As more and more services are offered online, a detailed audit trail of all online activity becomes essential. The needs vary from documenting web transactions for future evidence, to the danger of identity theft, account takeovers and different types of cyber attacks. All these necessitate a comprehensive web user monitoring solution showing who did what, from where and when. As mobile and online attacks become increasingly sophisticated, it’s important to have a set of data that you can analyze to find new patterns, test new rules, and respond to new attacks.
Intellinx offers the first-of-its-kind web user behavior monitoring solution. The solution records the activity of all web users by non-invasively sniffing the network traffic between end users and web servers. The system analyzes the captured traffic in real-time and reconstructs full user sessions, allowing for screen-by-screen replay and behavior analysis.
The audit trail of user activity can be used for operational purposes as well as for detecting fraud and malicious activity.
Examples of operational use include documenting user activity while signing for loans online, or purchasing insurance policies online. When such services are provided, the corporation offering the online service may need to provide online documentation of the terms viewed by the user before he signed them electronically, in case of future dispute. Other examples include analyzing the user experience in order to improve the user interface and overall user friendliness; detecting and alerting on system or user errors in critical processes; and monitoring for spikes in system response rime or downtime.
Based on extensive recording of communications in real-time, Intellinx creates profiles for external users, and correlates them with offline data (such as call-center data, employee actions), resulting in more precise detection of fraud attempts. Creating a baseline of normal behavior, Intellinx then records and analyzes ongoing application work and alerts on changes in a wide range of variables.
Intellinx profiling capability is particularly potent in uncovering customer account takeover schemes, such as “man in the middle” or “man in the browser” attacks.
The Intellinx audit trail enables investigators to immediately view suspicious actions conducted by users, down to every screen and command.
Intellinx listens in to real-time communications, issues alerts according to preset rules, and triggers actions such as requests for additional credentials, moving a transaction to offline, or halting transactions.
The agentless Intellinx sniffer records and listens in to network communications, with no impact whatsoever on applications or users.
Intellinx merges a variety of data sources into a single coherent system, including core banking systems, payments performed in a variety of channels (call center, ATM, mobile, ACH/wire), customer databases, security systems and the Intellinx network sniffing mechanism. Intellinx can read directly from databases, log files and other sources using its own built-in ETL package or the bank’s incumbent ETL package.