Bringing Fraud Detection Into The 21st Century

Fraud has become a “Whac-a-Mole” game – when fraud is whacked in one area, it pops up in another, says Stephen Ryan, Senior Vice President of Business Development at Brighterion. One of the reasons why fraud solutions on the market today aren’t effective is that they seem to be stuck in the ‘80s, and fraud tactics have evolved beyond their capabilities. In a recent interview, Ryan told MPD CEO Karen Webster why the world of payments needs real-time, self-learning fraud detection technologies to make any sort of advancement on the brutal fraud battlefield.

KW: There are lots of ways we can use big data, and that’s a concept we talk a lot about in payments. You’ve chosen to focus in on fraud and using data to fight fraud. How do you guys do that, and what makes you different?

SR: You can think of us as a next-generation fraud analytics solution company. Some of the things that set us apart are our 10 different artificial intelligence technologies that we link together, all of which detect fraud in a unique way. We use 10 and a lot of legacy players use only 2-3.

The second thing is our ability to operate in real-time. When fraud happens you need to catch it – it can’t be just be near real-time, or some batch process a day or so later. So that ability to operate in real-time is very important. Third is our ability to profile individual entities, so we’re not grouping accounts together in the case of payments or merchants and putting them in categories. We profile each individual card account number, merchant, and device and that really makes us different from the legacy players. We look for anomalies based on those individual entities.

KW: So why do you use 10 inputs while other players typically use about 8 fewer? Is it that they’re harder to get, and you’ve been able to find a way to mine those data elements?

SR: So Brighterion is about 15 years old now, founded by very smart mathematicians with PhDs in artificial intelligence. So as the market has evolved for artificial intelligence, more artificial intelligence methodologies have been created. A lot of stuff you see in the marketplace today is really 80s technology that has lived for 20-25 years. The new way to do this is to leverage all modern types of artificial intelligence.

KW: So let’s talk about data breaches. Hacks at retailers have become a daily news item, unfortunately. Clearly it’s because there are now so many different ways to get connected to information and more opportunities to compromise those methods, but it really the case that we have more data breaches or are we just hearing more about them because we can identify them sooner?

SR: We do have more data breaches, and I don’t think we hear about all of them, that’s for sure. But we hear about the big ones. And you have to remember that the bad guys are a commercial enterprises today – there are fraud companies now that develop malware but don’t always deploy it. They are more the software developers, but they have a whole ecosystem behind them to host, resell, and distribute their fraud solutions around the world. They’ve gotten quite good at it.

Back in the late ‘90s and early 2000s, it used to be that if you implemented best practices, you could sleep at night without worrying about the bad guys. Fraud was more of an “if” back then, and now we’ve unfortunately transitioned to a period where fraud is now a “when.” Even though you can deploy a layered defense, the bad guys are smart. That’s why fraud detection is so important, so that we can identify it as soon as possible and shut it down.

KW: That’s a very good point. This is a business, and when you have the business of cyber crime and people are invested in that business, they’re not just going to give up because there’s another tool in the market that makes their job harder. I think that’s an important point. But if that’s really the case, why are so many organizations relying on ‘80s technology to solve a problem that is even more advanced than what we recognize it to be?

SR: That’s a good question. There’s not a good reason why they’re relying on it, but if you look at most of the solutions for detecting fraud today, they’re based on legacy technologies and don’t operate in real time. They’re just not good enough for the way malware operate today – it changes everyday. The ability to detect fraud in real-time is necessary. Also, Brighterion’s fraud detection models are updated in real-time so that we don’t have to stop and rebuild them every few months like other players do. Our models today are constantly learning every day.

When we originally set up a fraud model for a client, we take a set of history from a period of time and we are able to create the models based on past fraud scenerios. Then once we deploy that fraud detection model, anytime fraud does get through – and there’s new fraud everyday – we feed that back in to the models in real-time, and the model adjusts itself and learns. That constant learning of fraud models is really the key to world class real-time fraud detection.

KW: So real-time is a word we throw around a lot in payments. What does real-time truly mean from the Brighterion perspective, and how does that help you separate real fraud from something that may just be a little out of pattern for a cardholder but not really fraudulent?

SR: For us, real-time is while the transaction is actually being conducted. In the case of payments with authorizations, we have clients today where we actually sit in the authorization flow, and we’re able to score the transaction in less than 10 milliseconds. We’re not adding latency to the transaction, and by the time the issuer downstream sees it, and either approves or disapproves it, we’ve already put the score on the authorization message so they get it in real-time. Those are the same fraud models that are constantly learning – so the model we had yesterday is probably a little smarter today, and will be even smarter tomorrow.

