HOME

Archive for October, 2007

The Internet: Treat or Trick?

Wednesday, October 31st, 2007

Do you remember before the Internet existed? When contact information was just address and phone number, not email and Skype? If you’re on the better side of 30, probably. Now can you imagine living without it? Probably not. The Internet and corresponding technologies have given us many benefits, made us more efficient, and even found some of us the loves of our lives.

But all is not well in the land of the www’s. In addition to making things easier for scam artists and child predators, the Internet has also made it easier for people to sell stolen goods. A whole new area of criminal activity, e-fencing, has emerged, where thieves and organized retail crime (ORC) rings can easily and anonymously get rid of purloined panties and Nike tennis shoes by selling them on online auction sites.

E-fencing is the second most profitable way for crooks to get rid of stolen merchandise. The most profitable is just to return the item to the store from which it was stolen. Sounds a bit risky but it happens all the time. And people do get away with it because the traditional systems for detecting retail returns fraud (exception based reporting and returns authorization systems) are not as sophisticated as they could be. Returning the stolen goods will get you about $1.08 on the dollar because you also get the tax returned. Not a bad profit. But you do have to show your face and risk being caught.

E-fencing will get you about $.70 on the dollar, and it’s less risky because there is a certain degree of anonymity. Bottom line, it’s become a big problem for the retail industry. So much so that retailers are taking it to the Hill. Several retail execs recently testified before the House Judiciary Committee’s Subcommittee on Crime, Terrorism and Homeland Security about the problems of ORC and e-fencing.

As reported by Security Director News in “Retailers push legislators for stricter penalties to reduce ORC”:

Fencing use to be a face-to-face process, [Brad] Brekke, [vice president of assets protection for Target Corp], said, but with the emergence of online sites, such as auction site eBay and classified listing Craig’s List, has created a worldwide market for stolen goods. “Sellers are anonymous and buyers are unaware of the source of the product,” he said. “The enormous profits of the crime have fueled criminal activity that hurts our communities.” . . . “As the problem has grown, our industry has invested tens of millions of dollars to combat the problem,” he said. “But the Internet marketplace has dramatically transformed the fencing of stolen property.”

This issue has created some tension between the retailers and online auction sites. The retailers are demanding additional steps to combat the problem such as identifying high-volume sellers and adding serial numbers to product listings. And eBay, who had a representative at the subcommittee hearing, is insisting that they’re doing all that can be reasonably expected.

Hence the involvement by Congress:

[Karl] Langhorst, [director of loss prevention at Randalls/Tom Thumb Food and Pharmacy], said despite best efforts, retailers continue to suffer significant losses. He said there needs to be “strong federal legislation” developed that defines ORC and holds online auction sites accountable to the sale of stolen property. “It would be nice to have some regulations in place to limit this to begin with,” he said. “Then we’d have loss prevention instead of loss reaction.”

While we wait for Congress to make a move, we’ve been thinking that this is another problem that could benefit from an identity resolution solution. Identity resolution software could analyze data from retailers on recent large volume thefts and then search online auction sites for postings of corresponding goods. It could find similarities in item type, color, size, quantity, location of the theft, and location of the seller and return possible matches. This would allow loss prevention experts to contact the seller to get further information, which could also be fed into the system to help determine if the seller is the thief and how to find them if they are.

Maybe this technology stuff isn’t too bad after all.

Identity Resolution Daily Links 2007-10-29

Monday, October 29th, 2007

[Post from Infoglide Software] What Happens in Vegas . . .

Identity resolution guru Jeff Jonas, distinguished engineer and chief scientist, Entity Analytic Solutions, IBM, is back in the news again. The Washington Post recently featured him in an article on how technology developed for casinos is being applied to solve other problems like terrorist threats and money laundering. Who knew that Las Vegas was not only a great place to see the Rock Paper Scissors national championship or to (allegedly) commit a hotel room sports memorabilia theft but is also a hub of technology R&D?”

CQ.com: Growth of Terrorist Watch Lists Questioned

“The center was created in December 2003 to consolidate all the different terrorist watch lists maintained by various federal agencies into one master list, which would be used across the government. The center succeeded — almost. It weaved the numerous agency watch lists into two master lists. However, the center needs to do more fine tuning to make the lists more useful, eliminate duplicative names, redress misidentified individuals and pare down a growing inventory, according to witnesses at the hearing on Wednesday.”

