admit it… you used to love singing the “Chuck” version, though.)
The name game I’m referring to is slightly more sinister, and relates to the criminal intent to deceive others for gain by slightly misrepresenting attributes in order to circumvent fraud detection techniques. Pretty much anywhere money, goods, or services are dispensed, folks play the name game.
Utilities, Insurance, Medicaid, retail, FEMA. You name it.
Several years ago, I helped a large online insurance provider determine the extent to which they were offering insurance policies to corporations and individuals with whom they specifically did not want to do business. Here’s what the insurer knew:
- They had standard application questions designed to both determine the insurance quote AND to ensure that they were not doing business with undesirables. These questions included things such as full name, address, telephone number, date of birth, etc… but also questions related to the insured property. “Do you live within a mile of a fire station?”, Does your home have smoke detectors?”, and “Is your house made of matchsticks?”
- On top of the questions, the insurer had a list of entities with whom the knew they did not want to do business for one reason or another. Perhaps Charlie Cheat had some previously questionable claims… he would have been on their list.
In order to circumvent the fraud prevention techniques, of course, the unscrupulous types figured out how to mislead the insurer just enough so that the policy was approved. Once approved, the car would immediately be stolen. The house would immediately burn down, etc.
The most common way by which the fraudsters misled the insurers was a combination of The Name Game and modifying answers until the screening system was fooled. Through a combination of investigative case management and link analysis software, I went back and looked at several months of historical data and found some amazing techniques used by the criminals. Specifically, I found one customer who made 19 separate online applications – each time changing just one attribute or answer slightly – until the policy was issued. Within a week of the policy issue, a claim was made. You can use your imagination to determine if it was a legitimate claim. 😀
This customer, Charlie Cheat (obviously not his real name), first used his real name, address, telephone number, and date of birth… and answered all of the screening questions honestly. Because he did not meet the criteria AND appeared on an internal watch list for having suspicious previous claims, his application was automatically denied. Then he had his wife, Cheri Cheat, complete the application in hopes that the system would see a different name and approve the policy. Thirdly, he modified his name to Charlie Cheat, Chuck E. Cheat, and so on. Still no go. His address went from 123 Fifth Street to 123-A 5th Street. You get the picture.
Then he began to modify answers to the screening questions. All of a sudden, he DID live within a mile of a fire station… and his house was NOT made of matchsticks… and was NOT located next door to a fireworks factory. After almost two dozen attempts, he was finally issued the policy under a slightly revised name, a tweak in his address, and some less-than-truthful answers on the screening page. By investing in powerful investigative case management software with link analysis and fuzzy matching this insurer was able to dramatically decrease the number of policies issued to known fraudsters or otherwise ineligible entities.
Every time a new policy is applied for, the system analyzes the data against previous responses and internal watch lists in real time. In other words, Charlie and Cheri just found it a lot more difficult to rip this insurer off. These same situations occur in other arenas, costing us millions annually in increased taxes and prices. So, what happened to the Cheats after singing the name game?
Let’s just say that after receiving a letter from the insurer, Charlie and Cheri started singing a different tune altogether.
this week's financial crimes headlines
This week’s financial crimes headlines…
LexisNexis® Acquires BAIR Analytics, Leading Provider of Crime Analytics Solutions for Public Safety
WASHINGTON, DC and ATLANTA (January 6, 2015) – LexisNexis® Risk Solutions today announced its intent to acquire BAIR Analytics, a provider of analytics solutions for public safety. LexisNexis is acquiring BAIR Analytics to better provide the public safety community with comprehensive investigative solutions that aid them in their law enforcement mission. BAIR Analytics deploys strong technology, robust analytics, mapping, and visual tools to identify and predict patterns of crime. The transaction is subject to regulatory review.
“The acquisition of BAIR Analytics builds on LexisNexis’ commitment to public safety, providing us the ability to combine BAIR Analytic’s analytical capabilities with our public records and linking technology to add context to crime patterns and enhance our ability to identify and locate persons of interest,” said Haywood Talcove, chief executive officer, LexisNexis Special Services, Inc. “The acquisition will be unique in the industry and help public safety officers make better decisions to close cases faster and improve community safety. In an era of constrained budgets, analytics are essential to optimize limited resources and increase overall efficiencies.”
