No digitalization without risks How to equip your organization against the new fraud threads? Frédéric Hennequin Senior Solution Specialist Fraud & Compliance
Agenda SAS Introduction Online Fraud in Belgium & Europe Impact of PSD II on Online Fraud Adapted approach for fraud detection Questions & Answers
SAS Introduction
Some key figures
Online Fraud in Belgium & Europe
Online Fraud in Belgium and Europe Recent figures Online fraud is growing and spreads rapidly. The main reasons for the growth of fraud are the fast-growing e-commerce market, the increasing flows in online channels and the increase in mobile payments. % of fraud tentatives 1 Number of frauds within online banking² 2000 1500 1000 1,39 % 1,49 % 2014 2015 500 0 2011 2012 2013 2014 2015 2016 1. Source : ACI Worldwide 2. Source : https://www.safeinternetbanking.be/en/figures/cases-fraud
Online Fraud in Belgium and Europe Constantly evolving modus operandi Fraud takes many forms. It evolves over time. Every flaw is exploited by fraudsters. Fraud is a constant threat for banks and fintechs. The main difficulty is to detect and react quickly.
Impact of PSD II on Online Fraud
PSD 2 & Instant Payments Understand the context Increase the security Limit customer friction Processing within 10 seconds (max. tolerance: 20 seconds) Customer credited immediately Irrevocable Available 24/7/365 Cannot exceed 15.000 euros (2018) Possibility of transaction in 34 SEPA countries
Impact of PSD II on Online Fraud Improving security and reducing fraud Minimize the exposure of data at risk: limit the collection, routing and multiplication of payment data Monitor all fraud & transactions with dynamic detection systems (based on rules and anomalies) and process, detect & block them in a relevant time window Exempt low risk transactions from the SCA («Strong Customer Authentication»): Payments to trusted beneficiaries Me-to-me payments Small payments Transaction-Risk Analysis: Categorize transactions according to their low / medium / high risk profile Audit & control: ensure transparency of the rules in place
Adapted approach for fraud detection
Adapted approach for fraud detection What data are available? Gate 1 Device Gate 2 Navigation / Session Gate 3 Channel Gate 4 Multichannel Gate 5 Network Analysis Secured Internet browsers Material generating single usercodes 2 & 3 Factor Authentication Device «DNA» Behavior during navigation Comparison with fraudster profiles Monitor the usage of the back account by the customer Identification of suspicious transactions Cross channel customer s activity (mail, ATM, phone, etc.) Non-financial events (change of address, credit card limit change, etc.) Identification of networks connecting clients, accounts, devices, IP addresses, etc. Biometrics Strong negative impact on customer experience
Detection logic «End-to-end» approach Data Detection Investigation Reporting Structured and unstructured data Batch or real-time processing Data cleansing, quality & integration Entity resolution Detection at different levels (transaction, entity, network) Hybrid approach : Business Rules Anomaly Detection Machine learning Automated alert generation Advanced & flexible ranking Alert triage & qualification Case management Investigation traceability Easy to use web-based interface Monitor each step of the process Workflow analysis Full reporting capabilities Discover new modus operandi Simulation & testing of new detection methods Datalab Accelerate design & continuous improvement of the detection logic Analyze the detection performance
Detection logic «Step-by-step» approach 4- Machine Learning Leverage the expertise of Data Scientists Significantly increase the fraud detection rate Keep false positives to an absolute minimum Making the most of the solution to fight fraud Add possibly cross channel data Step 2 3- Detection Rules Focus on what the customer has done in the past Proven business rules to detect fraudulent transactions Combine transaction and session data (IP address, page navigation, etc.) 2- Whitelisting Eliminate transactions that cannot be fraudulent Minimize the amount of required data Step 1 1- Data Collection Easily collect any type of data Discover new modus operandi Better understanding about ongoing attacks Dashboards and reporting
Detection logic Analytics as the heart of the action Discover Deploy Data
350 transactions/s 0,01 % alert level 95 % detected > 85 % whitelisted 1 % alert level 100 % detected
Project findings Benefits Improved detection of fraud cases «We see that the number of alerts have been halved whilst maintaining the same detection rate.» Improved investigation «The quality of the alerts is better than with the previous system.» Agility to adapt to new fraud cases Analysis and simulation capabilities on production data Put fraud detection rules into production from D+1 to M+2 compared to M+6 with the previous system Optimized reporting & governance «We have very quickly highlighted the capacity to make an anti-fraud governance platform available.»
Questions & Answers
FRÉDÉRIC HENNEQUIN frederic.hennequin@sas.com +32 477 82 28 01 fredhennequin