The global pandemic has brought the world, and businesses within it, to their knees. While communities band together to support one another, not everyone is working cohesively for the common good.
Cybercrime has spiked since the novel coronavirus reached pandemic status earlier in 2020, with Checkphish reporting a rise from 400 attacks in February 2020 to almost a quarter of a million in May 2020.
Technology has revolutionised fraud detection departments, adding the ability to handle the scale and sophistication of contemporary attacks, but many approaches to fraud detection still fall flat when it comes down to the high level of accuracy required.
But it is the organisation, not the technology, that will be held legally accountable for the decisions made. Choosing a solution that will deliver a high level of accountability and accuracy in fraud judgements is key. Let’s explore how current approaches to fraud risk management measure up.
The conventional approach
It has become common to adopt basic rules-based approaches to fraud risk management. Basic rules-based systems apply a logical program of sequential parameters. They use these parameters to identify instances of fraud and subsequently perform automated actions.
While a conventional approach in fighting fraud, basic rules come with some frustrating pitfalls (although these are circumvented by intelligent rules-based systems, which are covered below). Basic rules-based systems can be expensive and too rigid to scale instantaneously (when most needed).
The recent surge in advanced fraud cases means basic rules-based systems will struggle to keep pace with the latest techniques by opportunistic fraudsters. More sophisticated fraud solutions are being adopted, as illustrated in a research piece by the Association of Certified Fraud Examiners & SAS, which projected a 200% increase in the use of artificial intelligence (AI) and machine learning to detect fraud.
The adaptive approach
Machine learning can detect sophisticated fraudulent activities across large volumes of data, ‘learning’ to adapt to new, unforeseen threats, while significantly reducing false positives.
Machine learning programs can be classified into two approaches; supervised and unsupervised.
In the supervised machine learning algorithm, you will present it with both fraudulent and non-fraudulent records. This ‘labelled’ data will help it achieve the level of accuracy to produce a data model, which will then predict whether fraud is present when assessing new, unknown fraud cases.
However, supervised learning is unable to scale on-demand to evolving threats. It requires clean data, substantial computation time for training, and a team of data scientists to build, maintain and interpret.
Unsupervised machine learning, on the other hand, is useful for spotting fraudulent patterns where tagged data is not available. This model will work off an unlabelled dataset, with unknown output values mapped with the input. It will create a function that describes the structure of the data and flags anything that doesn’t fit as an anomaly. This ultimately saves time and allows the algorithm to mine at scale without the need for human input.
A major drawback to unsupervised machine learning is its inability to accurately explain its results, due to the input data being unlabelled and unknown. This makes it difficult to adhere to compliance measures or explain why a false positive occurred.
The intelligent approach
Intelligent automation (IA) copies (via a visual model) the knowledge of your fraud experts and applies this knowledge to thousands of cases, while instantaneously providing an audit trail for every decision. This includes its certainty level and every factor that went into making each decision, as well as data sources that were accessed. It also includes all considered variables and the quantitative impact of each, dramatically reducing false positives by omitting bias or inaccuracies in initial data collection.
In contrast to simple rules-based fraud identification tools (like decision trees), the modelling process in intelligent automation allows its decision-making to reflect the ‘greyness’ inherent in fraud, resulting in more reliable outcomes.
It can also handle uncertainties in the dataset. When data is missing or uncertain, intelligent automation will try to find other data to help. If it can’t find supporting data, it is still able to make an inference, which will be presented with reduced certainty. This means that, unlike a fixed rules engine, intelligent automation doesn’t hit a dead end when data isn’t available, or end users are not sure of their answers.
Not only does this system impressively manage scale, deliver a high level of transparency and retain a human-down focus towards data input, the ROI potential of this approach is also a no-brainer. Rainbird has estimated that incorporating IA decision-making into fraud prevention could save UK businesses £7 billion over five years.
What will fraud detection look like post-COVID?
Ultimately, fraud detection and prevention systems that can deliver a high level of accuracy will:
- Reason like human experts do,
- Scale to deal with surges in threats,
- Provide evidence for each decision made
- Be able to handle uncertainty
When all these elements are present, you will possess a fraud risk management system that will greatly reduce user friction (caused by false positives) and keep you compliant (thanks to complete transparency).
Unfortunately, COVID-19 won’t be the last widespread crisis we will have to deal with. With climate change and the risk of future pandemics looming, choosing the right approach is not a matter of preference.
To learn more about how intelligent automation fights fraud, watch our on-demand webinar.