Combating fraud in the digital world with the support of AI

Issue 7 2021 Cyber Security

Traditionally, cybersecurity entailed a reactive approach where organisations used learnings from previous compromises to improve their defences. With technology evolving and people embracing the likes of mobile wallets, banking apps and other solutions to manage transactions, businesses must rethink how best to bolster anti-fraud mechanisms. The answer lies in artificial intelligence (AI).

“Since the onset of the Covid-19 pandemic, financial institutions have accelerated their digital transformation programmes. Many customers have embraced using online channels for everything from applying for loans and buying goods, to performing international transfers and other high value transactions. This has seen branch visits and ATM transactions reducing considerably over the past 18-months,” says Marcin Nadolny, head of EMEA Banking and Insurance Fraud at SAS.

However, as customers move to the digital world, so too are fraudsters. Cyber fraud, digital payments fraud, identity theft and employee embezzlement are all on the increase. In fact, the pandemic has seen the fraud and financial crime landscape shifting to become even more technology-driven than in the past. Cybercrime-as-a-service, digital fingerprints for sale, SIM swapping, social engineering, malicious use of AI and digital skimming even when cards are not present are just some of the new styles of attacks to take note of.

Key tools in the battle

Data and analytics have become key tools to combat the surge in financial-related crimes. AI and specifically machine learning, can provide financial institutions with automated algorithms that incorporate a cross-channel view of customer behaviour, help to spot complex fraud trends and reduce false positives in parallel. Information about devices, the geolocation of users and even behavioural biometrics are playing the role of additional fuel for analytics.

“In the current fast-moving world, models require the right data to spot fraud, but also models should be adaptive, that means being able to adjust automatically and to catch constantly changing behaviours. Dynamic behavioural profiles and adaptive machine-learning ensures organisations always stay up-to-date with changing fraud trends.” adds Nadolny.

Grozdana Maric, head of CEMEA Fraud and Security Intelligence at SAS, agrees that fraud detection and investigation can be significantly supported by AI and machine-learning technologies.

“Fraud risk is escalating for financial institutions and other business. Using the technology and analytics to address all types of fraud becomes an increasing need, allowing for more sophisticated detection and investigation methods, reduced costs and increased efficiencies,” she says.

Real-time decisions

Sophisticated analytics techniques provide businesses with a significant advantage to manage and control fraud losses in real-time, reduce the number of false positives and to enhance overall investigation. Instead of simply reacting to past information, machine-learning delivers a forward-looking advantage.

“But this does not mean introducing more authentication. Instead, it is about incorporating stronger authentication into the environment. Admittedly, it is becoming more complex to authenticate users without causing delay in the convenience consumers are seeking from digital channels. Things like 3D Secure authentication, one-time passwords, biometric security measures and tokens can all be considered to increase security without impeding the flow of the customer experience,” says Maric.

An additional advantage of using AI and machine-learning is that decisions whether to approve or deny payments are no longer purely based on amount, time, data and merchant. Systems are ‘trained’ to look at what the usual customer behaviour is. If a transaction differs significantly, such as small-value purchases from places the person has not been, or banking through a new device, it automatically gets flagged on the system. And because the decisions are AI-driven, decisions to stop transactions happen in milliseconds in time to approve or decline a payment.

“Today, fraud detection entails a comprehensive approach to match data points with activities to find what is abnormal. Fraudsters have developed sophisticated tactics, so it is essential to stay on top of these changing approaches of gaming the system. The fraud detection and prevention technology chosen should be able to learn from complex data patterns. It should use sophisticated decision models to better manage false positives and detect network relationships to see an holistic view of the activity of fraudsters and criminals,” says Maric. “Combining machine-learning methods – including deep learning neural networks, random forests and support vector machines – as well as proven methods, like logistic regression, has proven to be far more accurate and effective than approaches based only on rules.”

The importance of connections and interactions

Building from here, exploring connections and interactions between people to catch more fraud becomes increasingly important in the connected landscape. Through this network analytics driven by AI and machine-learning, organisations can better identify suspicious communities, organised crime groups, collusion between employees and customers and even direct and indirect links to known fraud cases.

“Business and governments alike have embraced technologies like data visualisation and AI to greatly reduce and even prevent the economical and reputational repercussions of fraud. Analysts and investigators work together, breaking down siloes, scoring and prioritising alerts based on severity, then route high-priority alerts for more in-depth analysis. And while it will take time for more organisations to embrace this, given the severity of digital fraud, they need to do it sooner rather than later,” concludes Nadolny.

More information can be found on SAS for Fraud, AML and Security Intelligence

Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

Cyber attackers used over 500 tools and tactics in 2022
Cyber Security News
The most common root causes of attacks were unpatched vulnerabilities and compromised credentials, while ransomware continues to be the most common ‘end game’ and attacker dwell time is shrinking – for better or worse.

Addressing the SCADA in the room
Industrial (Industry) Cyber Security
Few other sectors command the breadth of purpose-built and custom devices necessary to function, as the industrial and manufacturing industries. These unique devices create an uncommon risk that must be assessed and understood to fully protect against incoming attacks.

Recession or stress?
Cyber Security News
The economic landscape has seen many technology companies lay off vast numbers of employees, but for cybersecurity, the picture looks very different – a dynamic mixture of excitement, challenges and toxicity.

Vulnerabilities in industrial cellular routers’ cloud management platforms
Industrial (Industry) Cyber Security Security Services & Risk Management
Research from OTORIO, a provider of operational technology cyber and digital risk management solutions, unveils cyber risks in M2M protocols and asset registration that expose hundreds of thousands of devices and OT networks to attack

NEC XON appoints Armand Kruger as Head of Cybersecurity
News Cyber Security
NEC XON has announced the appointment of Armand Kruger as the Head of Cybersecurity. Kruger will oversee all cybersecurity offerings including cybersecurity strategy, programmes, and executive advisory.

Caesar Tonkin new head of cybersecurity business, Armata
News Cyber Security
Vivica Holdings has announced the appointment of cybersecurity expert Caesar Tonkin to head up its cybersecurity business Armata, which provides technology solutions and niche expertise needed to help businesses better protect themselves.

Surveillance-free surfing
News Cyber Security Products
Zoho has launched Ulaa, a privacy-centric browser built specifically to help users secure their personal data and activity by providing a browser solution that universally blocks tracking and website surveillance.

Troye and Arctic Wolf join forces
News Cyber Security Security Services & Risk Management
Troye has announced a strategic partnership with Arctic Wolf to enable Troye to provide customers with enhanced cybersecurity solutions and services that help protect their businesses from advanced cyber threats.

Relaxed home cybersecurity could render consumers accidental ‘inside actors’
Editor's Choice Cyber Security Smart Home Automation
Cisco security experts warn of snowball impact of relaxed approach to cybersecurity on personal devices, noting 60% of users primarily use their personal phone for work tasks and 76% have used unsecured public networks for work tasks.

VMware unveils new security capabilities
Cyber Security IT infrastructure Products
At the RSA Conference 2023, VMware unveiled enhanced features for its suite of security solutions to address the increasing sophistication and scale of cyberattacks and to deliver strong lateral security across multi-cloud environments.