Exclusive Interview with Yinglian Xie, CEO of DataVisor, on Fraud Trends And “Sleeper Cells”

DataVisor is a next-generation security service that uses big data security analytics to identify malicious account campaigns attempting to abuse consumer-facing websites and mobile apps for financial gain. The company's core product is the DataVisor Security Analytics Service, a SaaS-based solution that uses an advanced security analytics engine operating within a Spark-based big data platform that can analyze billions of events per hour and automatically discover unknown malicious campaigns early, without labels or training data.

The LTP team had the pleasure of interviewing the CEO of DataVisor Yinglian Xie. Yinglian shared with us the story behind the company and the solutions DataVisor provides.

The founders of DataVisor, CEO Yinglian Xie and CTO Fang Yu, met while working as researchers at Microsoft Research Silicon Valley where they collaborated together on various Internet security research projects for more than seven years before they started DataVisor.

As security researchers, they saw an increasing trend of online attacks and how there are common challenges faced by different types of online services. They felt their extensive experience and expertise in security could create something new and bigger to potentially protect a wide variety of online services. So they decided to start a company together to achieve this goal.

Here is the transcript of the interview with Yinglian:

LTP: DataVisor recently raised $14.5 million in new funding. What are your plans for fund allocation? How is the company planning to evolve?

Yinglian Xie: We are using the investment to build out the engineering team so that we can continue to build out our platform, and increase our sales and marketing investment in order to expand our customer base.

LTP: Could you give us an overview of the types of threats DataVisor addresses? How are those threats addressed currently in the market? How is DataVisor different?

YX: These organized attack campaigns inflict a variety of downstream damages such as:

Currently, many of these threats are not effectively addressed by traditional security solutions. These legacy solutions are rules and labels-based online fraud solutions that are have become ineffective since they are reliant on having a pre-knowledge of how attacks work in order to detect them, and they only can detect single attackers in an isolated manner. This method doesn’t work as well anymore since it is reactive; cybercriminals continue to change their attack techniques to avoid these model-based security solutions.

DataVisor is disrupting this traditional online fraud detection market by using a unique unsupervised approach that has several significant advantages:

  1. We catch the entire crime ring; not just an individual bad actor.
  2. We catch these malicious campaigns (sleeper cells) before they do any damage.
  3. We detect new previously unknown threats since we do not rely on pre-knowledge of the attack.

LTP: Tell us more about the sleeper cells. What are those and how does DataVisor handle the threats coming from them?

YX: There are many kinds of online attacks and attack techniques that we see in the wild. What they all have in common is that modern attackers are increasingly stealthy and use many different hacker tools to appear as legitimate users. Whether they are mobile phone emulators, fake email and phone services, content polymorphism, anonymous proxies etc., they create armies of fraudulent accounts and remain in incubation for a long time before waking up and conducting their attack. DataVisor has coined this attack phenomenon sleeper cells since they wait weeks or even months before they conduct any damage.

While we are not privy to provide details on our secret sauce since we are still in stealth until early next year, in general, DataVisor has a unique security algorithm that operates within a Spark big data platform that is able to process billions of events per hour to look at all the users within an online service to find the hidden enemy within.

LTP: What are the current fraud trends happening across the different Internet properties?

YX: As we stated above, we see a variety of different attacks across various industries. Financial and e-commerce sites are impacted by fraudsters trying to monetize stolen credit cards or attempting to takeover user accounts to steal their savings. Social media sites have issues with maintaining trust by having fake users & reviews as well as spam campaigns that disrupt the user experience and circumvents ad revenue. Gaming and online-to-offline sites have problems with user acquisition promotion fraud as they try to grow their user bases as well as in-app purchase fraud. The one thing they all have in common: they are targets of well-organized attack campaigns that try to create armies of fake users that appear as legitimate users to the naked eye, so they are very difficult to detect using traditional methods.

LTP: What are some milestones you have for DataVisor? Are you planning to expand or add new services?

YX: DataVisor just announced the latest round of financing in October, and we plan to officially launch the company in early 2016. Although we are in stealth, our product is in full production and several large Internet properties today including Yelp, the world’s largest social review company and Momo, one of the largest social mobile apps in China with over 180 million users.

LTP: Tell us more about your participation at Money20/20. What did DataVisor expect at the conference specifically and what did you want attendees to know about the company?

YX: DataVisor attended Money 20/20 to better understand the top problems of the online service industry, and build awareness for DataVisor as a next-generation security solution that is taking a fresh, more effective approach to solving these problems around online fraud.