How can machine learning protect your fintech app from fraud?
Fraud, its types, unsupervised and supervised ML algorithms.
Which ML apps should you use to prevent fraud?
Which ML apps should you use to prevent fraud?
Fintech can be considered one of the fastest-growing industries. Technologies like machine learning (ML) and artificial intelligence (AI) are now actively used in the fintech industry to evaluate enormous data sets of simultaneous transactions to learn from user behavior and update current anti-fraud models with minimal human input. What's more crucial is that ML techniques can prevent fraud and strengthen security — in real-time.
Fraud and its types
Banks and other financial institutions have a responsibility to their customers to protect their data and money from fraud. Lately, this has become more and more challenging because customers can access their accounts through multiple channels. This multichannel adoption raises a crucial issue — how do you verify that the person logging into an online bank account is the legitimate account owner?
The number of stolen credentials available to scammers is mind-blowing. According to Forbes, over 15 billion stolen credentials are being sold on the dark web. Scammers use a vast variety of fraud practices to fool users to reveal their credentials. While the methods used by scammers are better known nowadays, it is still quite complicated to oppose them.
Let us explain the most common fraud practices used to provide more clarification:
Malware. Malware, short for "malicious software", is a broad term that describes a variety of software, including viruses, ransomware, spyware, etc. Malware penetrates computer equipment by means of copying, distorting, deleting, or substituting information to disrupt the computer or steal the user's personal data.
Ransomware. Ransomware is a type of malware that encrypts the local files on an infected device. Usually, scammers will demand payment or some kind of ransom by threatening to publish the victim's personal data or perpetually block access to it.
DoS. DoS, short for Denial of Service Attack, aims to overload the computing resources of a website in order to cause it to crash. Using thousands of servers simultaneously, a hacker can make his botnet penetrate your computer through spam. One way of doing this is by repeatedly filling out a feedback form on your website until the website cannot process the flood of requests any longer.
Phishing. Phishing aims to use the employees of a company to extract valuable information. Using an email, SMS, phone call, or another form of communication, a phishing message will attempt to trick the user into revealing information or downloading malware onto their device. This happens if scammers copy the official websites of companies and "sell" services there.
Vishing. Vishing is a type of fraud activity where individuals are tricked over the phone into revealing critical financial or personal information to unauthorized entities or encouraged by scammers to perform certain actions. A vishing attack can be conducted by voice email, smartphone, VoIP (voice over IP), or landline. One example of this is when scammers pretend to be bank employees.
Skimming. Skimming is the practice of using a special card reader to steal card data. Attackers copy all information from the magnetic stripe of the card (holder name, card number, expiration date, CVV and CVC codes).
CNP. CNP, or Card Not Present, uses a stolen credit card account to complete a transaction that does not require a physical card, such as an online purchase on an e-commerce site.
MitM. MitM, short for Man-in-the-Middle Attack, is an attack that occurs when a fraudster intercepts communication between an online service and a client in order to steal information or hijack an online session
The number of stolen credentials available to scammers is mind-blowing. According to Forbes, over 15 billion stolen credentials are being sold on the dark web. Scammers use a vast variety of fraud practices to fool users to reveal their credentials. While the methods used by scammers are better known nowadays, it is still quite complicated to oppose them.
Let us explain the most common fraud practices used to provide more clarification:
Malware. Malware, short for "malicious software", is a broad term that describes a variety of software, including viruses, ransomware, spyware, etc. Malware penetrates computer equipment by means of copying, distorting, deleting, or substituting information to disrupt the computer or steal the user's personal data.
Ransomware. Ransomware is a type of malware that encrypts the local files on an infected device. Usually, scammers will demand payment or some kind of ransom by threatening to publish the victim's personal data or perpetually block access to it.
DoS. DoS, short for Denial of Service Attack, aims to overload the computing resources of a website in order to cause it to crash. Using thousands of servers simultaneously, a hacker can make his botnet penetrate your computer through spam. One way of doing this is by repeatedly filling out a feedback form on your website until the website cannot process the flood of requests any longer.
