Machine learning and behavioral analytics combat an epidemic of phishing, identity theft and account takeovers
Friday, August 6, 2021
By Katherine Heires
Remote work and the technologies enabling it boomed during the pandemic, and fraudsters got busy - exploiting network vulnerabilities, collecting personal and business data, conducting social engineering scams and stealing consumer identities, often with synthetic IDs, to execute account takeovers.
A July Financial Stability Board report made the sobering observation that “while phishing, malware and ransomware are not new, they grew with the spread of the pandemic, from fewer than 5,000 per week in February 2020 to more than 200,000 per week in late April 2021.”
“The fraudsters are crafty, smart, and sophisticated, and they are now operating like regular businesses with organizational structures and annual goals,” says David Mattei, senior analyst at Aite-Novarica Group. Not resting on their laurels, they “keep on finding new holes in the dike every year.”
From his ongoing research, Mattei estimates that fraudsters have inflicted approximately $25 billion in annual losses on financial firms.
Aite-Novarica notes that synthetic identity fraud - where various attributes are combined to create false IDs that are difficult to detect - is a major problem in the U.S., causing $1.63 billion in losses in 2019 and projected to reach $2.04 billion in 2021.
In online commerce, card-not-present fraud is expected to grow to $7.2 billion, from $5.5 billion in 2019.
Javelin Strategy & Research says that Identity fraud losses in 2020 totaled $56 billion - $13 billion from traditional fraud methods and $43 billion from scams enabling access to personally identifiable information and takeovers of consumer identities.
“It has become crystal clear that consumers are the ultimate juicy target for criminals, who then circle back to use stolen identity information to target the banks,” says John Buzzard, lead fraud and security analyst at Javelin.
New Technology Tools
As a result, financial firms and their risk managers are increasingly receptive to new and innovative approaches to fighting fraud. Among them are application-layer, behavioral and machine learning approaches.
Arkose Labs, for one, has an offering that hits perpetrators where it hurts: their wallets. Its technology assesses risk of online traffic in real time, using a combination of device, network and behavioral intelligence data. It sits on the log-in page or application layer and classifies web traffic as good, suspicious or bad.
Thus, legitimate activity passes through seamlessly, while bots or coordinated human-driven attacks are met with a host of digital challenges that waste the fraudsters' time and money until they abandon their attacks.
Arkose, which counts PayPal, Softbank and Wells Fargo among its investors, said in 2020 it analyzed more than 15 billion sessions, stopping 4.6 billion attacks and wasting 40 million hours of scammers' time.
Being in the application layer “gives us a huge amount of insight and data,” says Arkose founder and CEO Kevin Gosschalk. The signals can be sorted by machine learning and appropriately labeled, with the aim of disrupting the fraud operations and getting them to move on.
Online behavior patterns - some 400 million attributes including how people type and touch their screens and fed into predictive analytics - enable “nuanced anomaly detection” by Neuro-ID, which started as a research initiative at the University of Arizona.
“We need the benefits of these tells and cues” that are very different from the way behaviors were monitored in the pre-digital world, says Neuro-ID CEO Jack Alton. By flagging anomalous behavior in real time - as opposed to relying on historical data that is easier to steal or fake - Neuro-ID users can sort customers, reject bots, increase friction to resist suspicious activity and smooth the way for genuine customers. The latter pass through a welcoming sign-on process, while the fraudulent can be isolated and caught.
Machine learning is being deployed in the anti-fraud battle, even as those advances also become available to the criminal element. Aite-Novarica's Mattei points to Featurespace and Feedzai as examples of machine learning applied to evaluating transactions and end-users. These venture-capital-backed companies compete with longer-established, analytics-rich organizations like FICO and SAS.
“Both Featurespace and Feedzai are now offering account-level solutions that employ biometrics and fraud detection, powered by machine learning, that is a very positive move,” Mattei says. “The more data you have, the smarter you can be in your decision-making, while machine learning is something you really need to have to fight fraud.”
Integration and Orchestration
Ultimately, Mattei adds, it takes a multilayer approach to beat back fraud. This can take the form of a fully integrated suite of solution, or what is known as orchestration hubs. They “take the complexity of all that integration that is required, put it into a single API and give you access to different types of tools and services, allowing you to stay current.”
At LexisNexis Risk Solutions, one orchestration hub source (Experian and TransUnion are others), vice president of fraud and identify management strategy Kimberly Sutherland, explains that its Dynamic Decision Platform coordinates a range of capabilities including those of the flagship ThreatMetrix product. It orchestrates device, behavioral and digital risk assessment; indicates if communication is coming from a human or a machine; and determines at the application stage if consumer data is genuine, spoofed, manipulated or stolen.
The platform can also help financial firms utilize consortium data, or knowledge acquired not from a bank but from hundreds, that can increase visibility of what is normal versus what is abnormal or outlier behavior for a particular consumer.
Sutherland says that the hub facilitates integration of non-LexisNexis products and customized fraud models. The firm has incorporated access to new products through two companies it acquired in 2020: Emailage, which evaluates and scores the validity of email information provided by consumers; and ID Analytics, which provides consumer credit risk and fraud analytics based on one of the largest networks of U.S. consumer behavioral data.
Says Sutherland: “We will be spending a lot of our time looking at how all these different products work together, the added lift that occurs, and how they can make a much stronger risk model.”
Katherine Heires is a freelance business journalist and founder of MediaKat llc.