Real-Time Protocol Decoding and Multi-Link Correlation

Real-Time Protocol Decoding and Multi-Link Correlation

Automatic decoding of custom, packaged and payment-specific protocols

What payment transaction protocols does INETCO Insight decode and correlate in real-time?

INETCO hosts one of the largest banking and payment protocol decode libraries in the world. We specialize in decoding any type of banking and payment transaction in real-time, with any sensitive or forbidden fields being masked or deleted for PCI compliance.

As data is being ingested, INETCO Insight automatically carries out the decoding of each and every transaction protocol in real-time, providing an unprecedented level of detail within transaction data sets. This process involves:

  • Time sequencing of the incoming raw transaction data
  • Decoding the individual data fields within the application payload messages
  • Extracting and assembling application and network messages from the data
  • Multi-link correlation of the transaction across its journey to see how every end-to-end transaction completes

Hundreds of transaction fields can be analyzed in milliseconds, with the rules-based alerts engine, machine learning algorithms and risk scoring models being continuously updated with each customer event. The real-time reconstruction of every end-to-end transaction gives you the power to see how each individual customer interaction is performing as it traverses multiple devices, technologies and network infrastructures – making it easy to pinpoint where failures, bottlenecks, missing transaction links, message field tampering or usage anomalies are occurring.

How INETCO Insight decodes and correlates transaction protocols

Time sequencing of the incoming raw transaction data

Upon collection, raw transaction data is time stamped, filtered and encrypted to ensure that sensitive information is always protected, and ensure transactions are analyzed in the right order.

Automatic decoding of single- and multi-protocol transactions in real-time

INETCO Insight uses a “table driven” approach to quickly define the decode tables for each message type within a transaction. This includes fields such as currency amount, transaction type (ie: withdrawal, deposit, purchase, reversal, add to card), transaction status (ie: successful, declined or failed) terminal ID, response code errors and card type. The INETCO Insight decode libraries are constantly expanding, and currently support a number of custom, packaged and industry-specific variants.

Extracting and assembling application and network messages from the data

INETCO Insight streams decoded messages to a feature extractor and builder. Application payload messages, metadata, response/request timing and network communications information is parsed out for each transaction and assembled in a categorized model. Sensitive fields such as PANs and PIN blocks are masked or deleted. These are the fields upon which the rules-based alerts engine, supervised and unsupervised machine learning models will assess the validity of each transaction.

Multi-link transaction correlation and end-to-end transaction profiling analysis

Once messages have been decoded, INETCO Insight correlates node to node transaction flows on the fly – even across multi-protocol transactions. A proprietary hierarchical framework is used to organize application and network messages in a view that spans from a high-level business process transaction to a low-level link transaction.

“When we approached our IT operations team and learned about the robust transaction data gathering capabilities of INETCO Insight, our fraud prevention team was very excited, especially about the fact this data came with a complete set of message fields. Our team now has the flexibility and visibility it needs to significantly speed up our ability to identify and respond to fraud attacks.”

ANDER MURILLO ZOHN - DEPUTY DIRECTOR OF BIG DATA TECHNOLOGIES, E-GLOBAL