As the financial world is increasingly connected in real-time, the opportunity for fraud and other financial crimes widens. Financial institutions spend a significant portion of their technology budgets preventing fraud and mitigating losses.
Big data is playing an important role in this battle. Each of the three Vs -- volume, velocity, and variety -- contributes to the overall solution. And in each dimension, new technologies, data sources, and analytic techniques are brought to bear to take down the bad guys.
One thing that has become clear from the fight against fraudsters is that we need more data. Additional data sources are being used to fight fraud. In addition to the large and rich data sets that make up transaction histories, financial institutions are turning to consortium data to learn more about the people and transactions they need to watch for.
Security data has taken on new dimensions, including not only “bad” people but also “bad” data. Often, the most revealing piece of data is when a transaction comes from a good account, but with one unmatched “bad” data element. For example, a customer changes its address and the new address itself has been flagged as fraudulent.
Just as important as the large volume storage capabilities is the need for quick access and editing required to keep up with the latest available information.
Fraudsters move fast. So fast that, in some cases, it’s the speed of the transactions that are themselves suspicious. A customer accesses an ATM in New York, then 30 minutes later in London: clearly fraudulent. But fraud is detectable typically only as a series of fast-moving events.
Technologists tasked with finding these “bad” series of events are turning to techniques such as complex event processing (CEP) and in-stream analysis to win the battle. Because computerized attacks on online banking sites can often create thousands of events every second, it’s essential to be able to “see” the activity in real-time and not just catch them after the fact.
CEP can find patterns in events that indicate a problem. For example, many fraudsters will access online banking and go directly to the transfer section of a Website without first checking balances and transactions. That clickstream is foreign and unfamiliar to the CEP engine and thus gets flagged, but the clickstream happens in a matter of seconds and needs to be caught before an irreversible wire transfer occurs.
On the cutting edge of fighting fraud is network analysis. Since network traversal is new and the data patterns are different for every network, unstructured data storage and analysis is critical to its success. Institutions are finding success in creating their own social networks of fraud -- linking addresses, transactions, names, and account numbers together in order to get one step ahead of the bad guys.
The fight against fraud isn’t ending anytime soon. In fact, it may be a permanent technology investment as our financial lives become more digital. But the “good guys” are using big data techniques to fight the war. And on many fronts, we’re starting to win.
User Rank: Exabyte Executive 11/28/2012 | 11:19:37 PM
Re: Wide scope @ Saul
It is a bit of both. As far as save everything approach is concerned, that has an apparent business logic as the data security's objective is to minimize loss and the biggest loss to a business can be a financial loss. Banks these days are the major warehouse of finance therefore data security is directly linked to their basic reason for foundation.
User Rank: Exabyte Executive 11/27/2012 | 11:38:47 PM
Re: Wide scope @ technetronic
You are right about banks being number one in their data security and backup policies (I don't have data to support my point though). Actually the banks are bound to reimburse clients with whatever amount they quote if they have lost the records therefore they prefer to spend large amounts on data security rather than reimbursing clients in addition to facing the reputational loss and central bank penalties.
User Rank: Exabyte Executive 11/27/2012 | 12:23:17 AM
Re: Wide scope Good point waqas - we're subject to the reliability of our providers. I'd like to see how banks, esp. local ones, fared recently during hurricane Sandy. My gut says that financial institutions are setting the standards for reliability simply because of the sensitivity of the data.
Which also makes me think of an acquaintance who was in charge of switching over Fidelity's entire trading platform from one to another and didn't lose a single trade several years ago.
Part of the big data challenge is portability; I haven't heard much on that yet.
User Rank: Exabyte Executive 11/26/2012 | 9:19:14 AM
Re: Wide scope @ technetronic
Customers are getting ready access as in they can access their bank accounts online and e-statements are available at fingertips but as far as control is concerned, it remains with the system. If the bank's system collapses, the customer will suffer hugely till the time the bank is able to restore all the data or till the time the compensation is paid to the customer.
User Rank: Exabyte Executive 11/25/2012 | 8:12:21 PM
Re: Wide scope The economist did a deep piece on fraud detection in May and most interestingly but subtly offered that banks are being squeezed out as customers take more control over their data. At the same time, one bank official said that banks ought to be a safe place for financial data, and indeed they should.
User Rank: Bit Player 11/23/2012 | 12:47:13 PM
Re: Patterns of suspicion @Kiran, Unfortunately, Facebook is a bit sketchy when it comes to their privacy policies. From allowing users to micro-manage and specify the level of privacy they wanted to assign to specific content, Facebook took that back and gave them lesser options to choose from. This made it harder to figure out what you needed to edit to hide or privatize certain content.
User Rank: Bit Player 11/23/2012 | 12:45:18 PM
Re: Patterns of suspicion I think these are very positive developments and hopefully they can continue working on these fraud models to improve them. Perhaps in time, they can minimize the 'innocents' who get up caught in the fray and come up with a better detection system.
User Rank: Blogger 11/21/2012 | 9:07:42 PM
Re: Wide scope It's true that one characteristic is not enough to stop a transaction. Which is why banks typically use several. But in addition, context is critical. Wire transfers cannot be called back usually, so banks get more cautious than with ACH which can be reversed.
The most effective systems are dynamic, learning as they go.