PogoWasRight.org: Visa fines bank after losses in TJX breach

“Visa USA issued $880,000 in penalties against a bank that processed transactions for TJX Cos., after an investigation of a computer hacking incident at the retailer.”

The New York Times: Real ID That Spitzer Now Embraces Has Been Widely Criticized

“Mr. Spitzer’s new position, announced on Saturday in Washington, places New York among a handful of states agreeing to implement a federal identification system that has faced intense opposition from civil libertarians, immigration advocates and many lawmakers. Concerns focus on privacy protection and the costs to states that implement the Real ID program. One criticism that has been raised is that the personal information will be entered in databases that will be shared by every state, raising questions about how the data will be secured and how safe its storage will be.”

Jeff Jonas: Feature/Function Innovation: Inventing Left-Hand Columns

“Innovation does not mean listening to what a user is asking for and building it. Heck, the way I see it, by the time a user starts asking for something, they are most likely asking everyone for the same thing.”

What Happens in Vegas . . .

Thursday, October 25th, 2007

Identity resolution guru Jeff Jonas, distinguished engineer and chief scientist, Entity Analytic Solutions, IBM, is back in the news again. The Washington Post recently featured him in an article on how technology developed for casinos is being applied to solve other problems like terrorist threats and money laundering. Who knew that Las Vegas was not only a great place to see the Rock Paper Scissors national championship or to (allegedly) commit a hotel room sports memorabilia theft but is also a hub of technology R&D?

Jonas originally created his Non-Obvious Relationship Awareness or NORA technology to detect aliases used by people trying to defraud the casinos. He then was able to use the technology to discover employees and fraudsters who were working together by, for example, identifying a shared home address. In other words, determine who’s who and who knows whom.

From the article:

“The casino industry, like the national security industry, is seeking information to answer a fundamental question: Who are you? ‘It’s, are you a good guy or a bad guy? A threat or a non-threat?’ explained Derk Boss, the vice president for surveillance for the Stratosphere hotel and casino . . . ‘There are going to be people that just want to come and gamble and enjoy your services,’ he said. ‘And there are going to be people that are going to come to take your money. Our job is to distinguish between those two groups.’”

After 9/11, the Department of Homeland Security had an even more pressing need to separate the good guys from the bad guys, the threats from non-threats. They produced a request for technology that could:

  • Compare information contained in a passenger reservation with data contained in watch list records
  • Verify, report, and validate matches between passenger and watch list information
  • Resolve potential matches identified in the execution of the processes
  • Adjust the process in response to changes in security threat levels
  • Protect individual privacy and civil liberties

They received over 1,000 responses but ultimately they selected an identity resolution solution because that was the only type of technology that could meet the needs of the program. There are only two companies that produce identity resolution software as we define it - IBM (formerly SRD) and Infoglide Software. DHS chose Infoglide Software’s solution. Interestingly enough Infoglide Software’s origins also tie back to gambling as the technology was originally created to help investigators solve a murder that was linked to gambling activities.

This technology with its birth in the big money world of Vegas also can be applied to the problem of money laundering.

“At the U.S. Treasury’s Financial Crimes Enforcement Network, for example, investigators have used [Jonas’ technology] to track money laundering. From one Suspicious Activity Report — which financial institutions are required to send to the government — they have identified a money launderer’s partners in crime. FinCEN has a decade’s worth of data on 170 million report forms. ‘We find a tremendous amount of connectivity,’ said Steve Hudak, FinCEN spokesman. ‘We find suspects linked by addresses, suspects linked by phone numbers. So we definitely know that these people are operating together.’”

Other technologies, like surveillance equipment and biometrics, are also finding their way from the casinos to homeland security and other industries. So apparently what happens in Vegas doesn’t always stay in Vegas.

Identity Resolution Daily Links 2007-10-22

Monday, October 22nd, 2007

Hartford Business: Retailers Want Less Data Liability

“The storing of credit card data for a lengthy period of time has been questioned by the National Retail Federation as it argues that storing the data is inviting a security breach. In a letter to the Payment Card Industry earlier this month, NRF Chief Information Officer David Hogan wrote that all retailers want to eliminate credit card fraud.”

PogoWasRight.org: Government data sharing ‘lacks privacy protection’

“Most implementations of government data sharing lack adequate privacy protection for citizens, a member of the data privacy and advisory council at the US Department of Homeland Security has warned. . . . Without sufficient identity management to protect privacy, data could be misused.”

