Page 38 - Security Today, September 2020
P. 38
“For financial institutions, getting the balance right between identifying genuine payments and creating a frictionless customer experience is key.”
stretched staff, such as call center and support departments, and introducing more friction for the customer, these non-financial transaction scenarios — and thousands like them — need to be digitized, automated and contextualized wherever possible. This is a complex challenge, but getting it right promises to provide an additional layer of competitive differentiation for financial institutions. It opens the opportunity to provide greater fraud coverage and more seamless experiences that can be applied con- sistently to an organization’s entire customer base, all without additional headcount in either the fraud department or service centers.
Yet to be truly effective in the fight against fraud, machine learning solutions must be agile enough to be developed, tested, deployed and updated, as either new threats emerge, or as exist- ing ones become better understood. And access to an industry-, region- or market-wide view of possible threats – not just an in- ternal one – is essential. It improves the decision-making perfor- mance as the “machine” interacts with more data patterns.
DEMOCRATIZING ACCESS TO MACHINE LEARNING
By enabling non-specialists to build, test and deploy machine learning models in minutes, financial institutions can democratize access to the technology. This can be done by abstracting away the complex math that lies behind these models and replacing it with intuitive interfaces that enable drag and drop model build- ing using the ‘features’ of fraud as building blocks. In bringing machine learning to an organization’s in-house data and in-house fraud expertise – as opposed to taking that data and expertise to a machine learning specialist – financial institutions can accelerate the time to market of fraud-fighting applications.
As financial institutions become aware of new fraud risks, ad- ditional features can easily be added to the models and the weight of evidence scoring adjusted accordingly, to ensure banks’ de- fenses keep pace with emerging risks. This can even take place au- tomatically, through adaptive machine learning, where the tech- nology responds to analyst-applied ‘markers’ for potential fraud.
Transforming the way financial institutions use machine learn- ing (by allowing them to adopt a business-led approach) offers greater ownership and control of their fraud detection strategy. It empowers them to act self-sufficiently without the costs, risks and time associated with the involvement of third parties in artificial intelligence implementations, and – importantly for compliance – it promotes better accountability of the solution’s outcomes.
THE POWER OF SHARED INTELLIGENCE
Individual banks already have access to a wealth of data with which to develop machine learning solutions for fraud detection and prevention.
However, when that data is shared across institutions, it has the potential to create a complex and varied intelligence network that can introduce more context to every machine learning deci- sion, exponentially increasing its effectiveness.
This ‘shared intelligence’ empowers unprecedented collabora- tion in the fight against fraud. By harnessing the power of the com-
munity to increase threat visibility and distributing enhanced de- tection and prevention capabilities back through the community, it creates a powerful jurisdiction- or network-level deterrent to fraud.
Shared Intelligence takes the features of machine learning models deployed by participating organizations and sends them out to a central repository in metadata format. That could be a central infrastructure (CI) or an organization to which the par- ticipating financial institutions belong (either as members or con- nections), where they can be tested against the community view for their effectiveness.
These features are then made available to the rest of the com- munity for members to aggregate with their own models or to build upon as needed.
Unlike a consortium approach, which over-emphasizes its largest members’ experiences of fraud, members can access the benefits of a Shared Intelligence community on their terms. The biggest contributor doesn’t rule the community models and risk scoring criteria.
Thanks to its power to improve the detection of emerging threats through a scaled-up ‘early-heads-up’ approach to feature calculation and contribution, Shared Intelligence is set to be a game changer in the use of machine learning to fight payments fraud.
SHARED INTELLIGENCE IS SHARED COMPLIANCE
The Shared Intelligence approach has the added benefit of allow- ing regulators and CI owners to understand the wider fraud environ- ment with precision, empowering them to act on new and emerging threats before clusters become endemic financial crime risks. Trends specific to organizations can be tracked and understood at any level required by a regulator, enhancing efforts to combat fraud beyond payments, such as money laundering or identity theft. Further, CI’s can choose to prescribe both the contributing data and time periods to ensure data consistency across the intelligence network.
This can reduce the costs of compliance too for member orga- nizations. First, it resolves the burden and regulatory risks for at- tempting to extrapolate and submit data externally. Second, if a CI mandates that organizations deploy a particular model, that model can be easily distributed and then run concurrently with their own models. Indeed, an unlimited number of models can be run and tested side by side, on live data without the risk of hindering per- formance. Suddenly, intelligence sharing to mitigate fraud using ma- chine learning becomes easy with the use of a democratized method.
THE NEXT FRONTIER IN CUSTOMER CENTRICITY
Machine learning allows banks to truly build their payments risk management strategy around the customer, and not around their own channels or other organizational factors that may have little bearing on the customer’s needs. It also serves to ensure that specialist resources like fraud analysts are free to focus only on the activity that’s deemed the highest risk and therefore the highest pri- ority, which machines cannot — and should not — be left to handle.
Machine learning improves the application of payments risk management frameworks and policies to boost risk mitigation (both in terms of fraud and reputational risks) and enhance com- pliance. It forces organizations to clearly define what their policies are, and the practical steps required to enforce
them. And by removing the need for human intervention in the majority of cases, rules and procedures will rarely be bypassed since ma- chines will always follow rules.
Damon Madden is a banking cyber security expert at ACI worldwide.
38
0920 | SECURITY TODAY
MACHINE LEARNING