RSA 2012 -- Pindrop Security can distinguish a fraudulent phone call from a real one

Vijay Balasubramaniyan

Pindrop Security, one of the 10 companies that competed in the “Innovation Sandbox” at the RSA conference in San Francisco on Feb. 27 has developed a system for detecting the “fingerprint” hidden within the audio signals of any voice telephone call, which can help banks prevent fraudulent transactions and could help police departments identify fraudulent phone calls before they dispatched SWAT teams to bogus crime sites or sent officers to non-existent 9-1-1 emergencies.

Pindrop didn’t win top honors in the sandbox (the first place trophy was bestowed upon another firm called Appthority), but Pindrop’s founder and chief technology officer, Vijay Balasubramaniyan, gathered a lively and curious crowd around his demonstration kiosk during a recess in the competition.

Pindrop’s research into the technical characteristics of a telephone call have convinced it that every call has a unique audio signature. “This is based on over 50 artifacts, such as noise, codec and line loss,” explains the company’s marketing literature. “This fingerprint can authenticate legitimate callers and flag fraudulent callers.”

Balasubramaniyan told Government Security News that his firm’s analytic capabilities can assist dispatchers at a 9-1-1 emergency command center to detect a fraudulent call requesting that a police SWAT team be sent immediately to an incident scene (as happened not long ago in Atlanta, GA) when in fact no such emergency had occurred.

Similarly, Pindrop’s product might be able to help an intelligence agency to determine whether a caller at the overseas end of a U.S. phone conversation -- which was being legally wiretapped -- was legitimate or bogus.

Balasubramaniyan claimed his company’s phone fraud solution can achieve 90 percent accuracy in spotting a fraudulent caller, based on its analysis of a single phone call.

Petar Petrov, who serves in an advisory capacity with PricewaterhouseCoopers Advisory, LLC and heard the lightning-fast three-minute presentation about Pindrop at the RSA show, thought it offered an intriguing idea, which might be able to help provide multi-factor authentication at telephone call centers.

Balasubramaniyan said he began the research that ultimately led to the formation of Pindrop more than four or five years ago, when he was studying for a PhD degree at the Georgia Institute of Technology.

“Pindrop Securiy has developed a patent-pending solution that can identify key attributes of any phone call, including the device used, call path, and geographic point of origin,” says the company’s literature.

For example, a telephone call that a bank in Texas may have expected to originate on a landline from Dallas, TX, may, in fact, have been transmitted on a Voice over Internet Protocol (VoIP) instrument, which originated in Vermont. In fact, Balasubramaniyan told GSN that an unusually high number of such fraudulent phone calls are made by “spoofing” phone numbers that appear to originate in lightly-populated New England states, where there are many unassigned phone numbers.

Balasubramaniyan acknowledges that Pindrop has not yet consummated any sale to a government agency, but likes to imagine that his innovative product will soon catch the eye of police, intelligence or other security-related agencies.