Fraud Analytics

What is fraud analytics?

Fraud analytics is the use of big data analysis techniques to prevent online financial fraud.  It can help financial organizations predict future fraudulent behavior, and help them apply fast detection and mitigation of fraudulent activity in real time.
More people are using online banking or managing their finances online every year.  In 2020, the worldwide lockdown due to COVID19 convinced even more customers to use online banking for at least a portion of their financial activities. Online fraud, already increasing year over year, has followed suit. Account takeover (ATO), a particularly popular form of financial fraud, jumped over 280 percent between Q2 2019 and Q2 2020.  Financial institutions must, more than ever, apply comprehensive fraud management measures to protect their customers’ accounts.

The challenge of financial fraud

Banks and other financial institutions have a responsibility to their customers to secure their data and finances against fraud or outright theft. This has become a complex task due, at least in part, to customers being able to access their accounts via multiple channels. They can do their banking transactions using a mobile banking app, online banking portal, by calling into the call center, or even visiting the bank in person.
A teller can verify a customer’s identity with reasonable confidence. But how do you verify that the person logging into a bank account online is actually that person and not a fraudster logging in with stolen credentials?  The number of stolen credentials available to fraudsters is staggering. There are over 15 billion stolen credentials for sale on the dark web. Cybercriminals can purchase them for as little as an average $15.43 for consumer credentials to more than an average $3,139 for credentials for an organization’s key systems.

Financial crime use cases

• Account Takeover: ATO is when a fraudster uses stolen credentials to access an existing online account, for example at a bank or merchant.
• Sim Swapping: This is a form of ATO where the fraudster uses a victim’s personal information, stolen from a data breach or gleaned from other information sources such as social media, to convince the mobile company to port the victim’s phone number to the fraudster’s mobile phone.
• Phishing: A phishing attack is when the fraudster impersonates a legitimate website in an email or text to get the victim ultimately to divulge personal information or transfer funds.
• Malware: Fraudsters use various methods, phishing for example, to trick the victim into loading malicious software onto their device to log keystrokes, corrupt data, or render the device unusable unless a ransom is paid.
• Card Not Present (CNP):  In CNP fraud the fraudster uses a stolen credit card account to make a transaction where the physical card is not required, for example an online purchase from an ecommerce site. As with other forms of fraud, credit card fraud is on the rise.
• Man in the Middle Attack: A MitM attack occurs when a fraudster intercepts communication between an online service and the customer for the purpose of stealing information or hijacking the online session.

Fraud analytics is key to financial fraud risk management

The bad news is that online fraud is constantly evolving. As banks put remediation measures in place, new threats appear. Traditional, static rules-based fraud prevention systems can’t keep pace. The good news is that there is a wealth of data available to financial organizations that can be used to predict and detect financial fraud and adapt to new threats.
Collecting a username and password at login is no longer sufficient to guard against fraudulent activity. When someone accesses, or attempts to access, an account there is other data that can be used to determine whether or not this is a legitimate customer and whether or not the transaction requested is legitimate. This includes data like:

• What device are they using?
• Has this device been previously registered with the bank?
• Can they verify their identity with a fingerprint?
• Does the transaction being requested fit their historical patterns?

In an authentication sense, this data can be broken out into four categories:

• Knowledge:  something the user knows, e.g. their password, social security number, etc.
• Possession:  something the user has, e.g. their mobile phone, etc.
• Inherence:  something the user is, e.g. their fingerprint, palm print, etc.
• Behavioral:  something the user does or is doing, e.g. their requested transaction

Answering all these questions requires accessing and analyzing big data. It would be impossible for fraud analysts or data scientists to process such requests manually. One thing banks absolutely don’t want to do is add any unwarranted friction into the customer session.
Traditionally, banks had in place a set of rules that would examine requests and offer a go/no go decision. These rules-based anti-fraud systems keep expanding the rule sets and becoming extremely complex, yet don’t adapt to hidden or unknown threats. They typically result in too many false-positives – blocking legitimate transactions – and missed fraudulent transactions.  On the other hand, machine learning (ML) provides the ability to collect massive amounts of disparate data, analyze that data at scale and in context, and assign a risk score in real-time. This enables a risk-based fraud analytics solution to apply the precise level of security, at the right time, through step-up authentication.

