Machine Learning Techniques for Fraud Analytics, Part 2

Posted February 20, 2018

Machine Learning Techniques for Fraud Analytics, Part 2

In part 1, we considered how to tackle first-party fraud. In this post, we will look at probably the harder type of fraud to predict, which therefore requires more advanced techniques – third-party fraud.

When the Fraudster is Not Your Customer

Third-party fraud occurs when your customer is an unsuspecting victim of a fraudster who takes over the account. This is far more challenging from a machine learning perspective because the bad definition is not static. Fraudsters adapt. In fact, they are expert game theorists who will continually test and eventually learn to identify new weaknesses in a bank’s defenses.

In essence, we are building a statistical model on shifting sands. From a machine learning perspective, we have an endless issue of overfitting. We calibrate our models to the last frauds found, but the model degrades as the fraud changes.

On enterprise-level systems, this is less of an issue as model re-tunes allow for the maintenance of excellent detection capabilities. Because of this, banks accept a certain amount of fraud losses. They budget losses annually and work toward this loss target while also keeping track of key performance indicators (KPIs) for customer experience.

One way to help deal with this issue is to increase the type of features/variables to model. This can include linking entities together using social network analysis or using consortium-level data. Fraudsters often believe they can safely recycle details, devices, etc. between banks. But, by leveraging consortium-level data, banks can further increase the capability of their fraud fighting algorithms. Furthermore, by combining the feature base with unsupervised learning (no target variable) techniques, the data can be truly enriched.

The ThreatMetrix clear-box approach to machine learning, which is a supervised machine learning model, takes its “truth” data from our Digital Identity Network. This gives ThreatMetrix customers the ability to manage and tune machine-generated rules. ThreatMetrix has a clear advantage over other machine learning fraud vendors, as it generates its own data at three levels – individual customer, industry, and global. The ThreatMetrix approach to creating features or aggregates is to use smart variables – highly powerful characteristics that can be binary or continuous. For a data scientist, modelling with raw aggregates is the best way to create the strongest model.

Machine Learning and Deep Learning Techniques for Third-Party Fraud

Support Vector Machines – As one of the promising machine learning classifiers for both linear and non-linear classification, support vector machine (SVM) has become very popular in recent years, particularly in large Silicon Valley tech companies. The aim of the SVM classifier is to form a best hyperplane, which is a line in 2D with a plane in 3D to fairly separate the binary target variable. Its recent popularity in banking fraud is due to its higher accuracy and lower probability of overfitting compared to other methods.

Neural Networks – Traditionally used by vendors in the plastic fraud area, a neural network is a human brain-inspired programming paradigm that enables a computer to learn from observational data. They are, as the name suggests, a fully connected network traditionally composed of three layers – the input layer, the hidden layer and the output layers. Within each of these layers, artificial neurons exist and elements can be weighted in a similar manner to logistic regression. They can be set up to feed information in a single direction (feed forward) or both directions (recurrent) from deep layers to input layer and have built-in memory. The beauty of a neural network is that it is a learning algorithm and can constantly adjust the weights along its path from existing and new information.

Deep Learning – This is a powerful set of techniques for learning in neural networks. In recent years unsupervised learning techniques have flourished leading to a renewed interest in neural networks with many layers. The largest successfully trained Neural Network has 152 layers (by Microsoft). The unsupervised techniques to enable feature extraction (traditionally a manual process performed by a fraud analyst) from the first few layers, which has been very successful for supervised learning. Hybrid models can therefore take the best of both worlds.

Machine Learning and Deep Learning Benefits

For fraud analysts, these include:

  • Uncovering hard-to-detect patterns when the incidence rate is low
  • Harnessing data from all sources measuring every customer interaction
  • Finding new ‘super features’ without significant manual feature engineering
  • Using streaming data for real-time decisions and self-learning models
  • Ensuring consistent customer experience and regulatory compliance
  • Significantly increasing operational efficiency

Your Fraud Fighting Team

In terms of fraud team structure, it is best to set up with your front-line fraud analysts making tactical changes and responding to emerging threats while your fraud data scientists take a more long-term view. It would be ideal if you can get an individual with both skillsets. By combining the output from these two skillsets and remaining agile (as fraud is in constant state of flux), you should be able to drive losses down. From experience, using logistic regression for first-party fraud works very effectively especially when combining multiple interactions and/or data sources. For third-party fraud, the hybrid approach is the way to go, combining both unsupervised and supervised techniques.

Turning Fraud on its Head

In the past few years, we have seen the approach to finding fraud has been “turned on its head”. There are many fraud systems that are great at identifying fraud using different data sources and machine learning techniques. Moving into 2018, identifying your good returning customer base is far more important, being able to take out 97 percent of the population for this reason allows fraud professional and their models to zero in and tighten their rules in the remaining 3 percent. The advancement in neural networks as a learning algorithm further reinforces this, so we can get to the point where every single customer interaction can be scored and considered for our fraud machine learning model.

Machine learning and artificial intelligence are no longer a buzz words. They are here to stay.

Mike Nathan

Mike Nathan

Senior Director - Solutions Consulting EMEA , ThreatMetrix

close btn