Previously, we looked at the diversity of AI applications in banking and financial institutions as well as what kinds of obstacles banks will face when adopting Artificial Intelligence. For now, let’s dive into the role of AI in fraud detection and compliance for banks - a topic of interest to many CEOs and CIOs!
What are fraud activities in banks?
A common type of banking fraud is customer account takeover. This is when someone illegally gains access to a victim's bank account using bots. Other examples of
fraud in banking include the use of malicious applications, the use of false identities, money laundering, credit card fraud, and mobile fraud.
Insurance fraud includes premium diversion fraud, which is the embezzlement of insurance premiums, or free churning, which is excessive trading by a stockbroker to maximize commissions. Other forms of insurance fraud include asset diversion, workers' compensation fraud, car accident fraud, stolen or damaged car fraud, and house fire fraud. The motive behind all insurance fraud is financial profits.
Let’s break down the most common types of bank account fraud in order of frequency.
Bank Account Takeover
Bank account takeover, or
ATO as it is known, makes up 42% of all bank fraud according to the aforementioned Financial Crime Report. It happens when someone accesses a bank account without authorization.
Consumers may refer to ATOs as account hacking, but the end results are the same: Someone gains access to the account and mines it for personal information, transfers money to their own account, or gradually drains it of its funds.
Because bank transfers aren’t reversible, unlike card payments, it is extremely challenging to fix the damages caused by ATO fraudsters.
As with all kinds of ATO attacks, bank account ATO happens due to:
-
Phishing: Fraudsters create mass email or SMS campaigns that redirect users to a fake bank login page. They enter their login details and fraudsters steal them. Alternatively, they convince users to send them their login credentials directly.
-
Social engineering: The ever-popular method of getting information directly from users or from the bank. Customer support is increasingly targeted by fraudsters who exploit banks’ desire to improve customer satisfaction.
-
Bought credentials: It is rare for fraudsters to find valid bank account details on the darknet (the original thieves use them first), but the login details can still be used for a variety of nefarious purposes.
-
Cybersecurity vulnerability: Fraud and cybercrime often intersect when it comes to bank account ATOs. Sophisticated criminals will look for unpatched security flaws such as badly deployed cross-site scripting (XSS) or server-side request forgery (SSRF).
-
Credential stuffing: Fraudsters use dedicated software (bots) to automatically test passwords and login combinations until they can enter the account. This is often performed using lists of passwords found on the darknet but it can also be tried at random, via what is called brute force.
Note that all of the above can be combined to improve the chances of success. Since many banks now add 2FA checks, fraudsters will also rely on SIM jacking to take control of someone’s phone number and receive passwords via SMS.
What is fraud detection?
Fraud detection is a set of activities undertaken to prevent money or property from being obtained through false pretenses.
Fraud detection is applied to many industries such as banking or insurance. In banking, fraud may include forging checks or using stolen credit cards. Other forms of fraud may involve exaggerating losses or causing an accident with the sole intent of the payout.
Fraud detection has been done by rules-based calculations which are regularly convoluted and not generally extremely difficult to evade. These strategies risk missing a lot of fraud activities or proceeding to have exorbitant measures of bogus up-sides, where client’s cards get declined because of misidentified and dubious ways of behaving. Customary models are likewise entirely unyielding which is an issue in an application where fraudulent are continually tracking down better approaches to sneak by the radar.
How AI aids in fraud detection
In fraud detection, machine learning is a collection of artificial intelligence (AI) algorithms trained with banks’ historical data to suggest risk rules. Bank can then implement the rules to block or allow certain user actions, such as suspicious logins, identity theft, or fraudulent transactions.
When training the machine learning engine, banks must flag previous cases of fraud and non-fraud to avoid false positives and to improve banks’ risk rules’ precision. The longer the algorithms run, the more accurate the rule suggestions will be.
Techniques for fraud detection and prevention utilizing AI
Fraud data analytics methodologies can be categorized as either statistical data analysis techniques or AI.
-
Statistical parameter calculation, such as averages, quantiles, and performance metrics
-
Regression analysis - estimates relationships between independent variables and a dependent variable
-
Probability distributions and models
-
Data matching - used to compare two sets of collected data, remove duplicate records, and identify links between sets
-
Time-series analysis
AI techniques include:
-
Data mining - data mining for fraud detection and prevention classifies and segments data groups in which millions of transactions can be performed to find patterns and detect fraud
-
Neural networks - suspicious patterns are learned and used to detect further repeats
-
Machine Learning - fraud analytics Machine Learning automatically identifies characteristics found in fraud
-
Pattern recognition - detects patterns or clusters of suspicious behavior
Listen to top-industry AI & Banking experts and Connect with the global banking network!
AI in banking is one of the topics that will be discussed in our upcoming
Worldwide AI Webinar. By joining us, you will have the opportunity to not only consult world-class AI speakers but also network with other CEOs and CIOs of the global banking industry.
Join us at: https://event.wow-ai.com/worldwideAI2022/
🔸 Event details
Time zones: 9:00 AM - 6:00 PM New York Time
Date: 29-30 September 2022
Language: English
Fee: Free & open to everyone