RetailNet: Citi Trend Falls on Shrinkage Problems

“At the 2007 Wachovia Consumer Growth Conference on Thursday, [Citi Trends] chief executive Edward R. Anderson said the company’s shrinkage problem largely stems from internal theft rather than shoplifting. . . . At the end of the second quarter when the company first disclosed the problem, shrinkage accounted for about 2.3% of sales. Anderson said the company expects shrinkage to be about 2% of sales in both the third and fourth quarters, before any improvement is seen. The company is working toward a shrinkage rate of less than 1.5% of sales.”


The Washington Post: From Casinos to Counterterrorism

“The casino industry, like the national security industry, is seeking information to answer a fundamental question: Who are you? ‘It’s, are you a good guy or a bad guy? A threat or a non-threat?’ explained Derk Boss, the vice president for surveillance for the Stratosphere hotel and casino, whose crew operates under what he calls the IOU system: Identify, Observe and Understand.”

Identity Resolution Daily Links 2007-10-19

Friday, October 19th, 2007

The State of the Loss Prevention Industry: 2007 Update

“Why did shoplifting apprehensions and recovery dollars both increase so dramatically in 2006? We asked the survey participants and they gave us four primary reasons:

  • With an increase in organized retail theft, they focused more attention on the shoplifting issue.
  • They had additional loss prevention personnel on the floor looking for shoplifters.
  • There was more of a focus on and much better use of CCTV in their highest loss departments and areas.
  • More emphasis on employee training and awareness and award programs for reporting possible shoplifting activities, resulted in more calls/leads from the sales floor.”

Associated Press: TSA Laptops With Personal Info Missing

“Since the two laptops were stolen, TSA has instructed the contractor to fully encrypt hard drives. The TSA program, called the Hazardous Materials Endorsement Threat Assessment, collects information for security-clearance purposes for any driver who transports hazardous materials. These assessments were mandated in the Patriot Act.”

Ottawa Citizen: Canadians fear national security measures threaten privacy

“A growing number of Canadians fear their personal information is at risk due to increasingly pervasive technology and data exchanges with foreign countries in the name of national security, charges new research released Wednesday by the federal privacy commissioner. . . ‘It’s critical that we have a data protection regime in place that protects Canadians from inappropriate data sharing, data matching, and data uses by our governments,’ said Philippa Lawson, executive director of the Canadian Internet Policy & Public Interest Clinic.”

Identity Resolution Daily Links 2007-10-17

Wednesday, October 17th, 2007

[Daily Post from Infoglide Software] Lloyds TSB and Bank of Cyprus Fined $130 Million and $162 Million

“For allegedly assisting international fugitive Lycourgos Kyprianou, former chairman of AremisSoft Corp, in his money laundering and securities fraud activities, the feds are seeking civil penalties of $130 million from Lloyds TSB and $162 million from Bank of Cyprus. These fines, incidentally are the largest money laundering penalties ever, according to Charlie Intriago’s moneylaundering.com.”

Techworld.com: Lloyds anti-fraud system comes under fire

“The effectiveness of Lloyds TSB’s anti-money laundering systems faces being picked apart by prosecutors, despite the bank’s significant investments in AML systems and software in a bid to keep a lid on fraud. […] In 2002, during the period that prosecutors allege money-laundering was taking place, the bank installed an AML system from Searchspace to scan transactions and identify patterns for unusual activity. The system ran on IBM eServers, alongside another anti-risk tool from Fortent.”

Cyprus Mail: Bank of Cyprus dismisses US money laundering suit

“The bank said that in August 2007, a federal judge in New York granted the Bank’s motion to dismiss that case and found that the appropriate forum for any claims against the Bank is the judicial system in Cyprus. […] ‘Despite the fact that the Bank did not engage in any conduct in the United States, the United States Attorney’s civil suit claims that the Bank violated United States law by enabling Kyprianou to channel though $162 million of proceeds from his own fraudulent conduct through accounts maintained at the Bank,’ said the BoC statement.”

Los Angeles Times: Airport security better in some areas

“In testimony before the Senate Committee on Commerce, Science and Transportation, Berrick said TSA has met about 70% of performance expectations the GAO identified. She said that because the job of clearing passengers falls on commercial carriers, inconsistency could compromise security. Berrick said the government plans to take over passenger screening through Secure Flight, a system matching passenger information with no-fly lists.”

