Pankaj Gupta MBCS looks at the potential of machine learning and artificial intelligence to assist in fraud detection and prevention.

The banking and finance industry has experienced a profound transformation due to the widespread adoption of digital solutions, the explosion of ecommerce options and the evolving expectations of customers. Digital banking and payment solutions have revolutionised the way we manage our finances. Online banking services, mobile payment apps and digital wallets offer convenience, speed and enhanced security in financial transactions.

In this fast-paced and ever-evolving sector, businesses face a range of opportunities — but also many challenges. Digitalisation has profoundly impacted our personal and professional lives, bringing forth convenience, connectivity and efficiency, and opening new avenues for growth. However, it is disheartening that alongside these benefits there has been an unfortunate rise in fraudulent activities, adversely affecting a significant number of individuals. Consequently, organisations are diligently exploring innovative strategies to combat fraud and safeguard their operations.

The historic approach

Fraud continues to pose a persistent challenge for organisations, prompting them to continually explore innovative methods to combat it. In the past, companies heavily relied on manual review processes to identify suspicious activities or transactions. Diligent analysts would meticulously examine transaction logs, customer data, and other pertinent information to uncover potential patterns that could indicate fraudulent behaviour.

Furthermore, data analysis played a pivotal role as companies conducted comprehensive evaluations of extensive datasets to detect anomalies and irregular patterns that might suggest fraudulent activities. Another approach involved the utilisation of rule-based systems, whereby transactions matching pre-established rules or patterns associated with fraudulent behaviour were flagged for further investigation. These rules were typically developed based on historical fraud patterns and recognised indicators of fraudulent activity.

These methods presented numerous challenges. They often tended to misclassify valid transactions as fraudulent (false positives), missed certain instances of fraudulent activity, and struggled to identify new or emerging fraud patterns. The high occurrence of false positives caused inconvenience to customers and had a negative impact on their overall experience, potentially leading to customer dissatisfaction and financial losses for businesses. Additionally, as transaction volumes grew, processing and analysing data in real-time became increasingly complex, resulting in delays in detecting and responding to fraud appropriately.

Unlocking AI and ML potential

To understand how machine learning (ML) and artificial intelligence (AI) help in detecting and preventing fraud, it's essential to grasp the concepts behind them. In simple terms, AI can be considered an umbrella that covers many ways to make computers smart; it includes things like following rules, using expert knowledge, understanding language and recognising and interpreting patterns. Machine learning is one specific way to make computers smart. It uses special algorithms and models to help computers learn from data and get better at doing tasks over time. So, while AI is a big category, ML is a specific technique within it.

Here are some examples of ML as a model to detect fraud:

Creating a purchase profile

Gaining a thorough understanding of a customer's purchasing behaviour is crucial for effectively detecting instances of fraud. Consider a customer who frequently visits a store in the local vicinity and typically spends around £100 on purchases. Weekend evenings are frequently spent at various restaurants, and once a week a purchase of fuel is made. Financial institutions can analyse this data to create a profile based on distinctive purchasing habits and patterns. This classification process facilitates the identification of any unusual or suspicious activities that contradict the usual routine and might indicate potential fraudulent behaviour.

To enable ML systems to recognise such behaviour, they must be trained using extensive amounts of data from past transactions, encompassing both financial and non-financial sources. When transactions are made, the model examines this behaviour to identify any anomalies. For example, if the model observes that an unusual purchase is made, or that an unfamiliar refuelling station is used multiple times in a break from established behaviour, it assesses whether these actions align with established patterns or deviate significantly from the norm. Based on this analysis, the model determines whether such transactions should be flagged as potentially suspicious or fraudulent.

Verification and authentication

ML models can be taught to examine signatures and determine if they are real or fake. They do this by comparing the signature on a document with a database of known real signatures. If the system notices any differences or oddities, it might indicate that the signature is not genuine. Using ML in this way helps organisations to improve their ability to check if signatures are authentic or if detected anomalies might indicate an instance of fraud.

For you

Be part of something bigger, join BCS, The Chartered Institute for IT.

ML models are also used to create ‘fraud scores’, which are ratings that help detect and prevent fraud. They look for patterns and details in the data to understand what normal behaviour looks like and what fraudulent behaviour looks like. These models learn from past data that includes examples of both fraudulent and legitimate activities.

By examining different factors and characteristics of the data, the ML model learns to recognise the signs of fraud. It understands the patterns and clues that indicate when something is not right. This way, it can assign a fraud score to new transactions or activities, indicating the likelihood that they might be fraudulent. The higher the fraud score, the more likely it is that the transaction or activity could be fraudulent.

Phishing and content analysis

An algorithm can examine incoming email and detect certain words, phrases, or attachments that are often found in phishing attempts. It can analyse received emails to check different aspects, such as who sent the email, its contents, the purpose and type of any files attached to it and any links it might contain.

By carrying out such checks, ML algorithms can determine whether an email might legitimate, or part of a phishing attempt targeting an individual or organisation. If suspicious content or activity is detected, such as a fake sender or inclusion of a dangerous link, an email can be flagged for further investigation. And the more emails and documents that are analysed over time, the more sophisticated the detection algorithms become, which improves their capabilities.

In conclusion: remaining vigilant

Of course, while the benefits of AI and ML are increasing from a fraud prevention perspective, its use by malicious actors for fraudulent activities is also increasing. Automating the creation of fraudulent accounts or profiles, for example, across various platforms including social media, enables fraudsters to carry out social engineering attacks and deceive unsuspecting individuals. Additionally, AI and ML can be exploited to analyse patterns in the behaviour of anti-fraud systems, identifying vulnerabilities and adapting their fraudulent activities to evade detection and avoid raising suspicion.

While AI and ML have a significant role to play in beating fraud, it is crucial that organisations remain vigilant and implement robust cybersecurity measures to counteract the misuse of such emerging technologies. This will help to cement their purpose as tools for good.