Machine learning models for fraud detection and prevention

Fraud analytics applies machine learning techniques to financial data. Machine learning is a subset of Artificial Intelligence (AI). Where AI is the computer implementation of a human-like thought or decision-making process, machine learning uses mathematical algorithmic techniques to extract complex relationships within the data being analyzed. Fraud analytics uses machine learning to examine all the pertinent data regarding a transaction and assigns a risk score to the transaction. Based on the risk score it makes a recommendation to allow the transaction, block the transaction, or ask for step-up authentication before allowing the transaction. And this can all be done in real time with or without human intervention, providing the financial institution with enhanced fraud prevention without causing undue friction in the customer session. Every transaction, from login to logout, can be examined for potential fraud risk.
A machine learning system can be supervised or unsupervised. Unsupervised machine learning models analyze unlabeled data to identify anomalies between what is usual and what is unusual.  The model can then detect otherwise hidden relationships in the data to infer a function or instruction set that describes the underlying structure and dimensions of the data. This function or instruction set can then be applied to new and unseen data to continue the learning process.
That’s good. But a supervised model is better. With supervised machine learning, the model is trained using labelled data (fraud data and other data) and predicts the likelihood of fraud.  You train a supervised model by presenting it with both fraudulent and legitimate events and running it to develop an instruction set or algorithm that is applied to further examples. The trained model can then identify unknown as well as known patterns to produce an accurate risk score for a requested transaction.

Big data analytics techniques to combat financial fraud

Data science is part of the solution. Financial Institutions collect huge amounts of behavioral, device and transactional data. Analysis of this data by the fraud detection system and/or fraud investigations team can be used in the prevention and detection of financial fraud. But the analysis will only be as good as the data in the data set. With good data, there are a number of big data analysis techniques that a machine learning-based fraud analytics system can use to combat financial fraud.

• Predictive analytics looks at patterns to make predictions on future, heretofore unknown events to understand the potential or propensity for fraud.
• Pattern recognition and anomaly detection identifies events that don’t conform to expected patterns. Machine learning algorithms can learn from the data and make predictions on future events.
• Visual analytics tools include digital channel unification which automatically aggregates and monitors transactions for suspicious activity, web-based case management for fraud analysts to review fraud cases and analyze key fraud indicators, and fraud visualization tools to quickly identify the source of potentially fraudulent transactions.
• Forensic analysis, the examination of the causes and consequences of a financial fraud event, can benefit from visual analytics data which provides data on the users, devices, locations, IP addresses and relationships associated with a fraud case. Analysis of the data and relationships can identify potentially fraudulent behavior and expose cooperation between fraudsters.

Deploying a fraud analytics solution

Tier 2 and tier 3 financial institutions typically do not have large fraud teams or deep resources to devote to fraud prevention. But they need comprehensive fraud prevention because these institutions experience the same fraud use cases and fraud scenarios as institutions with global operations. So it is imperative to choose wisely when selecting a fraud prevention solution. Among the key capabilities to consider, is making sure your preferred vendor has deep experience in fraud prevention within the banking industry. Evaluate the solution for security and controls, scalability, and infrastructure capability. It should use the latest advanced analytics. In addition, a risk analytics-based fraud prevention solution should cover all of your transaction scenarios and support historical data migration.
For the tier 2 and tier 3 financial institutions with smaller, often overworked IT teams, solution providers like OneSpan have professional services teams that can help design, implement and manage a comprehensive fraud analytics solution that works for your organization.

A final word on prevention of financial fraud using fraud analytics

Fraud will continue to grow, whether that is financial fraud, insurance fraud, or even fraud in the healthcare industry. This has the potential to significantly disrupt the customer relationship and customer loyalty. The challenge for financial institutions is to deploy comprehensive fraud protection to mitigate attacks without injecting needless friction into the customer experience. Fraud analytics solutions based on machine learning techniques have been effective in meeting both of these objectives.