Current security threat assessment and fraud detection programs are moving towards a risk-based approach to ensure that entitlement programs, infrastructures, data, and systems are protected from improper use or criminal activity. This risk-based approach requires a significant amount of automation of the threat assessment and fraud detection process and a solid quality assurance process that tracks the quality of a risk assessment process.
However, current risk assessment processes present several major challenges. Unstructured data sources used in the assessment process are hard to convert into a format suitable for an automated assessment. Additionally, non-standard data vocabulary and complicated data semantics are difficult to use by traditional systems such as rule-based engines. Given these challenges, much of the risk assessment processes are manually operated, accuracy rates are less than optimal, and therefore the likelihood of fraud, criminal activity, and other types of risk, increase.
Security threat assessment and fraud detection programs are also moving towards a person-centric approach. This person-centric approach provides an integrated and consolidated view of information about an individual or an organization. This type of approach to risk assessment is meant to increase the quality, accuracy, and security of data. Sophisticated techniques must be put in place in order to provide identity matching functionality in order to assess risks associated with an identity and to detect potential fraud. However, current industry standards lack the ability to automatically process a large number of identity matching events and derive meaningful and actionable information about potential identity fraud issues.