Artificial Intelligence at the changing face of Payment Fraud
Source: Rittick Banerjee
A continuous strive towards making payment faster and easier is embracing technology innovation, like never before, which at the same time is creating newer risk exposures for frauds and money laundering. Multi-dimensional initiatives around setting up new infrastructure (RTP in the US, NPP in AUS), building new services/channels (Zelle, fragmented wallets) or in driving technology-led innovation (contactless payments, IoT commerce, Blockchain).
As technology evolves and new form & channel of payment emerge, it creates newer loop-hole for previously unknown pattern of fraud to sneak peek. Initiatives towards Faster & Easier payments are keeping financial industry on its toe to safeguard payments originated anywhere & anytime.
Real-Time Payment brings real-time threat
Rising trend of P2P and m-commerce are fueling growth in Real-time Retail Payment Systems (RT-RPS). The growth has been encouraging, with 18 countries now having a ‘live’ RT-RPS system in place. In the US, the clearing house (TCH) has unveiled its real-time payment rail, which is eventually the first new core payments infrastructure in the US in more than 40 years.
Real-time Payment not only brings speed and efficiency, it also challenges the traditional approach of finding fraud and taking action. By shrinking the transaction processing window in a real-time environment, the time to detect and act on fraud is greatly diminished.
Card-not-present (CNP) fraud on the rise
While EMV could successfully mitigate card-present fraud, criminals began shifting their approach to more complex fraud schemes for card-not-present scenario like Account Takeover that comes out as one of the costliest crime and needs an average resolution time of 16 dedicated hours and appx $300 in out-of-pocket expenses. Account takeovers through social engineering is on rise, where fraudsters rely on a combination of free social media data and data purchased on the dark web to gain potential access to several banking relationships including credit & debit cards they have.
Newer Fraud Prevention mechanisms on the block
To make payments safer and accelerate digital commerce, industry is investing on new fraud prevention measures like Tokenization (replaces Payment Card data with unique token) or 3D secure 2.0 (token-based and biometric authentication instead of static passwords and transmission of rich data during transactions, making risk-based decisions on authentication).
What’s interesting is, issuers are using new tools to fight fraud — machine learning, automation, cloud technology, etc. — but so are the fraudsters. For example, a security researcher has discovered that the tokenization process in Samsung Pay is limited and the sequencing of the tokens can be predicted. Moreover, there is always clean fraud from stolen credit card as fraudsters are finding ingenious ways to get cardholders to hand over their PINs. So, an intelligent and agile fraud detection system also needs to be in place, alongside fraud prevention measures, to arrest increasing attacks through digital channels, adapt to changing behavior of criminal activity and respond at the pace of payment. And here comes the application of Artificial Intelligence …
Artificial Intelligence, particularly Machine learning, as a data science to autonomously learn, uncover patterns and drive hidden insights is not a new concept in Payment world. What is new, in the context of fraud is, how fraud attacks are getting more sophisticated and how the financial industry is pacing up its innovation to cope up with the intelligence of devil brains and at the same time not bleed in its bottom line.
ML has its two broad categories:
Supervised Learning– Known & labelled Input data; Goal is to learn the algorithmic mapping function from known input variables to output variable, so that, the function can predict the output correctly when fed with new inputs
Unsupervised Learning– Unknown & Unlabeled Input data; Goal is to determine hidden pattern/grouping of data
A Traditional ML model for detecting fraud is primarily a rule based supervised learning algorithm; it scores a transaction with the lens of past knowledge and flags known nature of frauds. Let’s first look at an illustrative view of how a traditional ML based Classification model (a type of supervised learning) looks like
Traditional ML based fraud modeling
There are few problems with this model:
Static in nature - Works good for frauds of known nature but can’t detect a new pattern, which increases chance of false negatives.
Costly to maintain - It needs large labeled training dataset (ie past transactions with labeling of good/fraud), which is not easily available and labeling past transactions is costly.
