A new way to fight online fraud

Multiple analytical techniques provide essential multilayered, enterprisewide defense for online fraud detection

By Ellen Joyner, Global Marketing Principal, SAS Security Intelligence Solutions

By May 2015, 69 million Americans were banking online. More than half of them paid a bill online in the last month. Forty-eighty percent of us who have mobile phones have downloaded our bank’s mobile banking app; 90 percent of us have used a mobile device to check an account balance or transaction. That makes millions of us potential targets for online fraud.

Financial institutions are fighting back, but for many the response has looked like a game of Whack-a-mole. A fraud attack pops up here. The bank reacts. The online fraud pops up on a different channel or takes a different shape. The bank whacks it there. And so on. If you settle for finding fraud and improper payments after the fact, the damage has already been done.

A hybrid approach captures customer behavior patterns from multiple sources and evaluates that information every time a transaction is scored, to accurately detect what is normal and what signals a potentially fraudulent event.

Some financial institutions are dramatically changing the odds. For example:

  • A tier-1 bank now identifies abnormal online behavior in real time, a capability that is predicted to detect 35 percent more online fraud cases and lead to recovery of 25 percent more fraud losses.
  • A large commercial SAS customer achieved a 70-percent case detection rate and 60 percent value detection rate – preventing 60 percent of potential fraud losses while actually reducing investigator time and effort.
  • One of the largest global banks can see fraud risk and suspicious activity across commercial entities worldwide in minutes (compared to eight hours before), adding an essential layer of controls above local activities.

These institutions did not get there by relying on fragmented and reactive systems. They didn’t get there on after-the-fact analysis of questionable transactions. They didn’t get there with silo case management systems that offer only a partial picture of a customer/entity and the issues. No, they went beyond the norm.

Most financial services institutions have controls at the bottom-most layers of defense, such as access authorization and behavioral analysis of website and mobile app navigation by channel. But few have taken advantage of higher-level controls to understand behavioral norms and aberrations across channels and products and to understand connections among related entities.

Find online fraud fast by scoring 100 percent of transactions in real time

Since fraud schemes change quickly, an effective fraud management system connects with your institution’s transaction processing and authorization systems to profile 100 percent of transactions in real time. Every transaction goes into a scoring engine that runs the appropriate fraud models to produce a score – and applies the associated decision logic or rules (e.g., under what conditions to approve, deny or escalate a transaction for review). All transactions and the actions taken are recorded to support downstream reporting, governance and auditing – as well as for optimizing the rules to perform even better on subsequent transactions.

The benefits of a holistic, customer-centric view of online fraud

With a greater breadth and depth of data – plus the high-performance computing capabilities to crunch it – you can fully understand the behavior of an individual or entity across all products and channels. What’s normal for that entity? What looks unusual? Transactions that might look innocuous at face value can look quite different when seen in full context.

You can monitor the behavior of multiple entities across the enterprise, including customer, account (DDA, wire, ACH, card), and Internet and phone banking. Profile entities simultaneously at different levels (such as by relationship, account or customer). And combine behavioral data with third-party event data for a more complete view.

Using multiple analytical techniques for powerful online fraud detection

The goal is to detect and prevent more online fraud with fewer false positives – protecting the bank while preserving the quality of the customer experience. Some game-changing analytic approaches make that happen:

Hybrid models. Start with your bank’s data as the core, then integrate pooled data to create a new, more predictive model that has the power of consortium data while retaining the value and flavor of your own customer data.

Signatures. SAS takes a unique “signatures” approach that captures customer behavior patterns from multiple sources and evaluates it every time a transaction is scored. This is more than noticing when a customer who never leaves Dubuque suddenly goes on a shopping spree in Dubai. This is about nuances and idiosyncrasies, such as your customary pattern of sign-on keystrokes and menu navigation.

Neural network models. These analytical models learn interactively from the data without human intervention. With every iteration, the algorithms get smarter and deliver more accurate results. It’s easy to see the value of machine learning to keep pace with evolving online fraud tactics.

Combined self-learning techniques. Sometimes account behavior is too intricate to be captured by an individual neural network. A proprietary SAS modeling technique uses an ensemble of optimized neural networks to adapt, evolve and constantly improve online fraud detection over time.

Coordinated tools for investigators

The results of analytic scoring and profiling rules are automatically triaged and fed into a centralized case management system that makes the work of tracking down the serious cases far more efficient.

An enterprisewide system can automatically assemble alerts from multiple monitoring systems, associate them with common accounts or customers, and give investigators a more complete perspective on the risk of a particular account or individual. The risk score on each alert can be used to prioritize higher-risk activities and auto-assign alerts to investigators based on predefined rules and requirements.

The end result – 100 percent real-time scoring and decision capabilities by looking at all transactions (including purchases, payments, fund transfers and digital session information), significantly increasing the odds of finding online fraud before it can do its harm. The fraudsters deserve nothing less.


Ellen Joyner...

how to catch a cyberattack

Read More


Get More Insights


Want more Insights from SAS? Subscribe to our Insights newsletter. Or check back often to get more insights on the topics you care about, including analytics, big data, data management, marketing, and risk & fraud.

Back to Top