Real-Time Fraud Detection



Even with advancing technology that promises better algorithms, more analyzed data and tighter service levels, fraud detection and prevention remains a major challenge for most companies. Any customer interaction involving payment has the potential for fraud or abuse, leading to unauthorized charges. And while fraud detection systems are becoming more sophisticated, so are the schemes designed to circumvent those systems.

So how can an organization find bad transactions in an ocean of legitimate ones? Many organizations are under intense competitive pressure to make their payment processes quick and easy. To maintain customer satisfaction, they default to a pay-and-chase strategy in which the transaction is completed before any stringent attempt is made to discover whether or not it is fraudulent. This means that most efforts to prevent fraudulent transactions and recover payments happen after the fact, contributing to an enormous amount of risk and lost revenue from illegal transactions.

But new technologies are allowing companies to flag potentially fraudulent transactions at the moment of inception. To witness real-time fraud detection in action, visit the nearest Babies“R”Us store and hang out by the checkout line. Sooner or later, you will see it: an expecting couple and their shopping cart overflowing with formula, diapers and onesies. They swipe their credit card—only to have the cashier inform them that the card has been denied. It is the first time the couple has made a large purchase of baby goods and their card issuer wants to confirm they are who they say they are.

How did the company do it? This analysis was performed using a new technology called in-memory data management (IMDM), which helps transform fraud detection from an after-the-fact check—a “batch” process, in computer lingo—into a real-time activity.

It all comes down to a profound shift in where the data lives. Organizations traditionally kept most of their data on inexpensive disk-based storage that would become easily overwhelmed. This caused a bottleneck when tens or hundreds of thousands of transactions simultaneously required access to the data. While machine memory, like the RAM in your personal computer, is up to 100,000 times faster than disk, it is also more expensive. Until a few years ago, organizations would only store a limited amount of their data in faster RAM and consign the majority of the data to their slow, disk-based storage.

Due to plummeting prices, however, large organizations can now purchase servers packed with terabytes or more of RAM. IMDM can string together hundreds or thousands of these servers, creating massive in-memory data stores that deliver instant access to virtually all of an organization’s most valuable information. The result is unprecedented gains in processing speeds for very large volumes of data—exactly the kind of speed and data volumes required for real-time fraud detection. Now, potentially fraudulent transactions can be identified instantly.

Behind the scenes, fraud detection applications use this newfound speed to build systems that provide pre-payment fraud detection while learning and adapting from insights gleaned from the most recent data. The system can identify potential vulnerabilities by assessing those fraud schemes that were used historically, are currently in use and are likely to be used in the future. This increased understanding enables the creation of new, smarter analytical models that can instantly detect potentially fraudulent transactions for further evaluation, remediation or adjudication.

Improving Accuracy
Executives in charge of fraud detection deal in probabilities. Like a doctor, every time they make a diagnosis, they run the risk of being wrong. If they have too many false negatives—such as denying transactions that they should have accepted—then customers, like the aforementioned Babies“R”Us couple, get frustrated at having their transactions denied and stop using their card. On the other hand, if they have too many false positives—such as accepting transactions they should have denied—fraud losses mount.

To improve accuracy, fraud detection algorithms must consider as many difficult variables as possible, such as transaction history, purchase patterns, and mobile, social and demographic data. However, traditional payment processing applications were not fast enough to consider more than a dozen or so variables. Using IMDM, fraud detection programs can take thousands of variables into account in a fraction of a second.

But which variables are the most valuable? Are new fraud schemes being used? What are the warning signs? These questions are answered by big data solutions, such as data warehouses and large Hadoop clusters. (Hadoop is open-source software used to run applications on large clusters of commodity hardware.) These systems process hundreds of terabytes of data to discover new insights for inclusion into the fraud detection system.

By using IMDM as a powerful in-memory layer between the transaction processing and the big data solution, the latest rules can be applied to ongoing transactions as they become available from the big data analysis.

The fraud detection system can still operate on hundreds of thousands of transactions per second in real-time—critical to minimize the loss from fraudulent activity—while using the most current rules and information—critical to minimizing false positives and negatives. With IMDM, the system reconciles the real-time processing of the fraud detection system with the slower batch processing of the big data repository.

IMDM is currently being employed by many industries. Retailers are using IMDM to look at purchase histories, likelihoods of jointly sold items and other variables to identify fraudulent orders before they are cleared. The global telecommunications industry—which suffers more than $40 billion in annual fraud loss—is deploying its own IMDM solutions to analyze call records to identify toll call hacking and fraud schemes, which can cost operators hundreds of thousands of dollars within minutes.

Insurance carriers, health care companies and government agencies are also beginning to implement IMDM. The U.S. government pays more than $3 billion annually in fraudulent claims for unemployment alone. Add in social security, disability and other entitlement fraud and there is tremendous potential for savings.

With the globalization of fraud by well-financed criminal organizations, criminals are becoming more sophisticated. Access to big data and computing resources are allowing criminals to monitor the effectiveness of their fraudulent activities and discover new schemes and weaknesses to exploit. On top of that, the virtual criminal organization is often out of reach of law enforcement officials.

As a result, companies need to be just as sophisticated and move just as fast to manage their fraud risk. In-memory data management is one way companies can stay ahead.


More articles by »

About the Author

Scott Camarotti is the national vice president for Software AG North America.


Leave a reply