Getting to Next-Generation, Real-Time Fraud-Prevention Solutions

We’ll never get there so long as we rely on traditional tools. Since criminal tactics are constantly evolving, solutions must be adaptable, as well.

The economy relies on secure and safe transactions. Maintaining a stable and efficient business depends on effective security. In particular, eliminating fraud is fundamental to the ongoing viability of many businesses, especially those buying and selling on the Internet.

The question businesses are asking is, “How do we efficiently eliminate fraud in real time?”

Traditional fraud-prevention tools alone have failed to reduce fraud. In spite of myriad companies espousing new fraud-prevention techniques, fraud losses have consistently hovered around 6 cents per $100 for the last 20 years.

Why? Because fraudsters adapt and evolve their techniques, while the legacy technologies used to fight fraud are incapable of adapting to continuously changing behaviors. While these technologies provide some benefits, they also suffer from several important limitations in the face of today’s ever-evolving fraud schemes:

1Popular legacy approaches, including business rules, data mining, and neural networks, all use historical fraud data to train models and write rules. Using only data from the past limits one’s ability to identify and stop new fraud schemes. As a result, models and rules are outdated as soon as they are implemented, requiring expensive tuning and model refreshes.

2 These approaches apply the same logic to every entity (cardholder, device, merchant, etc.), though the spending behavior of each entity differs. In the case of business rules, gaining insight into individual spending behaviors would require an unimaginable set of rules. Neural networks and data mining try to extract macroscopic behavioral patterns from historical data. Solely relying on these approaches results in low detection and high false-positive rates.

3 Modern fraudsters are exploiting the proliferation of payment technologies and methods. Financial institutions’ inherent structural rigidity often can also be a fraudster’s best friend, as silo structures and delivery channels lead to stove-pipe, myopic anti-fraud strategies that fail to share intelligence across relevant channels. This is especially important in today’s connected world, where commerce occurs via  myriad channels and devices.

Programming Limits

Anyone impressed by the increasing speed and colossal memory capacity of computers will not be able to find in these, or any other astonishing computer traits, any manifestation of even the slightest fragment of intelligence as long as computer programming remains purely algorithmic.

An algorithmic program is a deductive set of successive operations applied in a fixed order. An algorithm enables the computer to repeat long suites of logical operations tirelessly and accurately, as long as the algorithm is correct.

An algorithmic program neither knows how to take any initiative nor stray from a fixed line of code. The programmer must dictate the precise succession of acts for the machine to accomplish.

Business problems that require a minimum amount of reasoning, such as the continuously changing nature of fraud, cannot be transcribed into an algorithmic form.  Effective fraud-prevention solutions must not rely exclusively on predefined rules or structured queries to anticipate every possible scenario.

This is also true of programs based on data mining, Bayesian networks, neural networks, object-oriented languages, and so on.

To be more specific:

– With business rules, you must predict these possibilities by writing all of the possible rules (obviously impossible);

– With data mining, you must generate a decision tree that takes into account all possible cases (obviously impossible);

– With neural networks, you need to have access to, and train your system with, all the possible patterns (obviously impossible);

– With object-oriented languages, you must foresee, know, and program all possible methods (obviously impossible).

Take the example of chess. What difference is there between a good game of electronic chess (programmed with all of the known algorithmic techniques like MinMax, Alpha-Beta, Scout, Mtd, SSS*, etc.) and an excellent player?

The computer works in “brute force” mode, working at a prodigious speed to react to the present situation and the situations that might occur during the next five or six turns. After this line of horizon comes the invisible.

Furthermore, the importance of a piece is simply determined by the affectation of a number. For example, it will sacrifice a pawn to save a knight one time. The knight remaining has once again fooled the computer and distracted it by this defensive strategy. An algorithm is, in essence, incompatible with the notions of strategies and evolution.

An excellent chess player works by goals and sub-goals. He fixes on an objective strategy from the beginning. He progressively puts the conditions of the win in place of this objective in working out his strategy in goals and sub-goals. His moves are therefore at the service of his strategy and not in “brute” response to the situations he encounters.

