Vlog: 1Kosmos and Outseer Strategic Partnership Extends Use Cases of Outseer Fraud Manager

Mike Engle

In this vlog, Jim Ducharme, Chief Operating Officer at Outseer, and Michael Engle, Chief Strategy Officer at 1Kosmos, discuss how 1Kosmos and Outseer are partnering to prevent account takeover (ATO) attacks and account enrollment fraud.

Mike Engle:
All right, well, welcome to our video blog. My name is Mike Engle. I run strategy for 1Kosmos. I’m joined today by Jim Ducharme. Jim, would you say hello to everybody.

Jim Ducharme:
Hi everybody. Jim Ducharme. I’m Chief Operating Officer here at Outseer.

Mike Engle:
All right, well, thanks for joining us here today. We’re here today to talk about Outseer. Brand new entity hitting the streets, but not a new entity, really, right?

Jim Ducharme:
That’s right.

Mike Engle:
So I was wondering if you would just take a minute to tell us about Outseer and what it’s all about?

Jim Ducharme:
Sure. So I like to say Outseer is one of the oldest startups you’ll ever know. Outseer is actually our new launch of our fraud and risk intelligence business unit out of RSA. So RSA recently went public about a year ago. And as part of that privatization of RSA, we’ve decided to spin off some independent companies. And one of those is Outseer. So Outseer comes from our heritage of, again, fraud and risk intelligence and fighting fraud and reducing friction in digital payments. So we launched that about six months ago and here we are starting anew with all of our hundreds and thousands of banking customers helping fight fraud and reduce friction.

Mike Engle:
That’s great. Yeah. And the term risk-based authentication has come to mind when I’ve seen how you guys do what you do. What are some of the main authentication issues that your customers wrestle with today and maybe how do you address them?

Jim Ducharme:
Sure. So it’s funny because it goes back into our history where our products were called things like adaptive authentication, which was really akin to risk-based authentication. Really what our customers are grappling with is making sure people are who they say they are and that more importantly, the transactions that their customers are trying to execute are legitimate. And so when we think about the evolution of risk-based authentication, it’s really moved from the term authentication. In other words, making somebody do something and whipping out a license or type it in a password to really the risk-based assessment portion of it, really understanding the risk associated with the transaction, and how do we know that what we’re about to do is legitimate, is not fraud that’s trying to happen? So that’s one of the key evolutions and why we move towards this sort of risk-based approach and risk assessment versus the word authentication if you will.

Mike Engle:
Great. So what are some of the variables that go into that assessment? What are the types of things that you see and what can you do with that information?

Jim Ducharme:
Yeah, absolutely. So it’s really all part of the information, right? Data is the key. So we have some great analytic methods to assess risk, but it’s all in the signal. I like to call it the signal that we get into that risk engine to evaluate, is this legitimate? We do have information about the person on either side of the transaction, whether it’s Mike sending Jim Ducharme $50,000 over a wire transfer. We’ve got information about Mike, we’ve got information about Jim, but we’ve also got information about devices, transaction history. Basically, a whole bunch of information about behavioral patterns and, I’ll say, environment to help us understand, is this what we would expect and look for anomalies in any of those patterns? So it really is all about the data, but identity still plays a key role in that signal to make sure that Mike is Mike and Jim is Jim and that we’re trying to do business together.

Mike Engle:
Great segue. So we recently announced a partnership between Outseer and 1Kosmos and love to talk about that here for a minute. So obviously you guys are the king in that assessment of a transaction and you can do things when you detect something bad happening. So we’re excited about the concept of introducing identity and then along with that identity, proof of possession of that identity over and over with some real biometrics. So could you talk a little bit about that and how it augments what you’re doing today?

Jim Ducharme:
Yeah, sure. So how this came to be is at Outseer, our tagline is, we like to see what others can’t. It comes back to that signal. And what we recognize is that we wanted to have a stronger identity assurance part of that signal. And that’s where 1Kosmos comes in. What we were looking for, it is something that gives us more evidence of an identity when it shows up. Traditionally, when there was risk involved in the transaction, probably everybody listening to this is familiar with how you might mitigate that, an SMS, text with an OTP in it, or people will make you pick out the traffic lights, or tell me the color of your first car, or God forbid, say a password. We needed to have different mechanisms to provide identity assurance because so many of those mechanisms are not secure and beyond that, they’re really a horrible user experience. So we were looking for a couple things. One, strong identity assurance. Is this person who they claim to be? And two, a much better frictionless user experience and for them to be able to do that when we think that risk is involved.

