It is no secret that with each passing day, AI is increasingly becoming a part of our everyday lives. It radically changes not only simple everyday operations but also more complex ones. I want to share my experience of how a simple anti-fraud system has evolved from a decision-making system by bank employees to an autonomous decision-making system using AI. I will mainly focus on phishing and skimming since they are the easiest to understand.
What is anti-fraud?
ChatGPT provides the following definition
Antifraud is a set of measures and methods aimed at preventing, detecting, and combating financial fraud. It involves the use of specialized technologies, analytical tools, and procedures to detect and prevent fraudulent operations, as well as the development of policies and rules that help minimize the risks of fraud. The goal of anti-fraud is to protect against losses associated with fraud and ensure the security of business processes and transactions.
The key focus for businesses is to minimize financial losses. Let's take a look at an example of phishing and understand how anti-fraud systems help in reducing these losses.
According to official statistics, every second banking transaction is fraudulent. Let's assume that the bank conducts operations worth $10,000,000, and half of them are taken by fraudsters. There is a type of attack called a man-in-the-middle attack. But who says we can't use this type of attack in defense? Let's see how it works and what we can propose.
Training
If the system is being built from scratch, we need to obtain transaction traffic. The simplest way is to use some message broker. In our example, we are working with Kafka. Any anti-fraud system receives one of three decisions:
-
Green - Allow
-
Yellow - Review
-
Red - Deny
Now we can divide the task into two parts: an incident analysis interface and a decision-making system.
The first part is straightforward. In the initial step, we can send all transactions directly to the Review status because our system is not fully ready. Thus, while we are developing the second part of the system, we can accumulate a knowledge base that can be generated by employees who make decisions on incidents. On the interface, it will be sufficient to display attributes obtained from the banking transaction (transaction history, browser or phone information, location, etc.).
Let's move on to the most interesting part - the mathematical model.
How it used to be and what now?
Quite a few popular systems were built on a simple IF-ELSE principle + weight. IBM has a convenient tool for this called Drools. We set up a clear system of rules based on history, input attributes, and the weight assigned to each attribute. Ultimately, we obtain a score based on which decisions are made. It is a flexible and straightforward solution, but such a system can be easily deceived. If a fraudster understands which attributes are most significant and manipulates historical data and proxy operations, they can achieve their desired outcome. This leads us to more powerful decision-making methods. Let me provide an example based on the Nelder-Mead multidimensional optimization method.
Let's imagine a coordinate plane where our solution is located far away. To reach it, we need to move by computing our attributes. The great advantage of the Nelder-Mead method is that it is based on simpler one-dimensional optimization methods, such as golden section search, and it can be easily parallelized. All we need to do is define the search stopping zone. However, there are drawbacks too: we cannot build a hierarchy of attributes with dependencies for a more accurate approach.
This is where neural networks can help us by incorporating more complex combinations of computations. We have the data source, previous work with weights, a history of the simpler system's operation, and an employee's benchmark solution. We have a green light to implement a neural network.
What do we ultimately achieve?
By investing $1,000,000 in development, we enable the reduction of financial losses in banking operations. As a result, the overall financial losses for the bank will be significantly lower.
Additionally, this development cost is incurred only once, as subsequent efforts will primarily focus on support and expanding functionality, which does not require a large number of developers.
In this article, I have described what anti-fraud is, how it can be implemented in a banking system, and the benefits it brings.