Lloyds TSB and Bank of Cyprus Fined $130 Million and $162 Million

Tuesday, October 16th, 2007

Lloyds TSB accused of money laundering in US screams the headline in today’s Financial Times and so we have not one but two other banks in the cross hairs of federal prosecutors. Also charged, the Bank of Cyprus is denying the “civil money laundering charges filed against it by U.S. prosecutors, saying the case was legally and factually without merit, reports Reuters. Like Bank of Cyprus, Lloyds TSB vows to “vigorously” fight these charges, reports Marketwatch, and quotes this statement from the bank, “We do not believe there is any basis for this action so we are disappointed that the U.S. Government has commenced proceedings in this case.”

For allegedly assisting international fugitive Lycourgos Kyprianou, former chairman of AremisSoft Corp, in his money laundering and securities fraud activities, the feds are seeking civil penalties of $130 million from Lloyds TSB and $162 million from Bank of Cyprus. These fines, incidentally are the largest money laundering penalties ever, according to Charlie Intriago’s moneylaundering.com. Forbes also reports, that “If found guilty Lloyds may have to pay out more in anti-money laundering fines than all other U.S. banks combined over the past six years.”

These cases are a bit different than recent actions against American Express for $65 million and Union Bank of California for $31 million both in the size of the fines and the fact that the accused firmly believe in their innocence and they’re willing to fight to prove it. The reputational costs to Lloyds TSB has already had an impact — at press time the company’s stock had fallen 2.96 percent.

If Lloyds TSB and Bank of Cyprus can successfully defend themselves against these charges, then it will set precedent that will surely have an impact upon future prosecutions. Hopefully then Congress will get serious about rewriting the Bank Secrecy Act.

How this all plays out will be very interesting to watch.

Identity Resolution Daily Links 2007-10-16

Tuesday, October 16th, 2007

[Daily Post from Infoglide Software] Survey Finds Operational Plan to Reduce Retail Industry Shrinkage by $18 Million

“The always insightful Loss Prevention Magazine in its September-October issue features a survey by ECR Europe that should be read by not just Loss Prevention (LP) pros, but also the CFOs of every retail company.”

Marketwatch: U.K. bank group Lloyds TSB to mount defense against U.S. lawsuit

“Lloyds TSB Group PLCsaid Tuesday it will defend itself ‘vigorously’ against U.S. legal claims that the U.K. bank violated federal anti-money laundering provisions. ‘We do not believe there is any basis for this action so we are disappointed that the U.S. Government has commenced proceedings in this case,’ the bank said in a short statement. Lloyds TSB said it’s confident that it will be vindicated.”

New York Times: U.S. Plan for Airline Security Meets Resistance in Canada

“‘Either the United States places no value whatsoever in the Canadian list, which it helped develop, or I have to suspect what’s going on here is a pure and simple data-fishing exercise,’ Mr. Gaspar said.”

Survey Finds Operational Plan to Reduce Retail Industry Shrinkage by $18 Billion

Monday, October 15th, 2007

The always insightful Loss Prevention Magazine in its September-October issue features a survey by ECR Europe that should be read by not just Loss Prevention (LP) pros, but also the CFOs of every retail company.

Lessons from Low-Shrink Retailers - Nine Ways to Save $18 Billion deserves attention because in researching the loss prevention strategies of five retailers with much lower than industry average rate of loss, they unintentionally unearthed an operational plan that could save the retail industry billions of dollars in shrinkage.

Writes Adrian Beck and Colin Peacock:

“When you look at the average rate of loss for these companies [Target Corporation, Limited Brands, Best Buy, CVS/pharmacy, and The Gap] as a whole (0.9%), compared with the industry average (1.59%), then it is perhaps easy to see why they were consistently selected by the panel of experts. Indeed, together their improved shrinkage performance is worth as much as $1.1 billion a year, and if the entire sector could achieve similar results, then shrinkage could be reduced by as much as $18 billion.”

Eighteen billion dollars is a lot of stolen baby formula and Nike shoes.

How did these companies reduce retail fraud?

The five companies that participated in the survey had these nine common traits:

  1. Establishing senior management commitment
  2. Ensuring organizational ownership
  3. Embedding Loss Prevention
  4. Providing strong leadership and developing a team
  5. Using barometer management
  6. Innovating and experimenting
  7. Talking shrink
  8. Prioritizing procedural control
  9. Empowering store staff

For a full explanation of these ways to shrink shrinkage, please read the article in its entirety.

