Payments & Transactions

Faster payments can be safer payments with augmented intelligence

Share this post:

What do you get when you combine rapid innovation in financial services with unprecedented data breaches? A fundamentally safer ecosystem, or a golden age for criminals?

Let’s take a look.

There is unprecedented transformation in the payments ecosystem, with Fintechs disintermediating banks, PSD2 opening APIs, firms creating new financial products with more convenience and speed, and each department scrambling to onboard new customers earlier. All of this is great for firms and consumers.

Unfortunately, the old fraud and money laundering controls can’t always adapt to new payments types, speeds and channels. For instance, many legacy credit card fraud solutions struggle to handle card-not-present fraud now that chip cards have been introduced in the U.S.  Many ACH fraud solutions don’t handle real-time RTP and Zelle payments.

At the same time, the bad guys are aggressively innovating to take advantage of the blind spots. With the wave of data thefts, there’s a flood of cheap raw material on the black market with which to create synthetic identities and take over accounts. When the person logging into the web or dialing the call center has all the credentials to be you – and cleverly distributes activity across different interaction channels and payment types – no single legacy system sees anything out of the ordinary.

For example, if someone signs on to a bank account at 3 am, it might not be normal behavior for that individual, but it’s probably insufficient to determine fraud. Perhaps a new device is being used. That, too, can be normal. However, if the person initiates a large international wire transfer from an unusual device following an unusual login at an unusual time, the combination would obviously be risky. While this is an extreme example, the point is that understanding all customer behavior is the best way to protect against threats.

To top it all off, the bad guys have technology, too. And they create software platforms that allow them to systematically test new schemes to see what works and then scale up attacks quickly.

So what are financial institutions to do? The answer isn’t as simple as saying “artificial intelligence.” After all, AI has been used in the fraud domain for 30 years. It used to be that standard fraud-detection models were focused on a particular payment type (e.g. credit cards) or a particular channel (e.g. online) and were rebuilt every year or so on historical data at a remote vendor site, on the vendor’s schedule. Today, modern data science techniques can be used to do it faster, but the model building process is still slow and constrained by several factors including (1) the ability to combine data across different payment types and interaction channels, and (2) the speed and ease with which fraud experts can create and test new features and evaluate the fraud protection vs. false positives.

The opportunity is in more rapidly identifying emerging threats and deploying countermeasures, and in looking at behavior across all channels in real time to ensure a complete understanding of each customer’s behavior.

IBM is doing some interesting things in this area.  IBM Safer Payments applies augmented intelligence not just to find fraud, but also to suggest the best analytics to human experts, allowing them to rapidly evaluate and adapt to new threats on the operations floor. The system helps people evaluate among the millions of permutations of raw data, derived statistics, rules, models and thresholds, the combination that provides the highest fraud protection for the lowest false positives. The analysis can be done in seconds by fraud analysts, not just coders, so they can continuously adapt to new and changing fraud threats with the right combination of countermeasures. This approach is a new paradigm in fighting fraud – providing dramatically fewer false positives, radically faster scale and speed, and more control and transparency.

Here’s why adapting faster matters: All frauds are predictable, but only in the window between first detection and the time a countermeasure is put in place. The longer it takes, the more money the criminals make. (See Figure 1)

Figure 1: Lifecycle of a single fraud event.

In a survey of 500 Financial Institution C-Level executives by the IBM Institute of Business Value, 81 percent of bank executives say it takes more than four weeks to discover a new pattern, then another four weeks to adjust the scoring engines. During that entire eight week period, exposure remains.    This exposure happens for every fraud. (See Figure 2)

Figure 2: Lifecycle of all frauds. Eventually, each fraud is stopped…but the longer it takes and the higher the peaks, the bigger bottom line impact.

IBM Safer Payments models may be updated in hours or days so each unique fraud attack can be minimized. Multiply by 100s of attacks against an institution at any given point in time, and the ability to tamp down the money criminals can make from each fraud attempt makes the whole enterprise much less profitable for criminals…and may drive them to greener pastures.

Safer Payments makes machine-learning part of everyday fraud management – no more guessing rules; generate optimized up-to-the-minute models as needed.

This is the idea of Augmented Intelligence.

Customers such as the national payments switch in France, known as STET, rely on IBM Safer Payments to protect the payments of the entire country with billions of transactions per year at latencies of just a few milliseconds.

To learn more about the latest in fighting cyber-crime and bank fraud, we hope you’ll meet with us in Toronto at Sibos 2017. To schedule a meeting, please go to  ibm.com/sibos. Visit IBM’s Stand # E08 at Sibos located in the Metro Toronto Convention Center.

For more information on IBM Safer Payments, please go to www.ibm.com/saferpayments.

Read also:

IBM Watson Financial Crimes Offering Manager

More Payments & Transactions stories

The cloud advantage: Three approaches for implementing cloud for risk management

Compared to traditional data centers, I believe that cloud computing has several characteristics that make it an attractive platform for risk management. First of all, the compute requirements for risk management can vary over time. Cloud provides the ability to scale up resources during peak periods and scale them back down when they are not […]

Continue reading

Driving performance management in sales: The evolving role of the sales compensation leader

Businesses today face the challenge of change—of growing in a market defined by sustained volatility and technological disruption. As organizations mature, central business roles must also evolve to meet the challenges of growth and organizational complexity. The role of sales compensation leader illustrates, perhaps better than any other role in modern business, the lockstep relationship […]

Continue reading

It’s time to embrace customer data privacy and security

Customer data is the modern enterprise’s most valuable asset. For years, enterprises have collected and stored it without giving it a second thought. Now, new technology, business and regulatory challenges are forcing them to rethink how they collect and manage that data. Customer data drives innovations like artificial intelligence and blockchain solutions. For most companies, […]

Continue reading