Web User Monitoring

The Challenge

As more and more services are offered online, a detailed audit trail of all online activity becomes essential. The needs vary from documenting web transactions for future evidence, to the danger of identity theft, account takeovers and different types of cyber attacks. All these necessitate a comprehensive web user monitoring solution showing who did what, from where and when. As mobile and online attacks become increasingly sophisticated, it’s important to have a set of data that you can analyze to find new patterns, test new rules, and respond to new attacks.

The Intellinx Web User Monitoring Solution

Intellinx offers the first-of-its-kind web user behavior monitoring solution. The solution records the activity of all web users by non-invasively sniffing the network traffic between end users and web servers. The system analyzes the captured traffic in real-time and reconstructs full user sessions, allowing for screen-by-screen replay and behavior analysis.

The audit trail of user activity can be used for operational purposes as well as for detecting fraud and malicious activity.

Improving Operational Aspects

Examples of operational use include documenting user activity while signing for loans online, or purchasing insurance policies online. When such services are provided, the corporation offering the online service may need to provide online documentation of the terms viewed by the user before he signed them electronically, in case of future dispute. Other examples include analyzing the user experience in order to improve the user interface and overall user friendliness; detecting and alerting on system or user errors in critical processes; and monitoring for spikes in system response rime or downtime.

Profiling of External User Actions

Based on extensive recording of communications in real-time, Intellinx creates profiles for external users, and correlates them with offline data (such as call-center data, employee actions), resulting in more precise detection of fraud attempts. Creating a baseline of normal behavior, Intellinx then records and analyzes ongoing application work and alerts on changes in a wide range of variables.

Preventing “Man in the Middle” Attacks

Intellinx profiling capability is particularly potent in uncovering customer account takeover schemes, such as “man in the middle” or “man in the browser” attacks.

Forensic Audit Trail

The Intellinx audit trail enables investigators to immediately view suspicious actions conducted by users, down to every screen and command.

Real-Time Alerts Stop Cybercrime in Advance

Intellinx listens in to real-time communications, issues alerts according to preset rules, and triggers actions such as requests for additional credentials, moving a transaction to offline, or halting transactions.

No Effect on User Experience

The agentless Intellinx sniffer records and listens in to network communications, with no impact whatsoever on applications or users.

Merging a Variety of Data Sources

Intellinx merges a variety of data sources into a single coherent system, including core banking systems, payments performed in a variety of channels (call center, ATM, mobile, ACH/wire), customer databases, security systems and the Intellinx network sniffing mechanism. Intellinx can read directly from databases, log files and other sources using its own built-in ETL package or the bank’s incumbent ETL package.