Mike Engle:
Yeah. And there’s a couple of standards that we’re going to market with together. There’s the NIST 800-63-3 proofing standard, which since COVID has gotten a tremendous air time out there in the digital realm, right?

Jim Ducharme:
Yeah.

Mike Engle:
So that’s the concept of bringing together a remote digital identity that you could trust and then handing that off to your systems and then making determinations downstream from that. So that combined with FIDO2 authentication are two technologies that we’re excited to see go hand in hand with the Outseer technologies, right?

Jim Ducharme:
Yeah. Yeah, absolutely. And I think you mentioned the proofing piece. The other part of fighting fraud is moving the problem back to when we first meet when the relationship first forms with somebody. That proofing part is the initial introduction of identities. So that we’re looking to establish that trust early on in the relationship versus at the point of a very high-risk transaction. The proofing standards help us do that to really create that initial trust between two parties in the very beginning, versus when you’re in the middle of some critical transaction that we don’t have enough trust during the transaction. So that’s key. And then I think the FIDO2 certifications, those have been really helpful in terms of having standards, ways to interface with wherever people are doing their transactions, however, they’re doing them. So these standards-based approach are key.

Mike Engle:
Yeah. No, I’ve experienced it not just at 1Kosmos, but it’s starting to pop up on the internet. Some banks now are having such a better user experience to prove who you are and I think the future’s optimistic there. Imagine reaching out to somebody’s phone and just asking them to do a quick biometric instead of, “Hey, go fetch that code. That’s going to show up in one, five, or 10 minutes and then typing it into the screen.” And that really goes in the spirit of what PSD2 and applying strong customer authentication to transactions will do for us.

Jim Ducharme:
That’s right.

Mike Engle:
If you could dust off your crystal ball a little bit and see what’s the future of digital identity and what role it plays in what Outseer’s doing today, do you have any thoughts on the evolution of that?

Jim Ducharme:
Yeah. I think one of the challenges I see in the market today is there’s too many stupid human tricks, I like to call them. There’s a tremendous amount of authentication methods out there that people are deploying to help prove people are who they say they are. But what really attracted me to 1Kosmos was this notion of verifiable credentials and I go full circle back to that signal, that data that we need. I want to be able to prove a trust relationship without making the human do some stupid human trick. I want the data to give me that trust and things like verifiable credentials in the future will help us have that identity assurance a lot more silently to the end-user.

Jim Ducharme:
So you can imagine walking around with a digital wallet that has a bunch of trust claims in it, that I carry along with me and can exchange silently respecting privacy, to provide that confidence that I am who I say I am. This transaction’s legitimate. And that I’m transacting with somebody who I trust and know and all very silently. So when I look into the future, I look to move beyond a lot of the things that we make people do, but more on this building up this profile, if you will, of verifiable credentials that can really be the signal that is the foundation for trust in the future in these transactions. That’s what I hope to see. So it’s effortless in making this stuff happen in the future.

Mike Engle:
Yeah. And you’re seeing the big tech companies, the fangs if you will, start to embrace these technologies or at least spin up practices around them. I think you’re onto something there. And I think that’s a great call. Well, I think that’ll about do it. If people want to learn more about this effort, where do they go? And is there any place where we can see this in person in the coming months? Some conferences coming up, even if it’s next year.

Jim Ducharme:
Yeah. So obviously check out Outseer.com, our website that we’ve launched and staying true to being in the family of RSA still. We will be at RSA Conference. We just left Money20/20. It was a great show. And I think our next big event is probably our second in-person event in a very long time is RSA Conference in February where we’ll have our usual big booth and branded Outseer and everything. So look for it there. But check our website out. We’re happy to give folks demos and show you the future of preventing fraud with much more advanced identity capabilities, for sure, thanks to 1Kosmos.

Mike Engle:
Awesome. That was great speaking with you. Actually, RSA was the last conference I went to before the pandemic-

Jim Ducharme:
Same here.

Mike Engle:
… and I didn’t go to Money20/20 and looking forward to a better 2022, right?

Jim Ducharme:
Absolutely. Absolutely.

Mike Engle:
Cool. Thanks so much for your time, Jim. It was great chatting with you.

Jim Ducharme:
You too.

Mike Engle:
And we’ll see you online.

Jim Ducharme:
Yeah. Thanks, mate.

FIDO2 Authentication with 1Kosmos
Read More
Meet the Author

Mike Engle

Co-Founder and CSO

Mike is a proven information technology executive, company builder, and entrepreneur. He is an expert in information security, business development, authentication, biometric authentication, and product design/development. His career includes the head of information security at Lehman Brothers and co-founder of Bastille Networks.