Money Launderers Meet Their Match

In the days of Al Capone, laundromats used to, literally, launder money. Now, that’s any website that a clever bad guy sets up or takes over. Today, Trustwave will launch its transaction laundering service — one that SVP Mike Petitti says shines a new light on those who hide behind legitimate businesses to skirt payment card rules.

As Deep Throat said to Woodward and Bernstein, “follow the money,” and you will see who is doing what, when, how and maybe even why.

In the old days, that was walking on foot to the laundromats that were literally and figuratively serving as fronts to launder money obtained from illicit activities. In a digital world, it’s not that easy. “Laundromats” can take any digital form, and following the money is a web of digital phony storefronts — and more — that engage in transaction laundering activities.

It’s something that Trustwave aims to address by launching a new addition to its Web Risk Monitoring portfolio that will help the acquiring community fight back.

In an interview with PYMNTS’ Karen Webster, Trustwave SVP of Global Alliances Mike Petitti said that the new service offers the ability to look at whether or not a merchant’s site is hosting malware, unwittingly, along with the ability to look at the content from the URL to ensure that there is compliance with the standards from the card associations.

In short, he said, Trustwave’s service to the ISO industry is one that is centered on risk, to make sure that those businesses truly understand merchants in their portfolio.

Said Petitti: “When we look at transaction laundering, it’s really a very complementary service to be used with the existing solutions that we provide, because it further enables the view into the merchant community and helps the ISO really understand where these types of risks are at.”

As Webster noted, transaction laundering has taken on an increased level of importance, given cybercriminals’ ability to use their skills to become more adept over time. The overarching theme for Trustwave’s focus, Petitti said, is to make sure these merchants can pinpoint nefarious activity and stop it immediately. That includes the unknown merchant or entities that might be hiding behind the legitimate merchants, ferreting out the transactions that might tie into nefarious content or illicit goods.

As for Trustwave’s competitive differentiation, Petitti said that its portfolio is a broad one when it comes to security, and he singled out the company’s SpiderLabs [ethical hacker] team, which has been able to operate on the cutting edge of technology when it comes to penetration testing, forensics and application testing.

“There are so many URLs out there,” he said, “that it’s critical to be sure the information that you ultimately are reporting back to the ISO community is accurate.” While Petitti noted that Trustwave has deep analysis from keywords to actual content analysis to image analysis from a technical standpoint, he said that it also has a team of auditors who look for anomalies. The key, he said, is to identify the true violation as opposed to what could be a violation from a superficial perspective but may not be once it is really looked at thoroughly.

And in an era where, as Webster noted, speed is everything, Petitti stated that his firm is able to instantaneously take the steps to validate a merchant, despite the increasing sophistication of the cybercriminals.

“Previously, cybercriminals would break into a large corporation and hit the database in which all of that data was stored,” Petitti said. But now, he said, the tools that cybercriminals deploy are commercial-grade tools developed in the underground community, in a very decentralized manner.

All of this translates into a business model, he said, “that has become very sophisticated.”

Trustwave’s new TLD solution is released today.