Introduction to Fraud Detection
Billions of data-points from thousands of companies globally are crunched to create a digital fingerprint of users and a forensic understanding of money flows. And these shared insights are the strongest tool businesses can gain to protect against tightening regulation. Rob Woods, fraud expert at LexisNexis Risk Solutions, explains.
The Rise of Sophisticated Fraud
Catching fraudsters is getting harder. They are more sophisticated, armed with tools such as Gen AI, and lavishly financed by the spoils of their successful hits. UK Finance estimates last year alone £1.17bn was stolen via fraud. The founder of the Evil Corp hacker gang (yes, that is the name) in Russia drives a custom-made Lamborghini.
The Importance of Shared Data
With the Payment Systems Regulator’s compulsory reimbursement rules looming over banks and PSPs, there’s a renewed incentive to get a firm grip on fraudulent payments entering and leaving their virtual walls. The fight back begins with shared data combined with powerful machine learning. By examining a vast array of indicators covering customers’ every interaction with their device, apps and web browser, banks are able to predict fraud with a high level of accuracy, before it happens.
Key Ingredients in Fraud Detection
A key ingredient is behavioural analytics. Real-time user behaviour is tracked and compared against past behaviours considered normal for that individual. Crucially, these behaviours are largely unique to the individual, almost impossible to fake. Some of the key factors that are monitored include:
Phone Movement
Is the phone being held in a landscape or portrait position? What is the rotation or angle of the phone? Do the sensors match the situation?
Touchscreen Behaviour
How is the touchscreen used? How much pressure is being applied? What is the swipe speed and motion?
Keyboard Behaviour
How is a keyboard used? What is the typing cadence? Were any special keys pressed? Were any keyboard shortcuts taken?
Building a Digital Fingerprint
A bank or e-commerce provider can monitor these factors and look for deviations from normal. Maybe the user types in a different way or clicks the mouse in a manner suggesting a bot is behind the movements. But these indicators are just the start. Adding dozens more user interactions builds a digital fingerprint for each customer. What device are they using? If it’s the Apple iPhone they’ve used for five years the bank can trust it. But what if the user suddenly switches to a cheap Android? This could be a red flag, triggering an additional authentication via a code sent by text message.
The Power of Machine Learning
Every click, every device, and every transaction is logged and incorporated into the risk model. Banks can then discover patterns for suspicious behaviours which would be undetectable to the human eye. Each time a fraud is perpetrated, the model gets another boost. Retrospective analytics can be run to see what the giveaways were. Looking backwards helps banks to look forwards. Understanding how dirty money flows through the banking system and overlaying this with these other fraud indicators then adds another layer of protection.
Real-World Applications
For example, mule accounts are usually tested by fraudsters in advance of laundering money to ensure transactions are able to pass through. They’ll deposit a small amount, £1, for example. Then transactions will be sent and received of equal value. The behavioural analytics engine can spot this and flag the risk to the bank. The model is nuanced. Users are given a trust score which moves up and down depending on the full gamut of factors.
Our Approach
There are many anti-fraud engines based on device intelligence and collaborative fraud modelling, but at LexisNexis Risk Solutions, we have the industry-leading solution. ThreatMetrix is used by nine out of the ten largest UK banks, by the top 20 S&P 500 companies, and thousands of organisations in 200 countries. It is the most sophisticated approach in the world, by far.
The Digital Identity Network
A major factor is our scale. Thousands of customers feeding data into ThreatMetrix globally means many billions of data points, crowdsourced and shared across borders and across industries. The vessel for this crowdsourced data is the Digital Identity Network. Another world-first innovation, it shares information from thousands of participants across banking, gaming, retail and other industries. We create digital identities for consumers based on their online fingerprint – devices, habits, transaction patterns and so on.
Success Stories
Does it work? Our case studies show just the impact our approach has on fraud. Metro Bank wanted to combat mule accounts ahead of the forthcoming PSR reimbursement rules. LexisNexis Risk Solutions ThreatMetrix analysed all Metro Bank’s consumer behaviour and transactions data. We quickly identified the hallmarks of a mule account. In six months at Metro Bank, our behavioural analytics platform identified £2.5 million of mule account payments, an uplift of 105 per cent.
The Mission
The focus for anti-fraud technology is, as ever, to create a superior customer experience. Behavioural analytics and real time transactional intelligence means consumers can be evaluated in a live environment. Genuine customers can be left to shop and bank without obstacles. A moving scorecard means less reliable actors can be flagged, given higher security requirements, or have access suspended, depending on their rating.
Conclusion
Fraud is an arms race. The perpetrators are constantly innovating and launching attacks on ever large scales. Behavioural analytics turns the tables. The more data the banks accumulate, the more accurate their detection. Behavioural analytics is above all a customer-centric approach to crime, liberating genuine users from intrusive checks, and quarantining villains before they’ve even got started. It marks a turn in the tide in the war on fraud.
FAQs
Q: What is behavioural analytics?
A: Behavioural analytics is the process of tracking and analyzing user behaviour to identify patterns and anomalies that may indicate fraudulent activity.
Q: How does ThreatMetrix work?
A: ThreatMetrix is a behavioural analytics platform that uses machine learning to analyze user behaviour and identify potential fraud threats.
Q: What is the Digital Identity Network?
A: The Digital Identity Network is a crowdsourced database of digital identities that helps to identify and prevent fraudulent activity.
Q: How can I learn more about LexisNexis Risk Solutions?
A: You can visit the LexisNexis Risk Solutions website to learn more about their products and services.
