Traditionally, cybersecurity entailed a reactive approach where organisations used learnings from previous compromises to improve their defences. With technology evolving and people embracing the likes of mobile wallets, banking apps and other solutions to manage transactions, businesses must rethink how best to bolster anti-fraud mechanisms. The answer lies in artificial intelligence (AI).
“Since the onset of the COVID-19 pandemic early last year, financial institutions have accelerated their digital transformation programmes. Many customers have embraced using online channels for everything from applying for loans and buying goods, to performing international transfers and other high value transactions. This has seen branch visits and ATM transactions reducing considerably over the past 18 months,” says Marcin Nadolny, head of EMEA Banking & Insurance Fraud at SAS.
However, as customers move to the digital world, so too do fraudsters. Cyber fraud, digital payments fraud, identity theft and employee embezzlement are all on the increase. In fact, the pandemic has seen the fraud and financial crime landscape shifting to become even more technology-driven than in the past. Cybercrime-as-a-service, digital fingerprints for sale, SIM swapping, social engineering, malicious use of AI, and digital skimming even when cards are not present are just some of the new styles of attacks to take note of.
Data and analytics have become key tools to combat the surge in financial-related crimes. AI, and specifically machine learning, can provide financial institutions with automated algorithms that incorporate a cross-channel view of customer behaviour, help to spot complex fraud trends and reduce false positives in parallel. Information about devices, the geolocation of users, and even behavioural biometrics are playing the role of additional fuel for analytics.
“In the current fast-moving world, models of course require the right data to spot fraud but should also be adaptive, which means being able to adjust automatically and catch constantly changing behaviours. Dynamic behavioural profiles and adaptive machine learning ensures that organisations always stay up to date with changing fraud trends,” adds Nadolny.
Grozdana Maric, head of CEMEA Fraud & Security Intelligence at SAS, agrees that fraud detection and investigation can be significantly supported by AI and machine learning technologies.
“Fraud risk is escalating for financial institutions and other business. Using the technology and analytics to address all types of fraud becomes an increasing need, allowing for more sophisticated detection and investigation methods, reduced costs, and increased efficiencies,” she says.
Sophisticated analytics techniques provide businesses with a significant advantage to manage and control fraud losses in real-time, reduce the number of false positives, and enhance overall investigation. Instead of simply reacting to past information, machine learning delivers a forward-looking advantage.
“But this does not mean introducing more authentication. Instead, it is about incorporating stronger authentication into the environment. Admittedly, it is becoming more complex to authenticate users without causing delay in the convenience consumers are seeking from digital channels. Things like 3D secure authentication, one-time passwords, biometric security measures and tokens can all be considered to increase security without impeding the flow of the customer experience,” says Maric.
An additional advantage of using AI and machine learning is that decisions whether to approve or deny payments are no longer purely based on amount, time, data and merchant. Systems are ‘trained’ to look at what the usual customer behaviour is. If a transaction differs significantly, such as small-value purchases from places the person has not been to, or banking through a new device, it automatically gets flagged on the system; and because the decisions are AI-driven, decisions to stop transactions happen in milliseconds, in time to approve or decline a payment.
“Today, fraud detection entails a comprehensive approach to match data points with activities to find what is abnormal. Fraudsters have developed sophisticated tactics, so it is essential to stay on top of these changing approaches of gaming the system. The fraud detection and prevention technology chosen should be able to learn from complex data patterns. It should use sophisticated decision models to better manage false positives and detect network relationships to see a holistic view of the activity of fraudsters and criminals,” says Maric. “Combining machine learning methods – including deep learning neural networks, random forests and support vector machines - as well as proven methods like logistic regression, has proved to be far more accurate and effective than approaches based only on rules.”
Building from here, exploring connections and interactions between people to catch more fraud becomes increasingly important in the connected landscape. Through this network analytics driven by AI and machine learning, organisations can better identify suspicious communities, organised crime groups, collusion between employees and customers, and even direct and indirect links to known fraud cases.
“Business and governments alike have embraced technologies like data visualisation and AI to greatly reduce and even prevent the economical and reputational repercussions of fraud. Analysts and investigators work together, breaking down siloes, scoring and prioritising alerts based on severity, then route high priority alerts for more in-depth analysis. And while it will take time for more organisations to embrace this, given the severity of digital fraud, they need to do it sooner rather than later,” concludes Nadolny.