Slow to respond - Typically a card-holder raises a chargeback against a fraud transaction once her statement is generated. Investigating and flagging it as fraud in system takes another 4-6 weeks of time. If a supervised ML model needs to wait for labeling the transaction as fraud to learn a new type of fraud, impact can be multifold during this lag period.
Not robust – As this technique is primarily based on knowledge of past transactions, it misses the variety & speed of information from rapidly growing structured and unstructured data across dark web and social media and combined intelligence by marrying this data with customer’s financial behavioral. An incomprehensive analytical model results in a higher number of false positives.
False Positive hurts
One of the big problems in AML today is the number of false positives. By some industry estimates, as much as 90 to 95 percent of the alerts generated by traditional parameter-based Transaction Monitoring Systems (TMS) are false positives.
Let’s take two scenarios.
Scenario 1: Person X, sitting in UAE, sends AED 1500 to Hyderabad in the morning towards tuition costs for his son and 1000 in the afternoon of the same day for an exam registration fee, which he missed in the morning.
Scenario 2: 4 people walk to a local bank branch in Mexico at different times of the day and sends US$ 2000 - $2500 each to Columbia, where the money is possibly used to distribute and sell illegal drugs.
While the first one is genuine set of transactions, second one is an example of placement/structuring (first stage of Money laundering) to avoid recordkeeping, as the local regulation in Mexico requires additional information for a transaction above US$3000. A supervised ML system, built on prior knowledge of transactions, lacks agility to separate out these two scenarios from risk perspective.
Hence it creates a need for banks & payments players to up their game with AI for real-time prediction and build a flexible & agile system that not only is reliant on pre-programmed rules to flag suspicious transactions, rather continuously learns over time.
How to choose the right model that is scalable – As data is growing exponentially, an approach of labeling past transactions and generating insights based on that, limits the opportunity to scale up the model. Let’s take the previous example of an US customer making a purchase at Spain with a credit card that he didn’t use for past 2 months. Going with a liner supervised ML model, this transaction might generate a false alarm of fraud. So, it requires an intelligent enough algorithmic approach that automatically learns from thousands of features extracted from financial & non-financial information in a payment transaction, customer profile, behavioral pattern, social data etc in order to detect an anomaly.
In AI modeling world, the solution can be found in an unsupervised deep learning based neural network that doesn’t need a labeled training set and on the virtue of self-learning mechanism it continuously updates the model as new pattern emerges.
Here is a simplistic representation of how unsupervised & supervised learning come together to build a robust fraud detection model.
Futuristic Fraud prevention model with ML
An auto-encoder is a neural network (NN) architecture that is composed by an Encoder and a Decoder. The goal of an auto-encoder is to reconstruct inputs in output - the encoder maps the input in a deep learning hidden layer space and the decoder reconstructs the input from the hidden layer. Higher the reconstruction error, higher the possibility of that data point being an anomaly.
This mechanism not only avoids the costly labeling of datasets, it learns real-time and flags any unknown deviation, which after passing thru the supervised model is labeled as a real fraud or a regular anomaly. Baking in information from big data sources (social media, dark web) and customer’s financial behavior to create the right set of feature vectors for supervised learning algorithm is critical for success of this model.
Modernization brings new opportunity
While modernization of Payment systems calls for a robust fraud modeling, growing implementation of ISO 20022 payment messaging standard brings richer data insights to facilitate building this. ISO 20022, delivering interoperability between legacy payment systems, mandates using rich data fields to embed extensive information into a payment initiation, clearing & settlement or remittance message. This additional data stream when fed in the algorithm, adds more context to a transaction while assessing an anomaly and contributes towards building a more accurate tollgate in a real-time environment.
As industry is investing towards faster & easier payment and new technology & platforms are driving innovation, key for ensuring a safe payment experience and bringing operating cost down is building a robust & agile fraud detection model that adapts with the pace of payment. While machine learning & deep learning should create the foundation of this sophisticated model, let’s not forget data is the key. The model is as good as richness of the information is.