Published on March 12th, 2019
Written by Aanand Krishnan, CEO and Founder of Tala Security


Tala is focused on credential theft, which is usually the first stage of the fraud process. In contrast to traditional user profiling, Tala uses a unique server profiling approach to detect and block credential theft.

One of the really exciting conversations we are having with customers today is around fraud protection and how Tala can help. This blog post will clarify how Tala is different from your existing fraud protection solutions.

The 3 Stages of Fraud

To understand how Tala fits into your fraud initiatives, it's important to understand that a fraud attempt has multiple stages.

  • Stage 1 - Credential Theft: In the first stage, the hacker steals or obtains user credentials. Increasingly, we are seeing credential theft happening via formjacking, with nearly 5,000 websites falling victim to such attacks every month.
  • Stage 2 - Stolen Credentials are Sold: In the second stage, fraudsters obtain the stolen credentials from hackers through the dark web or other means.
  • Stage 3 - Stolen Credentials used for Fraud: In the final stage, a fraudster uses the stolen credentials or credit card information to perpetrate fraud.

Profiling: Traditional Fraud Detection Mechanisms vs. Tala

Traditional fraud detection systems are focused on the third-stage of fraud. Companies like IBM, F5, RSA and others offer solutions in this space. These products are interested in detecting misuse of credentials.

Traditional fraud detection systems are focused on the third-stage of fraud.

These products first profile end-user behavior and then detect fraud-like anomalies in real-time. The profile is typically built via insertion of JavaScript which then collects user or device information such as cookies, device fingerprinting information, OS details, location and other user patterns. Once the user profile has been built, if the fraud detection product detects behavior that seems anomalous, the system issues an alert, and the user might either be asked for additional information (e.g., biometric information), or the session might be blocked completely.

As a very rudimentary example, the fraud system might have profile user John who typically uses a Windows PC to login to his bank account during the daytime from California. Tomorrow, if the fraud system detects a login from John's account coming from a mobile phone from North Korea, the system will automatically flag a suspicious login attempt, potentially fraud.

Tala is focused on the first stage of fraud.

On the other hand, Tala is focused on the first stage of fraud - Tala's focus is on detecting the theft of credentials (stage 1) as opposed to the misuse of credentials (stage 3). With the advent of formjacking, hackers are able to steal user credentials right from the browser. Tala blocks such browser-side attacks right on their tracks.

Like traditional fraud detection systems, Tala also builds a profile. However, our profile is quite different in that we sit on the client-side and build a behavioral model of the servers, rather than the usersTala builds a surgically precise model of all the code, content and data collection by all the servers, whether they are your own, or belong to third-party services. We perform static and dynamic analysis as well as risk assessment. We extract 50+ behaviors on every page of a website. Tala builds this profile without requiring any instrumentation. Tala then uses this profile to build a sophisticated behavioral model and risk map of the website.

Traditional fraud solutions sit on the server and profile user behavior. Tala does the opposite - we sit on the browser (without needing instrumentation) and profile server and device-side behavior.

Tala's profiling also helps us detect and block credential theft attacks. As an example, if one of the third-party services integrated into your website has malicious, card-skimming code added to it (e.g., Magecart), Tala will automatically determine that the third-party has been compromised and block the code from getting executed, or block the malicious behavior (e.g., data exfiltration attempt).

We are truly excited to be working with some of the largest enterprises in filling an important gap in their fraud protection systems. Drop me a note or comment if you have any questions.

If you're interested in taking a look at Tala's profile for your website, contact me as well.

Aanand Krishnan, CEO and Founder of Tala Security

Aanand Krishnan, CEO and Founder of Tala Security

Aanand Krishnan is the CEO and Founder of Tala Security. Prior to Tala, Aanand was most recently a senior director of product management at Symantec where he built Symantec’s first big data security analytics platform and led key strategy projects that helped establish the company’s vision and strategic focus. Aanand spent several years in investment banking at and mergers and acquisitions at Morgan Stanley and Dolby Labs and acted as an adviser to leading security software, semiconductor and clean tech companies. He started his career building high-speed optical networking products at Agilent Technologies. Aanand holds an MBA from Berkeley where he was a recipient of CJ White Fellowship, a Masters in Photonics and Optoelectronics from UC Santa Barbara where he was a QUEST Fellow and a Bachelors in Electrical Engineering with Honors from BITS, Pilani.

Find Aanand on LinkedIn


Sign up for our Newsletter

Hand-picked security content for security professionals.