Interesting, (to us, at least) four of these nine traits can benefit from an identity resolution solution that can rescue retailers from Loss Prevention Magazine calls the “data desert.”

Writes Beck and Peacock:

“…until relatively recently [the five retail companies] have largely operated in a data desert, often making decisions based upon gut instinct and guess work rather than solid data and informed analysis. Indeed, in the absence of reliable and timely data, the industry has tended to focus almost exclusively on the most overt form of shrinkage—external theft—to the detriment of other key problems, such as internal theft and process failures.”

Here’s how identity resolution can help.

Providing strong leadership and developing a team

For pre-employment screening and tapping into external databases to identity current staff with public records of dishonesty, identity resolution solutions easily glide across multiple data sources (e.g., lists of known shoplifters, bad check writers, vendors, returns, perpetrators of organized retail crime, and LERPnet) and finding linkages that indicate fraud.

For more, see Employee Screening: An Ounce of Prevention is Worth a Pound of Lobsters

Using barometer management

Beck and Peacock say it best:

“The need to be led by numbers and not by intuition was a clear message. How this was achieved varied between the companies, but all had invested heavily in ensuring that they could not only monitor the rate and extent of shrinkage at a highly granular level (almost always SKU level), but also that they could analyze data to seek out trends and deviant behavior, usually through some form of data-mining technology or software.” [Emphasis added.]

Innovating and experimenting

Loss Prevention is not a static field. A previously good employee suddenly turns bad. Criminals innovate and adapt to current LP strategy. These scenarios and thousands of others require real-time access to data and a flexible architecture that works with many different platforms, systems and even sister stores in other locations. A good identity resolution solution can help answer all these questions in real-time:

  • How many returns has an individual really made?
    • Has John Smith made 3? And Joey Smythe 4 more?
  • Are you about to hire someone who has been caught shoplifting in one of your stores? Are they working there right now?
    • Or a sister company’s store?
  • Which employees are returning merchandise without identifying themselves?
  • Who is purchasing at discount and returning for full price?
  • Does a multiple-return item match a missing shipment?
  • Are restocking fees affecting high-value customers?
  • Is a ship-to address similar to a previously fraudulent address?
  • Which customers have multiple identities? And why?
  • Do any of those identities correlate to an employee or vendor?
  • How can you trigger higher quality investigations?
  • How can LP know all about a suspect they’re really dealing with?
  • Is there a relationship between an incident victim and an employee eyewitness?
  • Does John Smith deserve a red carpet?
  • Or a red flag?

For more, see Identity Focused Retailing.

Prioritizing procedural control

Finally, for halting deviance and enforcing compliance in procedure, identity resolution solutions can make automated decisions and impact business processes in real-time, limiting the need for human intervention.

Identity Resolution Daily Links 2007-10-15

Monday, October 15th, 2007

[Daily Post from Infoglide Software] Community banks, Credit Unions: Only Half Employ Technology for BSA/AML Compliance

“Guess which half feels more confidence in their Bank Secrecy/Anti-Money Laundering (BSA/AML) compliance efforts.”

AFP: US welcomes global money-laundering task force action on Iran

“The United States Friday welcomed action by an international anti-money laundering watchdog urging Iran to close loopholes in its financial system and take steps to limit terrorist financing.”

Counterterrorism Blog: Tightening the Financial Squeeze against Iran

“For the first time, FATF specifically addressed the dangers that Iran poses to the integrity of the international financial system. In a statement, FATF concluded that ‘Iran’s lack of a comprehensive anti-money laundering/combating the financing of terrorism regime represents a significant vulnerability within the international financial system.’”

Loss Prevention Magazine: Lessons from Low-Shrink Retailers - Nine Ways to Save $18 billion

“…until relatively recently they have largely operated in a data desert, often making decisions based upon gut instinct and guess work rather than solid data and informed analysis. Indeed, in the absence of reliable and timely data, the industry has tended to focus almost exclusively on the most overt form of shrinkage—external theft—to the detriment of other key problems, such as internal theft and process failures.”


Bad Behavior has blocked 620 access attempts in the last 7 days.

Close
E-mail It
Portfolio Strategy News The Direct Marketing Voice