Fighting Fraud : from big data to fast data.

Credit card fraud is the most visible type of consumer fraud: According to The Nilson Report, global damages caused by credit card fraud reached 21 billion dollars (18.4 billion euros) in 2015. Less known to consumers, wire transfer fraud (see https://www.bleckwen.ai/2018/05/31/social-engineering-consequences/) catches the attention of banks seeking to protect their customers, as one single such attack may siphon millions. It is important to realize that the system managing wire transfers is critical to the proper operation of the economy of a country. This system cannot be subjected to major breaches.

Traditional protection methods involve the implementation of expert rules and manual controls to identify and verify the most suspicious operations, but negatively impact the customer journey.

| Machine Learning is a good candidate to improve the level of protection while reducing friction and manual processing during this journey.

During the design phase, creating models requires cold data analysis, in particular to build and choose variables that will reveal specific fraud patterns. Machine learning train on the model using data history. This step uses technologies that are specific to cold processing (batch).

If this part is essential, it is also necessary to consider very early on how the model will be deployed and used on “hot” data. To be effective, fraud fighting tools must be implemented on large data streams but must also be able to minimize processing delays for each wire transfer. New legislation related to instant payments further increases the requirements as to processing speed (less than 20 seconds to fully process a wire transfer[1] and a few hundred milliseconds to detect fraud). Fraud detection systems must operate in this context, which therefore requires designing a specific architecture, supported by appropriate technologies.

The main challenge of implementing a fraud detection system is the operational capacity to manage the flow of wire transfers, during peaks in particular. A fraud detection system must therefore meet at least the following requirements:

  • Comply with delay limitations per wire transfer and debit operation
  • In case of failure, switch to a second system (simple rules or automated approval) so as to not disrupt the complete chain
  • Maintain the integrity of the wire transfer chain (no duplicates or missing wire transfers)

 

precessing chain for credit scoring

The below diagram provides a macro view of the processing chain required for credit scoring.

 

The processing chain indicated in red must be completed in less than 20 seconds. To ensure this, some of the calculations must be performed offline.

  1. Fetching data history: Variables identifying fraud must be able to distinguish between “legitimate” and fraudulent wire transfers. Based on customer habits, old and recent history, these variables are therefore often queried. Old data history can usually be pre-calculated since it characterizes phenomena observed over long periods of time, with little variation. Recent data history must sometimes be calculated on the fly, depending on the observed time scale.
  2. Querying the pre-trained model: The time required for the prediction is generally negligible compared to the time required to train on the data model. This training is therefore also performed upstream.
  3. Interpretation: Analysis and decision assistance is an essential part of an effective fraud detection system, as an effective control call is characterized by precise indications given to the customer, because the risk of authorizing a detected fraud is real. Identity theft associated in cases of social engineering sometimes places the payer in a situation of trust (usual supplier, request from management), even when the alert is given.

To implement this processing chain, the requirement for streaming technologies (Fast Data) is added to existing big data requirements. There is a real technological challenge to providing tools that meet the level of reliability required by the banking industry, and support for recent innovations such as instant payments.

Our next blog post will take an in depth look at these technologies!

 

[1] https://www.europeanpaymentscouncil.eu/what-we-do/sepa-instant-credit-transfer

Leave a Reply

Your email address will not be published. Required fields are marked *