Combating fraud in the digital world with the support of AI

Issue 7 2021 Information Security

Traditionally, cybersecurity entailed a reactive approach where organisations used learnings from previous compromises to improve their defences. With technology evolving and people embracing the likes of mobile wallets, banking apps and other solutions to manage transactions, businesses must rethink how best to bolster anti-fraud mechanisms. The answer lies in artificial intelligence (AI).

“Since the onset of the Covid-19 pandemic, financial institutions have accelerated their digital transformation programmes. Many customers have embraced using online channels for everything from applying for loans and buying goods, to performing international transfers and other high value transactions. This has seen branch visits and ATM transactions reducing considerably over the past 18-months,” says Marcin Nadolny, head of EMEA Banking and Insurance Fraud at SAS.

However, as customers move to the digital world, so too are fraudsters. Cyber fraud, digital payments fraud, identity theft and employee embezzlement are all on the increase. In fact, the pandemic has seen the fraud and financial crime landscape shifting to become even more technology-driven than in the past. Cybercrime-as-a-service, digital fingerprints for sale, SIM swapping, social engineering, malicious use of AI and digital skimming even when cards are not present are just some of the new styles of attacks to take note of.

Key tools in the battle

Data and analytics have become key tools to combat the surge in financial-related crimes. AI and specifically machine learning, can provide financial institutions with automated algorithms that incorporate a cross-channel view of customer behaviour, help to spot complex fraud trends and reduce false positives in parallel. Information about devices, the geolocation of users and even behavioural biometrics are playing the role of additional fuel for analytics.

“In the current fast-moving world, models require the right data to spot fraud, but also models should be adaptive, that means being able to adjust automatically and to catch constantly changing behaviours. Dynamic behavioural profiles and adaptive machine-learning ensures organisations always stay up-to-date with changing fraud trends.” adds Nadolny.

Grozdana Maric, head of CEMEA Fraud and Security Intelligence at SAS, agrees that fraud detection and investigation can be significantly supported by AI and machine-learning technologies.

“Fraud risk is escalating for financial institutions and other business. Using the technology and analytics to address all types of fraud becomes an increasing need, allowing for more sophisticated detection and investigation methods, reduced costs and increased efficiencies,” she says.

Real-time decisions

Sophisticated analytics techniques provide businesses with a significant advantage to manage and control fraud losses in real-time, reduce the number of false positives and to enhance overall investigation. Instead of simply reacting to past information, machine-learning delivers a forward-looking advantage.

“But this does not mean introducing more authentication. Instead, it is about incorporating stronger authentication into the environment. Admittedly, it is becoming more complex to authenticate users without causing delay in the convenience consumers are seeking from digital channels. Things like 3D Secure authentication, one-time passwords, biometric security measures and tokens can all be considered to increase security without impeding the flow of the customer experience,” says Maric.

An additional advantage of using AI and machine-learning is that decisions whether to approve or deny payments are no longer purely based on amount, time, data and merchant. Systems are ‘trained’ to look at what the usual customer behaviour is. If a transaction differs significantly, such as small-value purchases from places the person has not been, or banking through a new device, it automatically gets flagged on the system. And because the decisions are AI-driven, decisions to stop transactions happen in milliseconds in time to approve or decline a payment.

“Today, fraud detection entails a comprehensive approach to match data points with activities to find what is abnormal. Fraudsters have developed sophisticated tactics, so it is essential to stay on top of these changing approaches of gaming the system. The fraud detection and prevention technology chosen should be able to learn from complex data patterns. It should use sophisticated decision models to better manage false positives and detect network relationships to see an holistic view of the activity of fraudsters and criminals,” says Maric. “Combining machine-learning methods – including deep learning neural networks, random forests and support vector machines – as well as proven methods, like logistic regression, has proven to be far more accurate and effective than approaches based only on rules.”

The importance of connections and interactions

Building from here, exploring connections and interactions between people to catch more fraud becomes increasingly important in the connected landscape. Through this network analytics driven by AI and machine-learning, organisations can better identify suspicious communities, organised crime groups, collusion between employees and customers and even direct and indirect links to known fraud cases.

“Business and governments alike have embraced technologies like data visualisation and AI to greatly reduce and even prevent the economical and reputational repercussions of fraud. Analysts and investigators work together, breaking down siloes, scoring and prioritising alerts based on severity, then route high-priority alerts for more in-depth analysis. And while it will take time for more organisations to embrace this, given the severity of digital fraud, they need to do it sooner rather than later,” concludes Nadolny.

More information can be found on SAS for Fraud, AML and Security Intelligence




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Highest increase in global cyberattacks in two years
Information Security News & Events
Check Point Global Research released new data on Q2 2024 cyber-attack trends, noting a 30% global increase in Q2 2024, with Africa experiencing the highest average weekly per organisation.

Read more...
There is a SaaS for everything, but at what cost, especially to SMEs?
Editor's Choice Information Security Security Services & Risk Management
Relying on SaaS platforms presents significant cybersecurity risks as the number of providers in your landscape increases, expanding your attack surface. It is important to assess the strength of the SaaS providers in your chain.

Read more...
Addressing today’s mining challenges: cyber risks beyond IT
Editor's Choice Information Security Mining (Industry)
Despite the mining industry’s operational technology systems being vulnerable to cyberattacks, many decision-makers still see these threats as purely an IT issue, even though a breach could potentially disrupt mining operations.

Read more...
Get proactive with cybersecurity
Information Security
The ability to respond effectively to a cybersecurity breach is critical, but the missing piece of the puzzle is a thorough, proactive evaluation to ascertain weaknesses and identify any hidden threats.

Read more...
How to effectively share household devices
Smart Home Automation Information Security
Sharing electronic devices within a household is unavoidable. South African teens spend over eight hours per day online, making device sharing among family members commonplace. Fortunately, there are methods to guarantee safe usage for everyone.

Read more...
How to securely manage your digital footprint
Information Security Training & Education
Managing your online presence is critical to safeguarding your privacy and security. It is imperative to take a proactive approach, including using robust cybersecurity best practices.

Read more...
The state of code security in 2024
Information Security
The 2024 State of Code Security survey reveals that organisations have continued to shore up application security defences over the last year, according to OpenText Premier Partner iOCO Application Management.

Read more...
What is the level of safety and integrity of the software supply chain?
Information Security IoT & Automation
Organisations are embracing AppSec practices and focusing on their software security posture. However, they highlight that insufficient funding and security resources, plus a disconnect between developers and security teams, remain major roadblocks.

Read more...
Cybercriminals target financial service providers to get at sensitive client data
Information Security
According to Ryan van de Coolwijk, Product Head for cyber at iTOO Special Risks, hackers target financial service providers because they hold sensitive client information that unauthorised individuals could use for fraudulent activities.

Read more...
Fortinet establishes new point-of-presence in South Africa
News & Events Information Security
Fortinet has announced the launch of a new dedicated point-of-presence (POP) in Isando, Johannesburg, to expand the reach and availability of Fortinet Unified SASE for customers across South Africa and southern African countries.

Read more...