Machine learning has changed the way we fight fraud, yet, no matter how sophisticated your decision-making engine is, ML has resulted in a new challenge: a black box. This black box doesn’t tell us WHY a decision was made, which had resulted in other challenges in fraud prevention and drains on internal resources.
Thinking outside the (black) box
For fraud prevention to work, a simple response isn’t enough; fraud analysts need understanding and insights into the decision-making process. When we understand why a decision was made, e.g. which data points had more weight on the decision, which were not considered at all, we can optimise models to make them even more accurate and effective.
But it’s more than that. Other questions arise, what other insights can we gain from this data? What more is there to be learnt about the customer or fraudster’s journey? That's where data visibility comes in.
Data visibility empowers your teams
It’s not just fraud analysts that face challenges of the back box. There are other stakeholders who are limited by the lack of context to the alerts and other prevention methods:
Reviewing an ML’s model’s output is problematic for analysts because while they are responsible for the decisions, it’s not always clear why certain sessions were flagged, and others weren’t;
Merchants rely on manual reviews to make final decisions about whether to accept the ML model’s response or to overrule it and although they have access to the data used, they don’t know HOW it was used;
When faced with a chargeback, having the visibility into both past transactions and the data used to approve the payment is essential to determining the legitimacy of that payment.
Data visibility enables ALL stakeholders to see what this data represents. Grey boxing is the perfect approach to understanding the data processed by the ML model, and the data points this model considered.
Indicators give context to decision making
Data scientists and algorithms engineers rely on several techniques and algorithms to evaluate and research ML models. These algorithms can tell them how it weighed different data points and how this impacted the overall response.
Our team embedded these algorithms into our product to create a powerful tool that provides visibility into the outcome of our decision-making models. This approach allows us to go further than simply understanding how a session or transaction was scored, we can see why these particular indicators (data points) were used and which contributed to the decision the most.
Image 1 above depicts a session flagged by our bot detection model as showing non-human behaviours and activities. The ★ indicators – the most impactful indicators – outline that anomalies in the mouse activity (see ‘Behavioural Indicators’) combined with the fact that the session originates from a data center (see ‘Network Indicators’) contributed to the model’s decision that the user is a bot.
Taking visibility to another level: understanding the user journey
We know that fraudsters are not exploiting gaps in your security barriers, rather gaps in your business models. Another feature in our tool, the ‘session timeline’, uses behavioural data to give a whole new perspective and understanding from which to visualise the user journey: showing actions in the order that they took place, where and when they occurred. By uncovering the exact actions taking place throughout the user session, we can identify WHY the decision was made and the behavioural patterns led to this decision.
Image 2 below illustrates a session on a mobile app where the user navigated directly to the referral programme page and then immediately logged out. Seeing the data in this format allows you to see the actions from the fraudster’s point of view, understand why he is doing it and what business vulnerability is being taken advantage of. Although this behaviour is suspicious when looking at a single session, imagine if this behavioural pattern suddenly repeated itself over and over again. It definitely correlates with fraudulent activity. Once you have these types of insights, closing these gaps is much easier.
Data visibility leads to data enrichment
There is no doubt that machine learning has given us superior detection capabilities yet it’s clear that the data used can give us more. While the black box has created some challenges, grey boxing and other approaches give us the tools to extract even more very valuable juice from the data.
This juice gives so much more power to fraud prevention. Data visibility provides an additional data source that, regardless of the approach, from in-house decision-making engines to external fraud management, enriches and optimises decision-making models.
Using Behavioral Data Enrichment to Significantly Reduce Payment Fraud – Access the recording here.
About Ran Wasserman
Ran brings 15+ years of experience in software development and cybersecurity, from IAF’s elite computing unit as a developer and team leader, to IMPERVA where he held several development and management positions, focusing on web security and the WAF product. As CTO, he leads the research and delivery of SecuredTouch’s cutting edge fraud solutions. He is based in Tel Aviv, Israel. Ran holds a B.Sc. in computer science from the Academic College of Tel Aviv and an MBA from Tel Aviv University.
About SecuredTouch
SecuredTouch provides real-time, adaptive fraud detection throughout the customer journey to detect fraud early, with proven ROI from day 1. Solutions ensure accurate risk-based prevention for multiple use cases including account takeover, bots, credit card fraud, and no-transaction fraud such as loyalty program and referral fraud. SecuredTouch customers benefit from reduced overall fraud losses while maintaining a smooth customer experience.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now