Fintech risk management systems are getting a makeover. By adding machine learning technologies to their traditional rules-based fraud management systems, banks hope that they can do better at catching real criminals while declining fewer legitimate credit card transactions. ML technologies, though, have their own gotchas.

Here and there, although not necessarily everywhere, banks are introducing machine language technologies into their fraud detection systems. Essentially, the objective is twofold: to detect real incidents of fraud quickly and accurately, and to do so while preventing false positives, in which legitimate transactions are wrongly tagged as suspicious.

Large banks have led the way in spending on ML-enabled risk management, says Steven D'Alfonso, a research director at IDC responsible for compliance, fraud, and risk analytics strategies for IDC Financial Insights. Lots of bigger banks plan to expand the artificial intelligence (AI)-enabled fraud detection systems into enterprise-wide decision support systems. Many smaller banks that haven't yet embarked on ML are expected to follow by signing on for ML managed services.

They have reason to pay attention. For incidents of credit and debit card fraud alone, financial losses to banks and merchants this year will amount to a whopping $32.82 billion, up from $31.26 billion in 2018 and $21.8 billion in 2016, according to estimates in the Nilson Report, which are also cited in a Rippleshot industry benchmark report.

Across the board, what are the top fraud concerns of financial institutions today? According to the Rippleshot report, the urgent issues are detecting fraudulent accounts faster (42 percent), reducing fraud impact (42 percent), and minimizing customer impact (17 percent).

Still, banks implementing ML-driven fraud management are exercising caution. They are integrating suggestions made through behavioral analysis, predictive analysis, and other ML technologies into their already existing traditional rules-based approaches. "This is definitely not 'rip and replace,'" notes Doug Henschen, vice president and principal analyst at Constellation Research.

With nothing but traditional transaction rules in place, however, fraud detection systems often have interfered with legitimate transactions while failing to catch real criminal activities, such as identity theft and money laundering.

Needed: More accuracy and agility

Bank fraud is a very complex business, and it can happen in many different ways, through online credit or debit card transactions or at a retail point-of-sale (POS) location. The banks themselves are not immune, as the fraud can take place at branch banks or via ATM machines, mobile and Internet banking, bank checks, wire transfers, and telephone call centers. Businesses are also at risk in conducting financial payments with banks.

All the more reason for the financial institutions to improve their detection processes. The rules in traditional fraud detection systems use a combination of data and horizon-scanning. The results are usually binary, labeling transactions as either fraudulent or authentic.

ML-based systems, on the other hand, can provide a much faster and more accurate and agile response.

"Fraudsters have access to more and more customer data, and they're running automated scripts. The schemes keep getting more subtle, and banks need to keep pace with them," according to IDC's D'Alfonso.

"Criminals are constantly changing their methods," concurs Henschen. "Banks want to spot these changes much more quickly. That's why they're looking to ML to supplement their existing systems."

The banks' goal with ML systems, though, is not to abolish existing fraud detection rules, many of which have been set for regulatory compliance purposes. "It's to discover new and more effective rules or to modify the parameters of existing rules," says Tim Prugar, vice president of operations at Next Caller, a company specializing in ML fraud detection systems for call centers.

False positives also wreak havoc

Meanwhile, fraud-related false positives affected about one out of every 15 consumers in 2017, according to a report by Javelin Strategy and Research.

An old-school fraud detection system might flag a credit card transaction, for example, if a purchase takes place at a restaurant some distance away from the cardholder's residence. The system might suspect that a crook stole the card, when in reality, the cardholder is on vacation. Or, depending on the fraud detection system's rules, it might likewise flag a transaction if a consumer made three transactions during a single hour.

Prepare for Wi-Fi 6 and 5G adoption with guidance from Aruba. Learn more

When a transaction is flagged, the bank typically blocks both the transaction and the customer's account until the customer contacts the bank and confirms recent transactions with a human employee.

"False positives add way more friction to the customer experience. This can reduce the likelihood to promote and recommend you to others and curtail the amount of business that customers are willing to do with you," according to Prugar.

Real-world implementation

Banks are notoriously reticent about revealing their IT underpinnings, for obvious reasons. This is particularly true when it comes to fraud detection and other computer security measures. Still, some banks are ponying up with public announcements about deployments of new fraud detection systems driven by ML technologies.

In December of 2018, Citi announced plans to integrate Feedzai's ML-driven transaction management monitoring system into its own proprietary services and platforms, with the aim of providing business customers with enhanced risk management for payment transactions.

Westpac New Zealand, one of several banks in that nation to be hit by a wave of fraud, recently announced its adoption of ACI Worldwide's ML-enabled Proactive Risk Manager as a new alternative to the bank's longtime points-based system for fraud detection.

Bank Danamon Indonesia is using Cloudera Enterprise in conjunction with the Kogentix Automated Machine Learning Platform for both fraud detection and customized marketing. The solution provides the bank with the tools needed for testing, training, and validating advanced ML models, as well as for analyzing models over time, says Billie Setiawan, former head of decision management at the bank and now head of enterprise data management at Bank Mandiri.