BAIR Analytic’s analytical tools have been used by large and small public safety organizations worldwide for more than 20 years to help reduce and prevent criminal activity.
“Becoming part of LexisNexis will bring new opportunities to expand and build the best possible solutions to help our public safety customers,” said Sean Bair, President, BAIR Analytics. “BAIR Analytic’s ability to help agencies identify, analyze and resolve problems created by criminal offenders will be an exceptional complement to LexisNexis, its proven solutions and vast public records database to offer a more complete view of individuals to accelerate the investigation process.”
About LexisNexis Risk Solutions
LexisNexis Risk Solutions (http://www.lexisnexis.com/risk) is a leader in providing essential information that helps customers across all industries and government assess, predict and manage risk. Combining cutting-edge technology, unique data and advanced analytics, LexisNexis Risk Solutions provides products and services that address evolving client needs in the risk sector while upholding the highest standards of security and privacy. LexisNexis Risk Solutions is part of Reed Elsevier, a world leading provider of professional information solutions.
BAIR Analytics
Established in 1997, BAIR Analytics (http://www.bairanalytics.com) is an analytical software and services company providing innovative tools and subject-matter expertise for public safety, private security, and national security and defense entities. Nearly half of the largest public-safety agencies in the United States use BAIR Analytic’s products & services to fight crime. BAIR Analytic’s current software tools are utilized by police departments, government agencies, and throughout the private sector worldwide to increase and promote smarter, community-oriented preventative policing.
# # #
Media Contact
Stephen Loudermilk
LexisNexis Risk Solutions
678.694.2353
stephen.loudermilk@lexisnexis.com
“The acquisition of BAIR Analytics builds on LexisNexis’ commitment to public safety, providing us the ability to combine BAIR Analytic’s analytical capabilities with our public records and linking technology to add context to crime patterns and enhance our ability to identify and locate persons of interest,” said Haywood Talcove, chief executive officer, LexisNexis Special Services, Inc. “The acquisition will be unique in the industry and help public safety officers make better decisions to close cases faster and improve community safety. In an era of constrained budgets, analytics are essential to optimize limited resources and increase overall efficiencies.”
BAIR Analytic’s analytical tools have been used by large and small public safety organizations worldwide for more than 20 years to help reduce and prevent criminal activity.
“Becoming part of LexisNexis will bring new opportunities to expand and build the best possible solutions to help our public safety customers,” said Sean Bair, President, BAIR Analytics. “BAIR Analytic’s ability to help agencies identify, analyze and resolve problems created by criminal offenders will be an exceptional complement to LexisNexis, its proven solutions and vast public records database to offer a more complete view of individuals to accelerate the investigation process.”
About LexisNexis Risk Solutions
LexisNexis Risk Solutions (http://www.lexisnexis.com/risk) is a leader in providing essential information that helps customers across all industries and government assess, predict and manage risk. Combining cutting-edge technology, unique data and advanced analytics, LexisNexis Risk Solutions provides products and services that address evolving client needs in the risk sector while upholding the highest standards of security and privacy. LexisNexis Risk Solutions is part of Reed Elsevier, a world leading provider of professional information solutions.
BAIR Analytics
Established in 1997, BAIR Analytics (http://www.bairanalytics.com) is an analytical software and services company providing innovative tools and subject-matter expertise for public safety, private security, and national security and defense entities. Nearly half of the largest public-safety agencies in the United States use BAIR Analytic’s products & services to fight crime. BAIR Analytic’s current software tools are utilized by police departments, government agencies, and throughout the private sector worldwide to increase and promote smarter, community-oriented preventative policing.
# # #
Media Contact
Stephen Loudermilk
LexisNexis Risk Solutions
678.694.2353
stephen.loudermilk@lexisnexis.com
Using Link Analysis to untangle fraud webs
Posted by Douglas Wood, Editor.
NOTE: This article originally appeared HERE by Jane Antonio. I think it’s a great read…
Link analysis has become an important technique for discovering hidden relationships involved in healthcare fraud. An excellent online source, FierceHealthPayer:AntiFraud, recently spoke to Vincent Boyd Bryant about the value of this tool for payer special investigations units.