Effective Fraud Prevention

So what does an effective real-time fraud-prevention solution look like? Effective real-time fraud prevention will require technologies characterized by several key features.

1 It should extend beyond pre-programmed algorithms. Algorithmic programs will neither know how to take any initiative nor stray from a fixed line of code. The programmer must dictate the precise succession of acts for the machine to accomplish. However, business problems that require a minimum amount of reasoning (such as the constantly evolving nature of fraud) cannot be transcribed into an algorithmic form.

Effective fraud-prevention solutions cannot rely exclusively on predefined rules, patterns learned from historical data, or structured queries that try to anticipate every possible scenario.

2 It should be data agnostic. The proliferation of payment types and methods requires technologies that are flexible and can manage data in any format (structured and unstructured) and volume.

3 It should prevent rather than detect. Solutions that do not provide real real-time capabilities (before authorization) are inefficient as they do not proactively prevent fraud losses from occurring.

4 It should profile behavior on a one-to-one basis. Every individual’s spending behavior is different. Effectively reducing fraud requires understanding this behavior at an individual level.

5 It should offer multiple layers of protection. To efficiently prevent fraud, a solution must provide protection at the following layers:

– endpoint and navigation, using advanced device ID and clickstream analytics;

– user and account, for providing real-time cross-channel behavioral analysis (specific to each individual cardholder and merchant outlet);

– merchant and business, for analysis of the relationships among internal and external entities to detect organized or collusive criminal activities or misuse.

6 It should adaptively learn over time. Once individual behavior is characterized, the technology should continuously update these individual profiles to learn behavior over time.

Additionally, a comprehensive solution should be able to identify data breaches within hours of the first fraudulent transactions occurring. A solution must manage two real-time behavioral-profiling engines: a card-profiling engine (CPE) and a merchant-profiling engine (MPE).

The card-profiling engine continuously updates the behavioral profiles to learn the behavioral characteristics unique to each cardholder. The CPE uses these profiles to evaluate every transaction in real time and assign risk scores.

These scores are passed to the MPE, where they are grouped across multiple dimensions (e.g. specific merchant, branch, location). Within and across each group, shared behavioral intelligence enables comprehensive profiling of all card behavior for every merchant.

Once suspected merchant-breach locations are identified, the MPE updates the behavioral profiles for all cards visiting these locations and raises the corresponding risk scores. This approach will enable the discovery of breaches faster (as soon as the first fraudulent transactions occur).

Smart Agents

This brings us to the benefits of smart-agent technology. Smart agents overcome the limits of algorithms. Rather than being pre-programmed to try to anticipate every possible scenario or rely on pre-trained models, smart agents create profiles specific to each entity (cardholder, merchant, device, and so on) and adaptively learn from the activities of each entity.

Each smart agent behaves according to its goals, observations, acquired knowledge, and interactions with other smart agents. Each smart agent pulls all relevant data across multiple channels, irrespective of data type, to produce robust virtual profiles.

Each profile is automatically updated in real time, and the resulting intelligence is shared across all relevant business lines (card present, card not present, automated clearing house, wire, etc.). This one-to-one behavioral profiling provides unprecedented, omnichannel visibility into the behavior of cards and merchants.

Smart agents enable best-in-class performance with minimal operational and capital-resource requirements, as they focus on extracting only relevant intelligence from data. This enables firms that incorporate smart-agent technology to operate efficiently at scale, without the need for expensive databases or high-end hardware.

Additionally, smart agents can represent any entity and work with any data. As a result, a single smart-agent deployment can provide fraud protection at multiple layers, from endpoints like mobile devices to POS terminals at merchant outlets.

A complete fraud-prevention solution should combine the benefits of existing artificial-intelligence and machine-learning techniques (such as data mining, neural networks, and case-based reasoning), with the unique capabilities of smart-agent technology. The result is a comprehensive approach that is flexible and adapts to ever-changing fraud schemes.

—Akli Adjaoute, PhD, is the founder and chief executive of Brighterion Inc., San Francisco.