SuperFreakonomics Book Club: Can a Banker's Algorithm Help Catch Would-Be Terrorists?

The SuperFreakonomics Virtual Book Club invites readers to ask questions of some of the researchers and other characters in our book. (Earlier Q&A’s can be found here.)

This week we’re offering up “Ian Horsley.” By day, he is employed in the anti-fraud department of a large British bank; but in his every spare moment for the past few years he has been working hard in collaboration with Steve Levitt to build an algorithm that can identify potential terrorists by their retail banking data. A few excerpts:

He doesn’t work in law enforcement, or in government or the military, nor does anything in his background or manner suggest he might be the least bit heroic. He grew up in the heart of England, the son of an electrical engineer, and is now well into middle age. He still lives happily far from the maddening thrum of London. While perfectly affable, he isn’t outgoing or jolly by any measure; Horsley is, in his own words, “completely average and utterly forgettable.”


The procedure [to build the algorithm] would require two steps. First, assemble all the available data on these hundred-plus suspects [already arrested by British police after the 7/7 bombings] and create an algorithm based on the patterns that set these men apart from the general population. Once the algorithm was successfully fine-tuned, it could be used to dredge through the bank’s database to identify other potential bad guys. Given that the United Kingdom was battling Islamic fundamentalists and no longer, for instance, Irish militants, the arrested suspects invariably had Muslim names. This would turn out to be one of the strongest demographic markers for the algorithm.


There were also some prominent negative indicators. The data showed that a would-be terrorist was disproportionately unlikely to:

Have a savings account
Withdraw money from an ATM on a Friday afternoon
Buy life insurance

The no-ATM-on-Friday metric would seem to be a proxy for a Muslim who attends that day’s mandatory prayer service. The life-insurance marker is a bit more interesting. Let’s say you’re a twenty-six-year-old man, married with two young children. It probably makes sense to buy some life insurance so your family can survive if you happen to die young. But an insurance company may not pay out if the policyholder commits a suicide bombing. So a twenty-six-year-old family man who suspects he may one day blow himself up may not waste money on life insurance.


As of this writing, Horsley has handed off the list of 30 to his superiors, who in turn have handed it off to the proper authorities. Horsley has done his work; now it is time for them to do theirs. Given the nature of the problem, Horsley may never know for certain if he was successful. And you, the reader, are even less likely to see direct evidence of his success because it would be invisible, manifesting itself in terrorist attacks that never happen.


Most comments miss the point.

The disclosed parameters are obviously for illustration purposes about how the technique works. By themselves, they probably "single out" about half a million people. It's ridiculous to reach conclusions about the usefulness of this technique just based on them.

However, if the final "secret ingredient" really narrowed the list down to 30 people out of the 60 million or so in the UK, it would be equally ridiculous to NOT make a check on them.

Of course there will be false positives and false negatives, but so what? It is not that these 30 people will be arrested or even contacted. The authorities only need to take a closer look at their activities, for instance see if they are in contact with other suspects. But since the probability of catching at least one terrorist among them is high, not checking on them would be negligent.

To the ones that disagree, please imagine how would you feel if your kid was killed by a terrorist that happened to be on that list.




By disclosing this practice, do you lower the odds that you will identify future terrorists? Put alternatively, do terrorists read SuperFreakonomics?

Jacson Querubin

I think that, like any other profiling system, it would be a lot of false positives!

it will either spend a lot of money and don't work well (because you need a lot computational power and remember, it's like a NP problem!)

(sorry about my english, I'm not a native speaker)


National, see-all databases do exist- credit reporting agencies get everything from all of your banks, all of your mortgages, all of your investments, and all of your credit cards.

Privacy is an illusion, and private industry has made many a dollar from it. But society is benefited too, because we can trace when people are likely to be terrorists. Or when people are likely to sell a home, forecasting minor crises.


It takes very little to trigger some kind of anti-fraud alarm at my bank. In fact I have lost money a couple times, as a result of a an international wire transfer getting delayed (because of some red flag or another), and a bad exchange rate shift making it more expensive the next day.

What's worse it seems every financial fraudster can figure these "red flags" out and figure out ways to avoid them.

Are they in the progress of making fraud detection less paranoid and more effective? When should we expect a shift to better security protocols in financial institutions?


So where exactly does one find a 'owns no life insurance' database? In the US there are probably hundreds of life insurance companies that keep their customer data in all types of formats. Compiling a list of everyone in America who doesn't have life insurance is no easy task. At least 'doesn't use their ATM on Friday's' may be workable as Visa and Mastercard have a lock on most credit card transactions.

It's not really much of an insight to say that some odd commonalities can be revealed by churning huge amounts of data. Netflix and Amazon both know this very well. What should be addressed is the feasibility of actually obtaining this data.


Did anyone else expect a discussion about avoiding deadlocks in this article? See Dijkstra's algorithm:


Point of personal interest: Is the algorithm shared with other banks? Having been in this particular field of law enforcement myself, I know how little information is available to go by and how hesitant banks can be to invest in proper analysis of their data. As I am currently active in data-analysis (no longer forensic), this topic continues to be of professional interest to me.

Chris McLaughlin

I read this chapters in the book and immediately wondered about what Variable X is. I imagine it's probably something fairly small and innocuous by itself, but taken with all the other factors, makes it a powerful discriminator.

It's probably something like mis-entering your ATM pin frequently, or changing your PIN alot, or always using the same ATM, or always using different ATMs, or getting cash from foreign ATMs on a regular basis, or going in to change local currency to foreign currency, etc.



Variable X is most likely a combination of elements, not one single one;
For instance that has done the Haj recently, created a new account as individual (away from family's), the flow of money comes from a poorer country than the receiving one to a non student, not filling email account on the Western Union forms by a young sender, etc...

Not for a bank but for a police prospective, that I am using a Tor proxy for writing this will raise flags too (Tor can be traceable still due to patterns of logging and visited sites...)

In any case, I still find the idea of actively profiling like that unethical and should be even illegal... even when the odds of catching a terrorist is high as the authors claim.


The company 'Ian hosley' created seems have a similar business model to Detica
Anyone know if theres a connection?


I believe Variable X may be frequency of account balance inquiries. Per the description in the book, it's a common activity when done infrequently (perhaps a few time a week). I imagine terrorists waiting for funds to come through would be checking their account balances much more frequently than normal. Certainly not enough to throw up a flag on its own, bit it could very well be the mystery factor.