At Simility, we often talk about the need for machine learning-powered systems to combat a new wave of sophisticated digital fraud. But what exactly is machine learning – and how can it be leveraged to provide an advantage over legacy rule-based tools?
Tapping the Power Of AI
Machine learning is a sub-discipline of artificial intelligence focused on the idea of learning from examples. In doing so, it extracts knowledge and insights without being exclusively programmed to do so.
Before machine learning, rule-based systems were traditionally used. Rule-based systems effectively take knowledge from human experts and convert them into hard-coded rules, which can then be applied to data. At their most basic, we’re talking about rules such as: “if A happens, take action B.” They’re extremely easy to understand and can be defined by domain experts to automate decision-making. However, as fraud becomes increasingly complex, more exceptions appear, and therefore more rules need to be written to manage them. The unstructured nature of enterprise data today also makes it difficult to write rules to detect all patterns.
This is where machine learning offers a more effective approach. It allows us to create algorithms to process large datasets with many variables and help find correlations with different features. Machine Learning is faster, can cope with structured and unstructured data, and is easy to retrain and update with the latest data. There’s also less manual work involved, so operational costs end up lower.
Supervised vs Unsupervised Learning
Any machine learning system has three basics elements:
- Input data: which can come from a wide variety of sources, and be both structured and unstructured. The more data, the more insight.
- Learning process: this can be split into supervised and unsupervised, with different types of algorithms used to achieve different goals.
- Output data: machine learning can be used to deliver results that are either predictive or prescriptive (suggesting action) — delivered as a report or integrated into other enterprise systems.
When it comes to learning types, supervised learning involves the use of input-output pairs. These pairs are used to train the system to recognize certain rules. For example, if we wanted to train a model to detect each fruit in a basket, we could extract features (size and color) as inputs and the name of the fruit as outputs. Thus, “big” and “red” predicts the fruit to be an apple.
Simility uses a similar approach to develop a set of rules via which merchants can evaluate their transactions. For example, if there are more than 10 usernames associated with a single customer address, it could raise a red flag.
Unsupervised learning, meanwhile, involves trying to find hidden structure in unlabelled data without being trained. In the fruit example, we wouldn’t know the name of the fruit but would aim to find patterns inside the data based on features. Apples and grapes could be clustered under the color red, for example. The Simility platform has more than 2000 features (including transaction amount, region, language, etc.), which can be used to cluster the market and discern new patterns.
Putting It Into Practice
So how does all this translate into fraud prevention? The bottom line is that fraud is getting more sophisticated, with cybercriminals increasingly using machine learning and big data analytics to exploit patterns in digital systems and business processes. At the same time, digital transformation efforts have led to an explosion of data that simply can’t be reviewed manually. Organizations therefore need machine learning-powered anti-fraud systems to respond instantly to attacks, in as frictionless a way as possible.
Traditional rule-based approaches just can’t keep up with the velocity of transactions and the volume of data pinging around these systems. Machine learning can spot the context around transactions and adapt to changing fraud patterns to more effectively detect malicious behavior.
At Simility, we use machine learning in several key scenarios:
New account fraud: This is particularly prevalent in financial services. Machine learning enables organizations to build scoring models, and leverage third-party data feeds to automate the approvals decision-making process.
Transaction fraud: Fraudsters often make several small transactions to test whether a stolen card has been blocked or not before using it for one large transaction. Machine learning can spot patterns like these, and map them against the usual spending patterns of each customer to build customized models for maximum efficacy.
MRDC: Mobile remote deposit capture is a kind of check deposit fraud particularly prevalent in the US, where consumers can deposit checks simply by taking a photo with their mobile phone. Once again, context is important. The bank needs a good understanding of each user: the time they usually deposit, location, device, and other characteristics. With this 360-degree view of the customer, we can accurately detect MRDC fraud.
Account takeover: This kind of fraud is on the rise, especially in online banking and retail, thanks to the prevalence of login credentials on the dark web. Machine learning can be applied to detect users’ behavior patterns to spot suspicious activity. Fraudsters usually try to unlock multiple accounts, logging in and out in a short time frame, to check that they’re working, before logging in to alter account details. This is unusual behavior for a normal user, and easy for machine learning to spot, but difficult to write manual rules for.
Unlike most of the examples above, which use supervised machine learning, we can also use unsupervised event prediction to find anomalies in data that may indicate fraud. It can be used to answer questions like “is this client accessing services in the right way?” or “is this a typical transaction?”. It’s a powerful tool, but must be used in combination with other rules, or risk flagging false positives.
With these capabilities in hand, global organizations can finally gain the visibility they need into customer behavior to stop fraud in its tracks before it has a chance to impact the bottom line and corporate reputation.