Product Description

ThreatMark Clair is a SaaS (Software-as-a-Service) and fully outsourced platform. Clair utilizes in-house built JavaScript probe (for browsers) or SDK (for mobile phones) to collect data about end users for analysis and final scoring. All data transfer from customer to analytics server is encrypted using TLS 1.2 tunnel. On the Clair cloud analytics server data is encrypted with AES256.

Entity registration (for linkage of existing loan/user identifier with collected anonymous data) and prediction requests are performed via REST API calls. In addition, Clair also features Clair Dashboard which is the part of Clair deployment. Its usage is optional and depends on the customer needs – all scoring possibilities are fully accessible via API.

Overall, Clair architecture and communications can be summarized at the scheme below:

Clair scoring system

ThreatMark Clair represents the modular scoring solution for online consumer lending businesses. By coupling deep behaviometrical user profiling with the state-of-the-art machine learning, Clair was designed to detect bad actors non-invasively during service request, while saving both material and human resources.

Novel data type

In contrast to traditional credit risk models, which operate mainly with historical user data and recommendations provided from credit bureaus, ThreatMark Clair utilize technical data already at hand. That said, Clair by any means is not a substitution of current credit models. It rather works as augmentation of existing risk engines via strengthening them by new data type.

Namely, using JavaScript probe or SDK suite, Clair collects detailed anonymized data about visitors of an application during their whole online journey: device and system information (i.e. fingerprinting), network characteristics as well as behavior biometry data. The latest include mouse movements, keystroke dynamics, DOM elements interaction, site navigation profile, etc.

Overall, differences between traditional scoring and scoring using Clair on different stage of the loan funnel can be summarized on the scheme below:

Deep behaviometrical profiling

From collected user interactions:

Clair extracts hundreds of features, each partially describing user behavior. Combined, these features result in multidimensional vector that represents digital fingerprint of each user’s online behavior. Such fingerprints then can be compared with similar fingerprints form other users.

Supported by additional information about final loan state (e.g., paid back or fraud), selected behavior fingerprints are combined to form several target groups of interest. Using standard classification approach, Clair trains its models to find correlation between user behavior and possible outcomes (e.g. target group – fraud vs control group – paid loan). Then Clair will assign a score to each new user, indicating how likely (s)he belongs to the target group, for example, how likely (s)he turns out to be fraudsters or insolvent.

Such a prediction is possible due to the minor differences in the online behavior of ordinary people, who seriously intent to pay the loan back, and behavior of fraudsters, who use fake identities or intentionally don’t expect to return the loan. As example of such high-level behavioral features, which are processed by Clair on atomic level, can be answers to such questions as – how long is user thinking about taking the loan? Is (s)he trying to optimize monthly installment? Was (s)he reading terms and conditions? How fast is (s)he typing? Or does (s)he just copy-paste the information?

User’s attributes verification

Apart from behaviometrical profiling, Clair performs multiple checks upon information provided by user (and sent to ThreatMark via API). These models use information about user’s mail, name, phone number, network information, etc. for fast check of potential existence of the person and related attributes.

As an example of such verifications can be:

Customized decision making

The final scoring system can be represented by several custom behaviometrical Clair models, each predicting outcome for specified target group, and pre-configured models for user’s attributes verification. The number of behaviometrical models/groups is virtually unlimited and depends on the customer’s business goals. For example, Clair can help with (but not restricted by):

During prediction every Clair model issue a probability score between 0 and 1. This score can be interpreted as a measure of how likely is current user belongs to the target group of interest (e.g. fraudster, insolvent, suspicious email, etc) according to his/her online behavior or related digital attributes. I.e. Clair is trying to describe the user as a human being, rather than as a client, and by the language, which will be understandable by your business.

By default, Clair is trying to adjust score threshold for optimal precision/recall ratio to achieve as less false positives as possible. Such policy results in actionable score upon which customer can immediately react. However, the most customizable scenario would estimate inclusion of every Clair model score as additional variable into already existing risk engine.