Skip to content

Using Data to Stop Fraud: The Good, The Bad, and The Ugly

Using data to stop fraud: The Good, The Bad, and The Ugly

When many of us started in the fraud prevention game, we were seeking to detect and prevent “bad” credit card transactions. We measured ourselves on basis points for losses on credit cards, and compared ourselves against our peers and other territories to see how we were going.

Nowadays, many fraud managers are responsible for credit cards, debit cards, proprietary cards, mobile banking transfers, Internet banking transfers - the list goes on. As we get more clever analyzing these transactions, we beg our IT departments for more information so that we can utilize more events such as logons, password changes, phone number changes and additions in our fraud prevention strategies. We also want to incorporate data like scores from malware tools, click stream analysis, and device footprints, to name a few.

All of the events that we now receive for analysis means that our percentage of fraudulent transactions (transactions meaning both financial and non-financial events) has actually gone down. But of course, our losses are not necessarily going away, just moving channels and changing identity.

So, how do we find the proverbial needle in the haystack? The days of alerting for “whitegoods purchase, 2am, foreign country” are long gone. We need to remove as many as possible of these “good” transactions from our pool of data, allowing us to focus in on anomalies that will now be more evident. This is where profiling comes in. Simple methods such as identifying that the customer is logging in to a banking site from the same IP address, with the same device’s footprint, as per their profile. Great. We know them. Remove from further analysis. In other words, remove these good transactions so that we have fewer transactions to sort through while looking for those bad transactions. We might alert when we see a transaction from a small Pacific Island country, but not if we can see that the customer is a frequent visitor. Profiling can take many forms – we can not only profile the customer as an entity; we can profile their individual accounts. 

We can also profile the instruments that are used – a financial institution’s debit card product will have entirely different characteristics to that institution’s premium credit card product. We can profile individual merchants and we can profile the merchant’s peer group.  Or we can go more granular, and profile individual merchants terminals. Of course, a certain amount of fraud will always slip though; that’s the nature of the beast. But reducing the amount of data you need to analyze will almost certainly make those bad transactions more evident and benefit your fraud prevention and detection strategy going forward.

Oh, and the ugly? There is always something that we haven’t thought of or seen before and just don’t have our defenses ready – SIM swap anyone?