KW: So that then helps you make decisions about fraud versus something that is just a bit of a different behavior? 

SR: That’s right. Because it’s self-learning, it’s able to improve its detection methods while at the same time reducing false-positives.

For example, we have one customer we ran a proof of concept with, and they gave us two years worth of data as well as the fraud that they had seen during that time, asking us to build our models off of that. They then gave us a year of data without telling us what the fraud was, and based on how we built our models, we analyzed the data and told them how much fraud they had and what type it was. When we ran this initially, we found 4X more fraud than legacy solution had previously found. We also reduced their false positives 11X, another significant improvement.

KW: That’s bottom-line affecting behavior.

SR: Absolutely. There’s two things going on – there’s accurate fraud detection, and there’s improvement of false-positives which otherwise could have been declines. Those declines then are lost transactions, interchange and interest income for the Issuer.

KW: So, speaking of ‘80s technology, we’re moving to EMV in the US, and the experience is typically that fraud moves online in card-not-present instances. That doesn’t always mean that people will be transacting online at their desktops – a consumer can transact online with a merchant in-store. What is the role of Brighterion in helping detect fraud in those situations and mitigating it for those issuers? 

SR: We actually have real experience with this – we have clients in Germany, Brazil and Canada that went through the whole EMV migration. While our products were deployed, we were able to see them behave. It’s sort of the “Whac-a-Mole” game. Fraud never really goes away – it runs down the tunnel for a bit, then pops out another hole. While EMV gets rid of a lot of the typical counterfeit type fraud that you see in magstripe products, once EMV is deployed the fraud moves over to CNP and mobile environments very rapidly. Because Brighterion models were able to see the trends and see new fraud methodologies show up in mobile and CNP, and be able to adjust in real-time, we were able to combat those new fraud scenarios for our clients.

KW: How difficult is it for someone to take advantage of your solution? Is it difficult to integrate with your infrastructure?

SR: No, and that’s probably another huge different between ‘80s technology and and our solutions.  For our products, there’s no requirement for a data warehouse. We can take data in any format and from any source and build additional models. Our model generation is not manual, so when we feed in data to it, we generate models with an automatic utility that we’ve simplified.

We also work with off-the-shelf servers. We’re not using specialized servers, expensive databases to do any of our analysis. We operate pretty much in memory modes on standard servers, which allows us to have incredible response times under 10 milliseconds at the best possible ROI.

KW: I know all implementations are different – but is this a 6-month, 12-month, or 2-month project? Give us a sense of how long it takes.

SR: We have a battle-tested number, and on average, we can be deployed between 4-8 weeks. There’s only 2-3 days of training, our model generation is automated, and because we don’t require a data warehouse, we can get in and out pretty quickly. We have a hosted and on-premise versions, and we have clients using both operating environments today.

KW: I know Brighterion has been around since 2000, and certainly in this business it helps to because you can detect lots of different patterns. What’s the biggest difference in the environment today with respect to payments fraud that you’ve seen over the last decade or so?

SR: Going back to where we started the conversation, fraud was not as well organized 15-20 years ago. Today, it’s organized crime with a whole commercial ecosystem around it. The market has just changed. While Brighterion has a lot of smart mathematicians and scientists working at Brighterion, so do the bad guys. That’s sort of what’s different – this commercial enterprise on the bad guy’s side is what is really keeping the market moving. Just like any legitimate software company, they have an ROI.

So you still have to do the layered defense and best practices, but sooner or later, the bad guys will figure it out and find a way in. When they do, that’s when you need the best fraud detection solution that operates in real-time with self-learning models.

To learn more about Brighterion’s real-time intelligence solutions click the presentation below:

Stephen Ryan – sryan@brighterion.com
Senior Vice President, Business Development, Brighterion

Stephen Ryan has 20+ years of experience in Banking, Payments, and Digital Security. Mr. Ryan is a seasoned executive and serial entrepreneur that has held leadership roles within a major credit card processor, a global payment system, a global bank, an online banking and bill pay provider, and several innovative security start-ups.  Prior to Brighterion, Mr. Ryan held executive roles at Online Resources, First Data, Visa USA, Bank of America, IronKey and Arcot Systems. Most recently, he was the Senior Vice President of Bottomline Technologies responsible for Product Management and Strategy for the Global Banking and Financial Services Group. Mr. Ryan’s expertise includes Strategic Innovation, Business Development, Marketing & Sales, Product Management & Strategy, Channel Development, and overall Global Expansion. Mr. Ryan received a Bachelor of Science degree from Old Dominion University where he majored in Management Information Systems.

To listen to the full podcast, click here.