Improved techniques involve comparing paronymous addresses received in transaction data with trusted sets of paronymous data stored in a database by both a trusted client computer and a trusted server computer. Along these lines, the trusted client computer sends data packets to the trusted server computer that contain network addresses and a secure identifier. In response, the trusted server computer sends acknowledgment data packets containing encrypted network addresses and the secure identifier. Upon sending the acknowledgement data packets, the server computer communicates the network addresses to an aggregator. When the client computer receives the acknowledgement data packets, the client computer communicates the network addresses to the aggregator. Once the aggregator receives transaction data containing paronymous addresses, the aggregator compares the paronymous addresses to those communicated to it by the trusted server and client computers. Based on the comparison, the aggregator determines the likelihood that the paronymous addresses are legitimately synonymous.