As payment technologies become more secure and sophisticated, so do the techniques used to break them and steal money. Introduction of Europay, Mastercard and Visa cards (EMV), regulations for e-commerce websites like GDPR and PCI-DSS and contactless payments over smartphones have gone a long way to enhance the security in retail payments.
However, fraudsters are finding new tactics to hack into these advanced payment technologies. Therefore, fraud detection and prevention systems need to be continuously upgraded to keep up with new payment technologies as well as the new methods used to perpetrate fraud. In this article, we will focus specifically on how AI is used to prevent threats due to payment frauds.
Over the years fraud detection mechanisms have evolved from simple rule engine based systems to predictive analytics and now to those that harvest the power of data to identify patterns and detect fraud using Artificial Intelligence (AI) and machine learning. Rule engines and predictive analytics may have been sufficient when there were not many modes of conducting payment transactions. The data to be analysed involved a check on no more than 10 to 20 data points. The results provided by these systems were also usually not in real-time but after the fraudulent activity has taken place. However real-time payments can now be made from anywhere in the world using a variety of cards, mobiles, desktops and channels like mobile money and FinTech providers.
The data available from each of these modes is different and could involve factors like location, IP addresses, engagement patterns, authentication mechanisms etc which may be analysed to detect fraud. A robust fraud detection system should be able to analyse this humongous data from various sources, identify patterns and anomalies to detect fraud as the transaction takes place. This is where AI and machine learning techniques are being used to detect and prevent fraud effectively. Visa recently announced that it saved $25 Billion in fraud using artificial intelligence. The salient features of Visa’s AI platform Visa Advanced Authorizations (VAA) are as follows.
- Real-time examination of each transaction using machine learning models which look for fraud indicators based on activities, patterns and over 500 risk attributes.
- Risk scoring based on the examination, where a decision is made to either approve or decline the transaction or flag it for a follow-up
- Ability to identify good transactions and avoid false negatives even when they do not follow a regular pattern
Machine learning models and AI tools typically use a combination of techniques for fraud detection and prevention. Integration of supervised and unsupervised AI models is used to detect anomalies. In a supervised model, the system is trained using multiple transactions which are tagged as good or bad transactions. For a successfully trained system, it is necessary that the training data used is both voluminous as well as diverse. Unsupervised models, on the other hand, are self-learning AI models that continuously retain to detect anomalous behaviour and transactions. The behaviour of the transaction as a whole is analysed at the granular level based on different factors. Profiles are created, maintained and updated for every individual, merchant, account and device. This information is then used to analyse behaviour during future transactions.
For an AI-based fraud detection system to be effective, it also needs to be fast. The computations required to match patterns and detect anomalies should take place at the speed of light. With the increasing use of ready for tap payments even for high-value transactions, AI-based transaction authorization should be instantaneous in order to successfully prevent fraud while retaining customer satisfaction.
In conclusion, an AI-based tool for fraud detection can go a long way if it is trained with lots of real and diverse data and supervised input for tagging transactions as well as unsupervised learning where manual analysis is not possible. Speed and accuracy of detection are key to the success of the tool.
David Smith is a cryptographer with 12 years of experience in both the public and private sectors. He is currently working on his second startup (currently in stealth mode) that will track and interpret the use of contactless payments in the Greater China region. His expertise includes system design and implementation with contact and contactless smart cards, smart card personalization, mobile payments, and general knowledge and experience with APAC market trends and consumer preferences. David occasionally consults with smart card companies at Cardzgroup.com