For many, it comes as no surprise that increased digital adoption has enabled new forms of fraudulent activity as adversaries become increasingly hungry for their next target. With this, fraud continues to be a growing risk for businesses all year long, but especially during a time of economic downturn. According to one report, the total cost of ecommerce fraud to merchants will exceed $48 billion globally in 2023, from just over $41 billion in 2022.
Why is this happening? Because fraudsters are becoming more sophisticated and have more opportunities as the ever-growing ecommerce boom drives waves of shoppers online.
According to a recent survey by PYMNTS, 59% of financial institutions experienced an increase in overall fraud rates in the past year. Digital payments misuse accounted for 21% of the total number of fraudulent transactions. Fraud resulting from relationship, product and service scams combined represented 22% of total fraud. Fraudsters especially targeted credit cards, with nearly two-thirds of financial companies reporting an increase in fraud attacks using them, according to the report.
Incidents of identity theft and related fraud rose nationwide in 2021, according to the FTC. Fraud complaints increased 19% and financial losses from fraud rose 77% over the previous year.
Synthetic identity fraud schemes especially have escalated in recent years. In this type of attack, cybercriminals combine legitimate information like social security number, name, phone number and physical address into fraudulent accounts that look and behave like legitimate ones.
Retailers, banks and other businesses are fighting back harder than ever, but they’re finding that traditional methods have become ineffective as fraudsters keep evolving their techniques to remain below the radar.
The problem is that older fraud detection systems built on relational databases weren’t designed to address a new challenge like synthetic identity fraud. They too often miss signs of fraudulent activity, while also providing too many false positives that lead to legitimate customer transactions being declined.
That’s because these systems largely rely on analyzing the behavior of an individual entity, such as a customer, device or company, and finding unusual patterns in that behavior. However, a far more effective way to detect fraud is to go beyond individual account behavior and widen the net with an examination of relationships among groups of entities over time, often while combining information from third-party sources.
Fortunately, newer technologies like graph databases and machine learning do that. They’re powerful weapons in uncovering suspicious patterns of online activity, helping to stop fraud before it can be committed. Using AI and ML technologies are the best tools to attack fraud, with adoption rising. According to the PYMTS report, 71% of financial institutions plan to improve their use of these solutions within the next six to 12 months. Smaller firms are the most likely to be adding new technology in the next six months.
Graph techniques are used to analyze thousands of links among people, phones, bank accounts and other factors — and the crucial relationships among them — to reveal indicators of fraudulent behavior. They are not only helping pinpoint suspicious activity in a sea of data but also providing the tools to explain what’s going on.
Graph analytics involves running mathematical algorithms on a graph database, which differs fundamentally from traditional relational databases. While great for processing transactions, relational databases — despite their name — struggle with relational analysis as the number of connections, or “hops,” between data points mushrooms.
That’s why graph databases are widely used in social media. With the data points as people and the relationships as friends or colleagues, Facebook and LinkedIn build extremely accurate representations of social networks and analyze the data to promote further links. Fraud detection is an ideal use case for graph because it too is fundamentally a relationship problem.
Consider for example a payment via an app such as PayPal, Venmo, Apple Pay or Samsung. A consumer — let’s call them User 1 — creates a new account that is linked to their credit card. As part of the setup and two-factor authentication, they have linked their phone number and their email to the account. With an Apple iPhone 13, User 1 initiates a $500 payment to another account, User 2.
Up to this point, there aren’t any red flags in a traditional financial services fraud detection solution because User 1 is a brand-new user, with a new phone number and email, and none of these have been associated with any fraudulent transactions in the past. Regular analytics does not find anything unusual or suspicious and the payment goes through without being flagged or rejected.
But graph analytics finds a problem. Instantaneous analysis of the history of prior fraudulent transactions reveals that the phone number used to set up User 2’s account once initiated a payment found to be fraudulent because it was funded by a stolen credit card.
This is a complex network of patterns that can be traced and matched, and result in a rejected transaction, if one is combining AI technologies — e.g. self-learning anti-fraud and financial crime technology that offers advanced anti-fraud and compliance features. This augments existing technology to provide financial institutions and their customers the best protection against financial crime and fraud loss.
Graph and machine learning (ML) work together to deliver even better results. According to Juniper Research, “machine learning has become a crucial tool in the fraud detection and prevention arsenal, as it enables payments industry stakeholders to analyze transaction flows in a holistic way, unlocking hidden insights on fraudulent behaviors.”
ML models constantly need to be updated with fresh data and to improve their accuracy. Adding graph features (new data columns) to the ML models can increase the accuracy by 20% to 50%.
In addition, it’s usually not feasible to run ML algorithms directly on live data, because it’s computationally expensive and the data is constantly changing. But ML systems offline can ingest historical data generated from the graph. From this data, patterns can be generated that suggest suspect behavior. The patterns can then be loaded into the graph and run against pattern-matching algorithms to flag suspect activity.
Online fraud is a worsening problem that has widespread impact for businesses and consumers, especially during today’s heightened economic turbulence. But with the right technology, companies have the power to thwart the criminals.
Harry Powell is Head of Industry Solutions of TigerGraph, provider of a leading graph analytics platform. He leads a team composed of both industry subject matter experts and senior analytics professionals focused on key business drivers impacting forward-thinking companies as they operate in a digital and connected world. A graph technology veteran with over 10 years of industry experience, he spent the past four years running the data and analytics business at Jaguar Land Rover, where the team contributed $800 million profit over four years. At JLR he was an early adopter of TigerGraph, using a graph database to solve supply chain, manufacturing and purchasing challenges at the height of the COVID shutdown and the semiconductor shortage.