How AI Fights Financial Fraud

Artificial intelligence has established itself as a cornerstone to deal with attempted payments or fraudulent transfers.

In a few years, machine learning has become common practice in the fight against financial fraud. The tip of the iceberg, electronic payment solutions such as Adyen, Cybersource, Checkout, Hipay or Stripe have developed AIs to meet this challenge. This is also the case of banksparticularly French, which all now rely on algorithms to detect and prevent potential embezzlement in millions of daily transactions.

Upstream in the chain, e-merchants also use AI to block bad payers and only use 3D Secure strong authentication when necessary. Among the technologies they deploy in this field is that of the French Oneytrust. Its Score solution uses machine learning to assess the degree of trust in a transaction. It calculates a level of confidence by correlating several indicators that suggest that one or more operations are out of the ordinary: high frequency of purchases over short periods, use of the same IP adress with many different e-mail addresses, unusual delivery method or place, suspicious identity data…

Track down bad payers

“We are dealing with extremely volatile and versatile operating modes which consist in multiplying random attacks until an exploitable flaw is found”, explains William Ben Chemouil, CEO of Oneytrust. It’s a race against time. “Machine learning determines risk thresholds in milliseconds and thus helps us to quickly determine where to focus our investigations.” After AI, human analysis takes over. “The release of a new product may, for example, generate an influx of buyers. But an abnormally high rate of new customers may in this context hide fraud. This will require checking the operating methods used”, explains William Ben Chemouil.

“We have a database approved by the Cnil, which pools cases of fraud between our e-merchant customers”

In the event of a proven attack, the Oneytrust teams close the door to crooks to dissuade them from continuing their attack. Once the storm has passed, risk scores will be lowered to let consumers live their shopping experience.

Beyond machine learning in the strict sense, Oneytrust also practices transfer learning. “We have a database approved by the Cnil, which pools cases of fraud between our e-merchant customers”, underlines William Ben Chemouil. Result: if an Internet user has defrauded with one, he will be immediately identified as a risky profile with another.

Widespread deployment at Société Générale

As for French banks, Societe Generale distinguished itself by launching a vast AI project in 2015 aimed at detecting embezzlement affecting any type of transfer: instant, mass, open banking (via theAPIs DSP2), Paylib, etc. Called Mosaic, for More Security with Artificial Intelligence, the platform in question is put at the service of individual, professional and corporate customers, both on the Societe Generale side and on the Crédit du Nord side.

Here, the machine learning techniques differ depending on the scenarios. In the event that the customer has had his access data to his banking space stolen by phishing, Mosaic will seek to detect a mode of navigation or unusual types and amounts of operation compared to the history of the latter. “It could be, for example, an access made from abroad a few seconds from a customer connection from France, which is impossible to manage except through a VPN, equipment that we can detect also”, explains Jeremy Le Saint, data project manager for the Mosaic application at Société Générale.

“Based on the behavioral analysis of a customer, our models will be able to identify atypical features that may reveal the presence of the fraudster”

How does Société Générale detect the chairman scam, which consists of a fraudster contacting a company pretending to be the chairman of its parent company, and requesting that an international transfer of an urgent and confidential. In one of its more prosaic variants, the attacker pretends to be a supplier and requests a modification of bank details on the pretext of a change of bank details. “Within a company, a professional has his habits in terms of payment, amount, destination of transactions… Based on the analysis of his behavioral history, our models will be able to identify atypical, recording of one IBAN from another country, for example, who will be able to translate the deception”, indicates Jeremy Le Saint.

Machine learning and expert system

In terms of AI, the Mosaic platform combines its machine learning models with rule-based expert systems. An IBAN already identified as problematic will, for example, be considered as a strong signal, which could go as far as triggering a blocking rule. As for themachine learning, it makes it possible, like the Oneytrust solution, to weight a risk score from weak signals, which taken independently do not pose a problem, but when multiplied on the same transaction indicate a high risk of fraud: a transfer of an exceptional amount, recording of the operation from abroad, etc. Mosaic also uses external data, on companies for example, to refine these analyses. Like Oneytrust, we can imagine that the platform also identifies the user’s machine footprint by collecting the IP address, the type of browser, screen…

Depending on the scenarios, the level of escalation is defined jointly between the data scientists, the business teams in the fight against fraud and the businesses in charge of customer relations. As a result, some Mosaic machine learning models will result in an immediate crash, and others will result in an alert. As for instant payment fraud, Societe Generale claims to be able to detect it in half a second.

We would love to thank the writer of this article for this incredible content

How AI Fights Financial Fraud

Check out our social media profiles and also other related pages