Financial services providers have been using Artificial Intelligence (AI) and machine learning for a range of operations, including credit underwriting and conversational banking. However, one use case that has emerged as a priority for the industry is linked
to the better management and prevention of fraud. Reports of fraudulent activity in 2019 have been all too familiar, including the news of Metro Bank falling victim to a new type of SS7 hacking which intercepts the text message used for 2-factor authentication
and more recently, investigations into N26 by German regulator Bafin over complaints of fraudulent activity going ignored at the bank due to poor reporting processes.
The use of AI, and more specifically machine learning, to detect and prevent fraud is gaining traction, with some banks starting to deploy these technologies as a direct response to increasingly sophisticated cybercrime. Nevertheless, the rate of AI and
machine learning deployment as a fraud management measure remains relatively low. We expect that this will not be the case for long, and that deployment in this area will rise significantly in the next 2-3 years.
The constantly evolving techniques used by criminals requires a defence from financial institutions that is just as dynamic. Conventional rule-based approaches, that focus on identifying potential fraud based on pre-coded rules, are no longer as effective
as they once were due to the evolution and complexity of modern fraud.
This is where AI and machine learning come into play.
Before looking at the topic in more detail, it is important to clarify that despite these terms often being used interchangeably, they are not the same. AI is a much broader concept that relates to computers replicating human cognitive functions. Machine
learning is a subset of AI and refers to a method of data analysis whereby analytical model building is automated and machines can learn from the data they are analysing and make decisions with minimal human intervention, e.g. changing algorithms based on
patterns in data sets being analysed.
AI algorithms are able to analyse millions of data points in seconds and detect unique fraudulent behaviours. To create a truly dynamic system, that can keep pace with the criminals, financial services providers have to look beyond traditional ‘one size
fits all’ rules-based methods and build a hybrid system, combining a range of AI and machine learning based approaches.
There are a number of factors that need to be considered when implementing an effective A.I. and machine learning strategy, which include:
- Using a combination of supervised and unsupervised machine learning
Supervised models are based on the tagging of data as fraud or non-fraud so that a computer can determine legitimate or illegitimate patterns. Unsupervised models employ a form of self-learning, grouping datapoints together in order to fill the gaps when
there is little or no tagged data.
Behavioural analytics uses machine learning to anticipate and understand the behaviours of each account holder, e.g. transaction behaviour patterns. From this, the machine is able to identify any anomalies in behaviour. In cases of uncharacteristic spending,
algorithms can assume that this is illicit behaviour.
- Specialised fraud analytics
Generic behaviour models pose a lot of risks when applied to fraud. While generic models may be able to detect obvious anomalies, specialised models are capable of detecting more subtle and less obvious fraud events, e.g. when a fraudulent transaction arises
but appears to be in-line with the cardholder’s typical behaviours. Specialised analytics uses advanced profiling, fraud-specific predictive characteristics, and adaptive capabilities to separate themselves from generic models.
Machine learning improves in accuracy when it has a large amount of data to learn from. In fraud detection, millions or even billions of data points enable the computer to build a comprehensive understanding of what is and is not fraud. With evolving crime,
it is important that machines encounter as many examples as possible to be effective. While the initial data input is important, best in class models use adaptive technologies which continually learn from any additional data that is input so that it can adjust
its decisions based on current environments.
We are beginning to see more and more organisations understand the need for more advanced and hybrid AI related practices.
In September, Nets, an account-to-account payment business and KPMG joined forces to build Nets Fraud Ensemble, an AI powered anti-fraud measure capable of navigating the ever-changing landscape in real time, shunning traditional rule-based methods.
Meanwhile, in October, Mastercard announced a new service, Threat Scan, which identifies authorisation system vulnerabilities in issuer systems before exploitation can occur. Utilising a range of strategies, Mastercard uses an array of test scenarios that
simulate fraudulent attacks. As fraudsters adapt and identify new ways to gain access to a system, new scenarios can be added to the range of tests and instantly be run against systems globally.
In spite of this, we have a way to go before this type of fraud prevention is commonplace – many of the world’s financial systems are still relatively unconnected and function in isolation making it difficult to identify patterns across a wider ecosystem.
AI and its subset, machine learning, are able to connect the dots, and if executed properly, have the ability to save a significant amount of time and money for organisations, whilst also minimising potential reputational damage as a result of fraud related
events. Developing a clear and effective strategy is complex and multi-faceted, so ensuring that the right people and partners are on hand to assist in navigating the maze is more important than ever.