Fraudsters Charge Their Batteries and Other Insights from Feedzai Research

59 records are lost or stolen every second, according to the Breach Level Index. This data includes credentials, personally identifiable information, and credit card numbers. Fraudsters count on hiding in these piles of data. But look close enough and you can see the subtle patterns they leave in their wake.

Today we published a report, 7 Trends in Online Fraud, based on findings from Feedzai Research. The report looks at seven signals related to online and mobile fraud.

Some of these trends make intuitive sense. Fraudsters use obscure email addresses, for example. Other insights are surprising, like the relationship between device battery life and fraud.

The siren call of rules

The temptation is to encode these insights into rules. But there’s a limit to what rules can imagine, because they remain static even as fraudsters evolve their techniques, and as the signals evolve with them.

A few dozen of these rules might make a real dent in fraud losses without high alarm. Why would a fraud team then consider models when they have all these great rules? The answer is that rules have some very specific limitations: their thresholds are fixed and absolute, they cannot account for interactive effects among many different features, and only a handful will be as accurate as you want.

For example, one of the insights from Feedzai Research is that email addresses with 2-4 consecutive digits correlate with more fraud. This is the threshold today, but eventually it will change. Machine learning can track the ideal value for this threshold as it fluctuates over time. A static rules system can not.

Insighting into action

The challenge then comes when it’s time to turn these insights into actionable decisions. No one signal is enough to act on, and while our report looks at just seven signals, a normal profile can have thousands.

Machine learning excels at both parts of the insight process: it pinpoints new and emergent behaviors that are correlated with fraud, and then it captures the interactive effects among these evolving patterns to make good decisions about transactions, over and over, in milliseconds.

Here’s how our Data Science VP, Andy Tikofsky, puts it: “Models aren’t magic. They can even be thought of as smarter rules. For example, a set of rules might be 10% accurate across just 20% of the population. A model can naturally look at the interactive effects of all these rules together and find a new signal for 2% of the population that’s 80% accurate. The magic of machine learning is just the technology to identify and take advantage of the interactive effects that are invisible to a rule-based approach.”

Open to attack

Payments today means many channels, many payment types, and many interaction points. The result is many points of attack, which fraudsters can breach using simple customer information like an email address. The key to fighting this fraud does not lie in a single metric. It lies in correlating these metrics, at scale, at speed, and in real-time to meet the customer’s need of immediacy.

Now that we have machine learning, we can take these thousands of signals and detect fraud with very high rates. That means banks can finally keep pace with today’s fraudsters, even as they rapidly change tactics and leverage the most advanced technology themselves. And banks can do this all without adding friction.

Here they are: 7 Trends in Online Fraud.

Subscribe to stay infomed