A former biometric scientist for the U.S. Department of Defense, Bryant has 30 years of experience in law enforcement and intelligence analysis. He’s an internationally-experienced investigations and forensics expert who’s worked for a leading health insurer on government business fraud and abuse cases.
How does interactive link analysis help insurers prevent healthcare fraud? Can you share an example of how the tool works?
Boyd Bryant: Link analysis is most often used to piece together different kinds of data from multiple sources–to identify key players, connections between those players and patterns of behavior frequently missed. It can simplify an understanding of the level of involvement of individuals and criminal organizational hierarchies and can greatly simplify visualizing and communicating the operations of complex criminal enterprises.
One thing criminals do best is hide pots of money in different places. As a small criminal operation becomes successful, it will often expand its revenue streams through associated businesses. Link analysis is about trying to figure out where all those different baskets of revenue may be. Insurers are drowning in a sea of theft. Here’s where link analysis becomes beneficial. Once insurers discover a small basket of money lost to a criminal enterprise, then serious research needs to go into finding out who owns the company, who they’re associated with, what kinds of business they’re doing and if there are claims associated with it.
You may find a clinic, for example, connected to and working near a pharmacy, a medical equipment supplier, a home healthcare services provider and a construction company. Diving into those companies and what they do, you find that they’re serving older patients for whom multiple claims from many providers exist. The construction company may be building wheelchair ramps on homes. And you may find that the providers are claiming payment for dead people. Overall, using this tool requires significant curiosity and a willingness to look beyond the obvious.
Any investigation consists of aggregating facts, generating impressions and creating a theory about what happened. Then you work to confirm or disconfirm your theory. It’s important to have tools that let you take large masses of facts and visualize them in ways that cue you to look closer.
Let’s say you investigate a large medical practice and interview “Doctor Jones.” The day after the interview, you learn through link analysis that he transferred $11 million from his primary bank account to the Cayman Islands. And in looking at Dr. Jones’ phone records, you see he called six people, each of whom was the head of another individual practice on whose board Dr. Jones sits. Now the investigation expands, since the timing of those phone calls was contemporaneous to the money taking flight.
Why are tight clusters of similar entities possible indicators of fraud, waste or abuse?
Bryant: When you find a business engaged in dishonest practices and see its different relationships with providers working out of the same building, this gives rise to reasonable suspicion. The case merits a closer look. Examining claims and talking to members served by those companies will give you an indication of how legitimate the operation is.
What are the advantages of link analysis to payer special investigation units, and how are SIUs using its results?
Bryant: Link analysis can define relationships through data insurers haven’t always had, data that traditionally belonged to law enforcement.
Link analysis results in a visual reference that can take many forms: It can look like a family tree, an organizational chart or a time line. This reference helps investigators assess large masses of data for clustering and helps them arrive at a conclusion more rapidly.
Using link analysis, an investigator can dump in large amounts of data–such as patient lists from multiple practices–and see who’s serving the same patient. This can identify those who doctor shop for pain medication, for example. Link analysis can chart where this person was and when, showing the total amount of medication prescribed and giving you an idea of how the person is operating.
What types of data does link analysis integrate?
Bryant: Any type of data that can be sorted and tied together can be loaded into the tool. Examples include telephone records, addresses, vehicle information, corporate records that list individuals serving on boards and banking and financial information. Larger supporting documents can be loaded and linked to the charts, making cases easier to present to a jury.
Linked analysis can pull in data from state government agencies, county tax records or police records from state departments of correction and make those available in one bucket. In most cases, this is more efficient than the hours of labor needed to dig up these types of public records through site visits.
Is there anything else payers should know about link analysis that wasn’t covered in the above questions?
Bryant: The critical thing is remembering that you don’t know what you don’t know. If a provider or member is stealing from the plan in what looks like dribs and drabs, insurers may never discover the true extent of the losses. But if–as a part of any fraud allegation that arises–you look at what and who is associated with the subject of the complaint, what started as a $100,000 questionable claims allegation can expose millions of dollars in inappropriate billings spread across different entities.