Relying on a multi-disciplinary approach for curbing fraud via machine learning


First Published on 4th September, 2018

Machine learning (ML) and artificial intelligence (AI) can help in detecting more fraud with less manual effort and approving genuine customers faster.

ML can also reduce but not remove the amount of rules that need to be maintained, adapt to new types of fraud faster and offers accurate prediction to cut down on false positives, explained Ben Laurie, Head of Asia, Accertify, during a workshop held as a part of complimentary meeting of the Asia-Pacific Airlines Fraud Prevention Group in Phuket.

Organizations need to capture a diverse set of raw variables that describe the transaction, ensure data stability and cleanliness and transform data to create new predictive characteristics.

As for being pragmatic with what to expect from machine learning, it is important to just not rely only on predictive analytics. Problems arise when completely new transactions with no historical data are submitted into the system, and there is no way for the machine to predict whether or not the transaction is genuine or fraudulent. It is important to count on pattern recognition. So even without any prior historical data, the machine is able to detect patterns across different transactions and diagnose if the transaction exhibited bot behaviour or human behaviour. Using big data, the system collects information from the merchant’s website, such as the user’s web movement behaviour. Combined with pattern recognition, the system draws patterns (for both positive and negative behaviour) to map the DNA profile of the user, and determine if other incoming transactions exhibit the same (fraudulent) behaviour or not. The large quantity of information collected from big data makes it difficult for fraudsters to cover all of their tracks, therefore increasing the effectiveness of preventing fraud. Specialists recommend that pattern recognition, deep learning and stochastic optimization are also necessary for combining millions of test results to be crunched for an optimized yes or no decision in real-time.  

Deploying a multi-disciplinary approach combining different technologies - both supervised and unsupervised machine learning -  would better equip merchants to deal with fraud management. Unsupervised machine learning can be used to learn on the fly and identify fraudulent patterns even without having been trained with historical data, i.e. able to identify unknown fraud attacks. 

Machine learning systems are meant to be an improvement from rule-based systems, to reduce reliance on hard rules and to filter out fraud while passing more genuine users. However, machine learning systems only provide probability scores - or fraud scores - and would still require a team of manual reviewers to make sense of the score and thereafter a decision to pass or reject a transaction.

Curbing loyalty fraud

During the same workshop, Michael Smith, Co-Founder, Loyalty Fraud Prevention Association, referred to the issue of loyalty fraud. He highlighted that the issue of identity theft or payments fraud isn’t new. But the functioning of fraud rings, in which fraudsters band together in organized groups, continues to get sophisticated.

"Loyalty is big business, cash = fraud. It is important to balance the customer experience. It's a war, long war," said Smith.

Smith referred to the issue of synthetic identity fraud. This type of fraud doesn’t feature taking over existing identities and emerged since financial institutions improved how they prevent and detect traditional identity fraud. This forced fraudsters to nurture synthetic identity fraud. It is initiated by using a blend of fake information, such as a fictitious name, along with real data, to set up fraudulent accounts.  For instance, “Social security numbers” (in the U. S.) that get targeted most are ones infrequently used or ones those are less likely to use their credit actively, explained Smith.

As for account takeover (ATO) in the loyalty space, it is coming under scrutiny owing to data breaches.

Fraudsters get access to stolen credentials from a number of sources:

·          From data breaches, sold on the dark web

·          Phishing with fake websites

·          Malware, trojans, spyware

·          Social engineering

·          Hijacking a mobile device

The claim for owning an account needs to be handled carefully. Machine learning comes in to understand the user behaviour. Advancements in computing and big data power, as well as the gaining prominence of API-based machine learning solutions, mean that machine learning is emerging a scalable method to grow without increasing risk. It identifies patterns in data that aren’t spotted by humans. So this can result in lesser number of false positives and false negatives.

By Ritesh Gupta, in Phuket, for ATPS