IBM RegTech Innovations

Beware of data “science projects” turned fraud prevention solutions

Share this post:

As e-commerce has revolutionized the way we buy and sell online, we are no longer bounded by borders or time zones. Goods can be purchased from anywhere around the world at any time of day. Because of this, traditional rules-based fraud detection systems have become outdated and no longer work. Today, real-time payments require real-time fraud detection.

Modern payment fraud schemes require modern prevention
With so many transactions being done electronically, it’s nearly impossible to have humans alone monitor these transactions and keep fraud and error rates down to acceptable levels. According to a report by Capgemini, global digital payment transactions are projected to reach approximately $726 billion by 2020. Therefore, machine-learning pattern recognition solutions that can effectively monitor and analyze very large amounts of data in real-time are needed to detect unexpected commonalities between fraudulent and non-fraudulent transactions.

To effectively detect these commonalities, these machine-learning pattern recognition solutions need to profile customers’ behaviors across many dimensions including historical activities and interactions. And for proven high fraud-detection rates without increasing false-positive alerts, these profiles all need to be performed in real-time. This is no easy feat.

To do so requires purpose-built solutions utilizing the most advanced technical capabilities including in-memory processing and NoSQL, “dual-access” database technologies with purpose-built data compression that exploits the specific structure of payment data to significantly reduce memory requirements.

Data science projects can have unexpected results in the real world

Data-science-project-turned-fraud-prevention-solution vs. purpose-built-fraud-prevention-solution
Most “real-time” payment fraud prevention solutions in the market today were not designed for the purpose of fighting fraud. Nor do they utilize the most advanced technologies. Instead, they are an amalgamation of legacy fraud solutions coupled together with some new data science projects to create a kind of experimental fraud prevention solution. As a result, these general-purpose data-science platforms have many limitations. Top of the list is processing large sets of data in real-time, which is pretty important when it comes to finding payment fraud. Some solutions try to compensate for these real-time processing shortfalls with slick user-interfaces. But just like a used car with a new paint job and detailed exterior concealing the smoking engine, you might not realize you have a lemon on your hands until it is too late.

And if these solutions cannot handle today’s transactional volumes well, how will they cope with tomorrow’s ever-increasing transactional volumes as well as new data sources such as online banking-related session information and mobile banking-related device and biometrics information streams?

How to determine if you are dealing with a data science project
Every vendor claims its solutions offer “real-time” data processing, but standards for what actually constitutes real-time processing differ widely. Due to the large volume of historical data and the multiple possible dimensions from which to profile, many solutions are not truly capable of profiling this data set in real-time. To some solutions providers, “real-time” may mean they only update the historical transaction database once-a-day and/or perform daily pre-calculated profiles on the dataset. With such infrequent updates and profiling methods, monitoring systems may miss many valuable data points entering the system during the day and increase the window of exposure to emerging fraud threats.
The ability to perform historical profiling in real real-time will become even more critical as real-time payments become more prevalent. Typical real-time payment transactions have very few data elements (sometimes only amount, counterparty, account and bank) already putting fraud prevention solutions at a disadvantage. Without the real-time historical profiling capabilities, fraudsters may use this vulnerability to their advantage and perform activities before customers’ historical profiles could be updated.

So, go ahead. Ask your vendor how often the historical profile database is updated and how frequent the historical profiling is conducted. And if the solution is not able to perform historical profiling in real-time, you can always learn more about a purpose-built, real-time-historical-profiling payment fraud prevention solutions at ibm.com/saferpayments. Really.

WW Sales Leader, IBM Safer Payments, Watson Financial Services

More IBM RegTech Innovations stories

The challenge of managing hundreds of daily GRC alerts

Today we are inundated with alerts, breaking news, celebrity scandals and what their neighbor had for lunch.  The feeds are not limited to one medium; your computer, your television, your phone, your tablet and now even the watch you wear on your wrist. The flood of data that comes in can bury a person. How […]

Continue reading

GRC is everyone’s business

In my May 2019 blog, “Has GRC Reached Its Tipping Point? Observations From The Front Lines”, I described a set of common patterns that are driving business initiatives in Governance, Risk & Compliance. These highlighted that: Organizations are transforming their GRC frameworks, They are driving to realize greater benefits from already significant GRC investments, and […]

Continue reading

Ask the expert: 20 questions fraud fighters want to know

In our webinar yesterday, the first in the series AI Fraud Detection — Beyond the Textbooks, we ran out of time and weren’t able to address some great questions we had from the audience. Instead of waiting until the next episode, I hope these brief answers will be of help and interest to both those […]

Continue reading