Democratizing Access
Leveraging the power of shared intelligence
- By Damon Madden
- Sep 04, 2020
The COVID-19 pandemic has
put financial institutions
under more pressure to stay
on top of fraudulent activity—
as opportunists are
looking for any weakness in a system that
can be exploited. Moreover, as consumers
turn to eCommerce and digital payments
while social distancing, there’s no avoiding
the increased levels of associated risk for
financial institutions.
As organizations prepare for more
commerce to be conducted online during
the pandemic, sometimes through quickly
transplanted or repositioned business models,
payment fraud will proliferate. In fact,
research from ACI Worldwide has revealed
that merchants have experienced significant
increases in COVID-19 related phishing
activities and friendly fraud, with nonfraud
chargebacks up 25 percent in May
this year. While overall fraud attempt rates
fell from March (5.3%) to May (3.4%), the
research shows that the average ticket price
of attempted fraud increased by $18 yearover-
year. This indicates that fraudsters are
getting more bullish and confident in their
pandemic-related methods.
For financial institutions, getting the
balance right between identifying genuine
payments and creating a frictionless
customer experience is key. And, machine
learning has emerged as an essential tool
for detecting fraudulent payments among
the many thousands or millions of genuine
ones made every day.
THE DOUBLE-EDGED SWORD
OF DIGITAL PAYMENTS
Digital payments offer many benefits
including better, faster experiences for customers.
However, when payments happen in
real-time, the window for fraud detection is
reduced to milliseconds and the likelihood of
recovering fraudulent payments is far lower
than with traditional methods. Essentially,
as payments get faster so too does fraud —
and when the money is gone, it’s gone.
Further, as the volume and variety
of digital payments surges so too
does the volume and variety of data
generated by those payments. Geolocation
information, behavioral clues
and biometrics provide a wealth of intelligence
for financial institutions —
but only if they can make sense of the deluge.
As such, machine learning plays a key
role enabling financial institutions to operate
at the speed and scale required to authenticate
genuine payments, catch fraud
as it happens, reduce the volume of false
positives, and improve the time it takes to
react when they do occur. With machine
learning, financial institutions can flag activity
that deviates from the norm but isn’t
necessarily suspicious. For example, when
a customer logs in using a different device,
it’s less likely to be unauthorized access
and more likely that they’ve upgraded their
phone – nevertheless, it needs verifying.
To avoid overwhelming already stretched staff, such as call center and support departments, and
introducing more friction for the customer, these non-financial
transaction scenarios — and thousands like them — need to be
digitized, automated and contextualized wherever possible. This
is a complex challenge, but getting it right promises to provide
an additional layer of competitive differentiation for financial
institutions. It opens the opportunity to provide greater fraud
coverage and more seamless experiences that can be applied consistently
to an organization’s entire customer base, all without
additional headcount in either the fraud department or service
centers.
Yet to be truly effective in the fight against fraud, machine
learning solutions must be agile enough to be developed, tested,
deployed and updated, as either new threats emerge, or as existing
ones become better understood. And access to an industry-,
region- or market-wide view of possible threats – not just an internal
one – is essential. It improves the decision-making performance
as the “machine” interacts with more data patterns.
DEMOCRATIZING ACCESS TO MACHINE LEARNING
By enabling non-specialists to build, test and deploy machine
learning models in minutes, financial institutions can democratize
access to the technology. This can be done by abstracting away
the complex math that lies behind these models and replacing it
with intuitive interfaces that enable drag and drop model building
using the ‘features’ of fraud as building blocks. In bringing
machine learning to an organization’s in-house data and in-house
fraud expertise – as opposed to taking that data and expertise to a
machine learning specialist – financial institutions can accelerate
the time to market of fraud-fighting applications.
As financial institutions become aware of new fraud risks, additional
features can easily be added to the models and the weight
of evidence scoring adjusted accordingly, to ensure banks’ defenses
keep pace with emerging risks. This can even take place automatically,
through adaptive machine learning, where the technology
responds to analyst-applied ‘markers’ for potential fraud.
Transforming the way financial institutions use machine learning
(by allowing them to adopt a business-led approach) offers
greater ownership and control of their fraud detection strategy. It
empowers them to act self-sufficiently without the costs, risks and
time associated with the involvement of third parties in artificial
intelligence implementations, and – importantly for compliance –
it promotes better accountability of the solution’s outcomes.
THE POWER OF SHARED INTELLIGENCE
Individual banks already have access to a wealth of data with
which to develop machine learning solutions for fraud detection
and prevention.
However, when that data is shared across institutions, it has
the potential to create a complex and varied intelligence network
that can introduce more context to every machine learning decision,
exponentially increasing its effectiveness.
This ‘shared intelligence’ empowers unprecedented collaboration
in the fight against fraud. By harnessing the power of the community
to increase threat visibility and distributing enhanced detection
and prevention capabilities back through the community, it
creates a powerful jurisdiction- or network-level deterrent to fraud.
Shared Intelligence takes the features of machine learning
models deployed by participating organizations and sends them
out to a central repository in metadata format. That could be a
central infrastructure (CI) or an organization to which the participating
financial institutions belong (either as members or connections),
where they can be tested against the community view
for their effectiveness.
These features are then made available to the rest of the community
for members to aggregate with their own models or to
build upon as needed.
Unlike a consortium approach, which over-emphasizes its
largest members’ experiences of fraud, members can access the
benefits of a Shared Intelligence community on their terms. The
biggest contributor doesn’t rule the community models and risk
scoring criteria.
Thanks to its power to improve the detection of emerging
threats through a scaled-up ‘early-heads-up’ approach to feature
calculation and contribution, Shared Intelligence is set to be a game
changer in the use of machine learning to fight payments fraud.
SHARED INTELLIGENCE IS SHARED COMPLIANCE
The Shared Intelligence approach has the added benefit of allowing
regulators and CI owners to understand the wider fraud environment
with precision, empowering them to act on new and emerging
threats before clusters become endemic financial crime risks. Trends
specific to organizations can be tracked and understood at any level
required by a regulator, enhancing efforts to combat fraud beyond
payments, such as money laundering or identity theft. Further, CI’s
can choose to prescribe both the contributing data and time periods
to ensure data consistency across the intelligence network.
This can reduce the costs of compliance too for member organizations.
First, it resolves the burden and regulatory risks for attempting
to extrapolate and submit data externally. Second, if a CI
mandates that organizations deploy a particular model, that model
can be easily distributed and then run concurrently with their own
models. Indeed, an unlimited number of models can be run and
tested side by side, on live data without the risk of hindering performance.
Suddenly, intelligence sharing to mitigate fraud using machine
learning becomes easy with the use of a democratized method.
THE NEXT FRONTIER IN CUSTOMER CENTRICITY
Machine learning allows banks to truly build their payments
risk management strategy around the customer, and not around
their own channels or other organizational factors that may have
little bearing on the customer’s needs. It also serves to ensure that
specialist resources like fraud analysts are free to focus only on the
activity that’s deemed the highest risk and therefore the highest priority,
which machines cannot — and should not — be left to handle.
Machine learning improves the application of payments risk
management frameworks and policies to boost risk mitigation
(both in terms of fraud and reputational risks) and enhance compliance.
It forces organizations to clearly define what their policies
are, and the practical steps required to enforce
them. And by removing the need for human
intervention in the majority of cases, rules and
procedures will rarely be bypassed since machines
will always follow rules.
This article originally appeared in the September 2020 issue of Security Today.