The bank in Indonesia is analyzing more than 1 terabyte of unstructured and structured data each day, both through live streaming and batch mode, according to Setiawan. The information encompasses credit card, transactional, product, Internet banking, mobile banking, customer care, voice, digital log, and social media data.

Some other banks are allowing fraud detection vendors to reference their ML implementations, as long as the bank itself remains anonymous. Cognizant, for example, announced that an unnamed global bank is using its deep machine learning (DML) technology to help detect check fraud. Designed to mimic the human brain, DML technology exploits the powerful processing capabilities of neural networks.

The unnamed global bank was already using DML, together with optical character recognition, to scan and process checks and verify signatures. Cognizant's DML system uses Google's TensorFlow neural network technology to parse a historical database of previously scanned checks, including some that turned out to be fraudulent.

Cognizant trained the neural network to use comparative algorithms for telling the good checks from the bad. The DML model identifies potential counterfeits in real time by comparing various factors on scans of deposited checks to those in the historical database. Each of the deposited checks is given a confidence level, marking it as fraudulent, good, or in need of further review.

Fraud detection for call centers

Customers of Next Caller's VeriCall call center fraud detection system include a top bank and a major telecommunications provider, both in the U.S., according to Prugar.

Fraudsters often try to obtain customer data by phoning into call centers and exploiting interactive voice response vulnerabilities and social engineering methods, Prugar says. VeriCall uses ML technologies to monitor data streams on inbound phone calls and make decisions about where to direct a call based on automatic number identification (ANI) and network data together with business rules built with clients.

Each call is assigned a threat level and risk score. Callers flagged as high risk may require extra authentication or get routed to a high-risk agent, for example. "VeriCall is also designed to detect numerous types of ANI spoofing, from spoofed calls originating from simple apps that can be downloaded from the Apple Store to sophisticated SIP header manipulation and parameter injection exploits," Prugar contends.

How do ML systems work?

Generally speaking, ML-based fraud detection systems use complex algorithms that are trained on specific datasets. They keep learning from scenarios presented to them, and recognize, make suggestions about, and act upon patterns in the data.

Implementations of ML systems vary all over the map but generally include behavioral and predictive analytics. Behavioral analytics goes way beyond adhering to traditional rules criteria, such as location and transaction amount; modern systems extract and analyze much broader behavior patterns. These patterns are about current transaction details, historical data about user buying habits, and device fingerprints, for example.

Several kinds of predictive analytics techniques are widely used in ML fraud detection systems. Logistic regression analysis measures the strength of cause-and-effect relationships in structured datasets and assesses the predictive capabilities of variables and combinations of variables in the set. Fraudulent and authentic transactions are compared to create an algorithm that then predicts whether a new transaction is fraudulent.

Decision tree analysis leverages data classification algorithms to figure out potential risks and reviews of various actions. The model presents possible outcomes through a flowchart that uses a tree-like structure to help people visualize and understand the analysis.

The random forest technique of predictive analytics uses multiple decision trees to aim for more accurate results, avoiding the errors that might result from relying on a single tree.

Lots of gotchas remain

At this point, though, ML fraud detection techniques are a far cry from infallible. One gotcha is that, if improperly used, ML techniques can introduce new kinds of risk. For one thing, it takes a considerable amount of data for an ML model to achieve accuracy. Without enough information, the model might draw the wrong inferences and arrive at erroneous results.

"In leveraging ML technologies, it's also important to remember that fraud is the outlier, not the norm. Training on datasets that treat fraud as a normal occurrence can have a pretty negative impact on your defenses. You want to train the system on good behavior, not on behavior that's unusual for your customer base," Prugar advises.

Moreover, without traditional rules or another technology acting as a check and balance, a fraud detection system based on ML could potentially be fooled, says Constellation's Henschen.

According to the analyst, fraudsters could train the system from the outside to accept certain patterns—such as in certain accounts, from certain countries, and at certain times of day—by first bombarding banks with legitimate, low-value transactions that follow these patterns and then using this history of approved transactions to try to slip in a large, fraudulent transaction that follows the same patterns.

Another reason for slow and gradual adoption of ML is that models and results can be difficult to explain and validate for satisfying regulatory requirements. This can be particularly true for DML systems, which can return highly accurate results for reasons that seem inexplicable.

However, according to a recent report by McKinsey, regulators are now becoming comfortable with validation approaches such as random forest, since these techniques produce models that are relatively easy to test and comprehend.

A bright future

Despite any current drawbacks, though, ML fraud systems carry great potential for keeping on top of emerging scams and substantially lowering the numbers of false positives as well as false negatives. "The industry has only reached the tip of the iceberg yet in what we might accomplish," Prugar predicts.

AI and financial fraud: Lessons for leaders