Phishing. Phishing aims to use the employees of a company to extract valuable information. Using an email, SMS, phone call, or another form of communication, a phishing message will attempt to trick the user into revealing information or downloading malware onto their device. This happens if scammers copy the official websites of companies and "sell" services there.
Vishing. Vishing is a type of fraud activity where individuals are tricked over the phone into revealing critical financial or personal information to unauthorized entities or encouraged by scammers to perform certain actions. A vishing attack can be conducted by voice email, smartphone, VoIP (voice over IP), or landline. One example of this is when scammers pretend to be bank employees.
Skimming. Skimming is the practice of using a special card reader to steal card data. Attackers copy all information from the magnetic stripe of the card (holder name, card number, expiration date, CVV and CVC codes).
CNP. CNP, or Card Not Present, uses a stolen credit card account to complete a transaction that does not require a physical card, such as an online purchase on an e-commerce site.
MitM. MitM, short for Man-in-the-Middle Attack, is an attack that occurs when a fraudster intercepts communication between an online service and a client in order to steal information or hijack an online session
How does machine learning address these issues?
First, we need to understand the two major machine learning types. These are unsupervised and supervised ML algorithms.
Unsupervised ML (such models are called "agents") may be used to detect unusual activity in transactions. During training, we either reward the model or punish it if it makes the right or wrong decisions respectively. This way the model finds patterns in data. These patterns are then used for decision-making.
Supervised ML, on the other hand, includes training a model with labeled historical data. A label represents an answer if a transaction is fraudulent, for example. Providing the model with labeled data helps it to find the patterns we mentioned before. However, the main challenge here is that labeled data needs to be available prior to the deployment of the ML — which is not always the case.
Machine learning algorithms automatically make decisions about events in real-time. They can also make decisions for other types of workflows, such as the type of authentication a financial institution should apply to a transaction and other internal controls. These algorithms can further determine if the strength of the required authentication is associated with risk.
Supervised ML, on the other hand, includes training a model with labeled historical data. A label represents an answer if a transaction is fraudulent, for example. Providing the model with labeled data helps it to find the patterns we mentioned before. However, the main challenge here is that labeled data needs to be available prior to the deployment of the ML — which is not always the case.
Machine learning algorithms automatically make decisions about events in real-time. They can also make decisions for other types of workflows, such as the type of authentication a financial institution should apply to a transaction and other internal controls. These algorithms can further determine if the strength of the required authentication is associated with risk.
Main ML applications to prevent fraud
Any technology that grows in popularity attracts attackers. And for banks, the issue of security is a very sensitive one. Let's summarize what ML solutions can do to protect fintech companies against fraud.
- Anti-fraud
The anti-fraud algorithm is installed within the core of the payment infrastructure, and any payment or other transaction is required to be verified by its classifier. If there is any suspicion, the anti-fraud may recommend additional authentication requirements or mark the risk as high and then block the transaction accordingly.
The system is constantly tuned and updated. The ML generates patterns based on historical data of user behavior in order to make predictions and classify a transaction according to its probability of being a fraud. Therefore, the algorithm gives each transaction one of three possible classifications:
Green or "approved" — fraud is unlikely. For example, when a user pays monthly utility bills, and transactions are for approximately the typical spending amount.
Yellow or "verification required" — there is a possibility of fraud. Such a classification can occur when multiple small and identical amounts go from one account to several other accounts. Or there is a multiple withdrawal of such amounts from the account.
Red or "risk of fraud" — when the user's actions are not typical. A client cashes out a huge amount, while his usual limit was far less. Or when a user from one country pays for purchases in another country with a card issued in a third one. The bank has the right to block the card, in which case the client will receive an SMS notification with instructions on what information is required to confirm the legality of the transaction.
Anti-fraud systems are used to protect monetary transactions and deployed by banks, large stores and payment system providers such as Visa, MasterCard, or PayPal. The use of such systems has become mandatory throughout the world.
Companies constantly retrain the ML models because data is continually changing. For example, after the pandemic, patterns of user activity in online shopping have changed a lot.
