Friday, September 9, 2011
In May 2011, Michaels Stores Inc. reported a network breach that involved about 90 tampered PIN pads in retail locations across 20 states and resulted in the compromise of tens of thousands of cardholder accounts. Cards had been skimmed on the tampered terminals as far back as December 2010.
According to Mike Alford, Managing Director of U.K.-based fraud prevention specialist Alaric International, the Michaels breach would have been detected earlier if the card issuing banks involved had used Alaric's self-learning fraud detection model, called Fractals (short for Fraud Risk Analysis – Creation, Testing and Learning System).
"One of the big advantages of self learning for card issuers is that it greatly increases the chance of stopping a fraud run early, often on the first fraudulent transaction in a run on the card," Alford said. "So the answer is yes, self learning would have enabled card issuers to catch a Michaels-style fraud very early."
In a July 2011 white paper, Alford said the fraud detection rate rises from around 70 percent for a conventional model to 85 to 90 percent using Alaric's self-learning model. According to Alford, a typical fraud model might catch about 40 percent of fraud by recognizing that first transaction is a fraudulent one, while Fractals would catch that first fraudulent transaction approximately 65 percent of the time.
Fractals is more agile and proficient at detecting fraud because of the way the self-learning model is initially "trained," Alford noted. "You take maybe three months of data or six months of data for a given financial institution," he said. "That data will have had fraud transaction marks in it. And what you do is you train the model on that data so that it learns from the data so that it can predict future fraud."
Alford, who is the chief architect of Fractals, said the standard method of rules-based fraud modeling involves the writing of rules that define the parameters for fraud detection; for example, one rule might say that if a transaction value is over $5,000, and the transaction was made in Israel at an electronics store, then an alert is raised.
However, that method typically generates high levels of false positives (legitimate transactions flagged as fraudulent) because static rules do not adequately take into account the fluidity, variability and nuances of fraudulent transactions, he said; it is why the effectiveness of a standard fraud detection system degrades over time, since rules become obsolete as threats evolve.
But after the Fractal model is trained, the model "dynamically self learns on the fly, in real time," Alford said. "You create a baseline model and set it running and you just start processing transactions through it. And as fraud analysts mark transactions as fraudulent, the model takes note of that and self adjusts."
It is that ability to self adjust as fraud changes that sets Fractals apart, according to Alford. Using Fractals, no two issuing bank's fraud systems are the same, as the model adapts to the institution's specific fraud patterns, something that neural networks do not do, according to Alford.
Additionally, if a fraud detection system is based on neural network modeling, it has to be taken off line to be retrained, which could be several days, he said. Such a system is generally retrained every 12 to 18 months, he added.
On the other hand, Fractals is deployed through a point-and-click user interface that allows rules to be "set up, tested and deployed in something like three to four minutes without any programming, coding or scripting being required," Alford said. "So self learning beats writing rules hands down – Fractals can self learn much faster than a fraud analyst can devise a new rule."
Banks have indicated that, as a consequence to the Durbin Amendment to the Dodd-Frank Wall Street Reform and Consumer Protection Act of 2010, they will be shorted debit card interchange revenues they could reinvest in fraud prevention. Alford said Alaric's system would allow financial institutions to maintain their anti-fraud standards in a post-Durbin environment.
"Self learning delivers a major detection performance boost but is delivered as a part of our normal competitively priced Fractals offering. … It is not expensive to implement self learning," Alford said.
He recognizes that Fractals is not perfect, but "it's a heck of a lot better than most other solutions, any other solution I've seen on the market," he noted. "You can't create a system that is going to detect 100 percent of fraud, but we're getting pretty strong results."
Kent Poulson, Chief Operating Officer at American Fork, Utah-based Chargeback Guardian Inc, questioned whether self learning is any different from other fraud detection methods when it comes to major shifts in fraud. "The problem you run into is, now that you've got this self learning, what if there's all of a sudden a change in the market?" he said. "Now you've got all these things that are happening. … Now you have to reset it and start from zero again if you have a major shift."
Alford responded, saying, "In general, our self-learning approach will recognize emerging fraud patterns unless the new pattern is somehow a strong function of some new variable which has not been used when the model was initially built." In case a Fractals model needs to be retrained, the process is done remotely by Alaric and typically takes a "few hours," he added.
Self learning is a form of artificial intelligence (AI). On the AI continuum, it's at the practical end of the curve, according to Tim Cranny, Chief Executive Officer at Panoptic Security Inc. He considers Alaric's statistics for the effectiveness of its Fractals system to be an improvement over rules-based approaches. But he cautioned against overstating self learning.
"This is a smart idea, useful," Cranny said. "But it's an incremental improvement of what people were doing before." Despite that caveat, he recognizes the value of even a small advancement in fraud detection, stating, "Particularly when you're talking about the volume of transactions that we're looking at, even an incremental improvement can be wildly worth doing financially."
The goal in fraud detection and prevention is to find the best way to combine the insight of the human being with the speed of the computer. "It's to capture in a computer the insights and the rules that the human is using and … then execute at computer speed to apply that to a million transactions a minute," Cranny said.
The Green Sheet Inc. is now a proud affiliate of Bankcard Life, a premier community that provides industry-leading training and resources for payment professionals. Click here for more information.
Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.