2003 May 01
Behavior Tracking Systems
David M. Raab
DM Review
May, 2003

Don’t get me wrong: I rarely watch television. But I just happened to see a detective show the other evening, where the murderer’s alibi was he had been running a marathon at the time of the crime. His proof was the race organizers’ log of his progress through the course, captured automatically from a small radio transmitter attached to each runner’s shoe. The explanation, surprising only to the TV characters, was that the criminal had attached his transmitter to a camera truck following the race.

Simple-minded as it is, this plot neatly illustrates two major challenges in tracking customer (or criminal) behavior.

The first challenge is accurately relating devices to individuals. In the TV show, this should not have been a problem: each radio transmitter was specifically assigned to an individual runner. But many behavior tracking schemes rely on assumed relationships between a person and, say, a cell phone, automobile or computer. Yet the person who purchases or registers those devices is not necessarily the actual user. Such devices may also be shared, borrowed, transferred, stolen or otherwise separated from their primary user. For most marketing applications, the cost of an error is insignificant: when working on a friend’s computer, I see an ad intended for them; the auto dealer sends me maintenance reminders on a car my son now has at college; varied purchases of different family members, all on the same credit card, prevent a merchant from effectively targeting its offers to our household. The consequences may be more severe when surveillance and security are involved: someone called Pakistan on my stolen cell phone yesterday, and now the airline won’t let me fly because I’m flagged as a potential terrorist. Or a real terrorist’s suspicious travels are obscured because the same car is used by other family members for benign activities.

Even these examples make the somewhat optimistic assumption that an individual can be associated with a device in the first place. In the old days, criminals made calls from pay phones to avoid wiretaps; today, they have more sophisticated ways to be anonymous like prepaid cell phones and public Internet terminals. For marketers, government regulations and consumers’ own privacy concerns make it increasingly difficult to gather usable personal information as a byproduct of regular business contacts.

Some of these problems can be addressed through better analytical tools. Sophisticated pattern recognition software can sift through transactions to separate the suspicious wheat from the innocent chaff. At least in theory, powerful systems could look for overlapping usage patterns across different devices, and notice, say, that this automobile frequently carries those three cell phones, which might then be treated as a group. Whether such systems would generate enough useful information to justify the potentially astronomical cost is another question. But given the physical fact that the same device can be used by different people, data analysis can only go so far.

The second challenge highlighted by the TV show is identity verification. As the plot illustrated, any device not physically attached to its owner can give false information about the owner’s location or the current holder of the device itself. This problem has long been obvious: it’s why ID cards have photos, computers have passwords, and credit authorization systems question unusual transactions. Marketers sometimes ignore the issue when stakes are low. For example, they might give gold-level service to anyone who calls from a telephone number associated with a gold-level customer, without first verifying that the individual making the call is indeed qualified. But they nearly always insist on active verification for a significant transaction. Just try calling on your cell phone to change the service plan without knowing your own name, address and Social Security Number.

Identity verification has long been subject to cost/benefit analysis. But anti-terrorism applications change the calculation significantly. If everyday transactions are used to identify security risks, then it’s necessary to ensure those transactions are associated with the proper individual. Consider credit card purchases, which are now lightly verified but are central to most surveillance schemes. Without adequate point-of-input verification, a terrorist might use the identity of an individual whose regular behavior includes actions that would otherwise be suspicious–such as buying fertilizer that can be used to make explosives. If the stolen identity is used just once, right before an attack, there would be no time for normal fraud detection systems to notice it. Or a terrorist might steal several credit cards and use each for a different transaction. Surveillance systems would not view these transaction together to see that they form a suspicious pattern.

In the last example, the terrorist need not actually steal the several credit cards. He could simply set up (or borrow) multiple, legitimate credit cards to spread the transactions across different accounts. This is a different aspect of identity verification: finding the actual person behind each established identity. It’s a classic problem in commercial applications such as money laundering or credit fraud. But typically the commercial solutions search only an institution’s own accounts or, at most, a shared industry database of known abusers. For anti-terrorism applications that correlate information from different types of activities, the challenge is much greater. It’s hard to see how surveillance can be effective without a national system that assigns one–and only one–ID to each individual. This ID would be associated with activity data from different sources (bank accounts, cell phones, credit cards, drivers licenses, etc.), so the data could be linked for quick analysis. Of course, this also assumes accurate point-of-input identify verification through information (e.g. passwords) or, more likely, biometrics (retina scans, voice recognition, thumb prints, etc.).

Of all proposed surveillance tools, a national ID system is probably the most controversial. It is rejected by many Americans with different political viewpoints, including some with little objection to other surveillance techniques. (This may reflect an intuitive assumption that surveillance will apply only to other people–the bad guys–while a national ID system would affect them personally. A similar pattern has been observed with other privacy issues.) Yet it’s clear that a national ID is the linchpin of any effective anti-terrorism surveillance system. So the issue must be resolved before huge resources are wasted on other, peripheral components of a surveillance infrastructure.

* * *

David M. Raab is a Principal at Raab Associates Inc., a consultancy specializing in marketing technology and analytics. He can be reached at draab@raabassociates.com.

Leave a Reply

You must be logged in to post a comment.