- Voice recognizers
Today, in order to pass voice biometrics, fraudsters can play a recording of a person's voice or fake the desired voice using Deepfake technology.
There are different types of attacks that global developers are focusing on. First, attack detection is based on replay. In this type of attack, the scammer obtains a recording of the user's voice and then plays that recording when he tries to hack into the system. Second, detection of attacks based on voice synthesis or transformation. In such an attack, fraudsters use samples of the user's speech and use a cloning or voice transformation system to obtain synthesized speech to hack the biometric system. Most of these systems are also resistant to external noise, such as street or transport and regular voice biometrics can't really capture them.
To identify the speaker's voice and detect fraud, anti-spoofing technology is used. When anti-spoofing is on, the system will detect a fraud attempt and block any interaction accordingly. Neural networks detect differences by examining various features of the sound. Any recording source has its own parameters, its own compression codec, etc., while a regular live conversation does not have any of these. Therefore, what a person cannot "catch", will be easily detected by a neural network. When trying to hack the system using synthesized speech, the difference to the natural voice will be visible at the level of a sound wave. This is how technology tracks a dialogue's illogicality.
- Facial biometrics scanners
In order to successfully block fraud attempts, it is important to supplement facial biometrics with anti-spoofing technologies. One of them is to detect whether the person is real or a mask or photo is shown. In this case, you will have to go through additional identification, for example, look into the phone's camera to recognize your appearance, and only then complete the transaction.
Facial recognition captures, analyzes, and compares patterns based on the person's facial details. The algorithm transforms analog information received when scanning a face into a set of digital information based on the person's facial features, then it runs a matching process to verify if two faces belong to the same person.
Face liveness detection methods use 2D or 3D sensors as well as artificial intelligence to scan a face and compare its texture and motion. These automated systems can be used to identify or check an individual's identity in just a few seconds based on their facial features. They can even do this in the middle of a crowd and within dynamic and unstable environments. With an infrared feature, cameras can also gather thermal information.
Some cameras use response or active detection techniques. The idea is to ask the user to blink intentionally, smile, turn head, nod, make random faces, speak random numbers, and more. Pupil dilation can also be intentionally generated. For instance, to make pupils dilate or constrict, an information screen can suddenly turn darker or brighter.
The most advanced techniques go further and combine these features. They also heavily rely on facial detection algorithms' accuracy to spot alterations such as variations in pose and expression, and remove brightness or background.
- AI document scanner
Some companies use special solutions that can prevent document fraud by means of authenticating MRZ (Machine-readable zone) code. The ML checks the authenticity of the zone and evaluates if the field has been edited or tampered with. The ML system as well can perform checks to identify folded or crumpled edges on the document that might affect their authenticity.
Mostly when AI document Scanning is used to detect fraud, the OCR (Optical Character Recognition) algorithm is applied to read the data from the document and identify any discrepancies with the typography that could indicate that the document has been modified. At the same time, the AI system compares the document against a database of known real documents and checks for all visible forgery marks.
ID document forgery detection deals, in the first place, with image processing. Certain techniques are used to make sense of the visual information that an image carries. CNN models are usually trained to perform this task.
ML models can accurately detect the slightest change in a single pixel. Confirming specific holograms, micro prints and rainbow prints, AI-based document verification solutions have the ability to detect any changes or tempering in these holograms and rainbow prints as well as use microprinting for an additional security layer to prevent fraud.
Conclusion
There are already a lot of cases where artificial intelligence-based solutions optimize customer service in fintech, and also help to take care of security.
To strengthen payment protection, it is wise to consider integrating AI and machine learning into a brand's fraud protection system. Using a combination of ML and other AI methodologies, companies can implement a system that effectively detects and tracks mobile fraud-related patterns. Ultimately, this can help to protect customers from malicious attacks and increase trust in your company's brand.
To strengthen payment protection, it is wise to consider integrating AI and machine learning into a brand's fraud protection system. Using a combination of ML and other AI methodologies, companies can implement a system that effectively detects and tracks mobile fraud-related patterns. Ultimately, this can help to protect customers from malicious attacks and increase trust in your company's brand.
See also