A Singapore-based fraud detection firm is using artificially intelligent deep learning neural networks to help detect fraudulent online transactions by recognising user behaviour in real time.
As technology improves, so do the methods of committing fraud, to the extent that if you were to analyse databases of online transactions, it's incredibly difficult to detect which are transactions by real people shopping on your website, and which are the transactions being carried out by the crooks.
When a regular person goes on Amazon to buy something, there's a certain distinct randomness to their behaviour. They might have their webmail open in another browser tab, or they might be chatting to someone on Facebook chat per se.
The speed at which they type, the intervals between each key stroke, even their tendency to leave comments on open access forums like Reddit or YouTube – all of these things are subtle clues that indicate that you are human.
"Databases are highly vulnerable and the problem is that many of them are available on the Dark Web. Data breaches don't even need to happen on a big site – we log into so many websites, but if your financial details are there and that database is breached, the hackers can use the data," CashShield's cofounder and CFO Junxian Lee tells IBTimes UK.
"The only way to address fraud is to look at human behaviour in real time. We do this by looking at passive biometrics analytics. The word we use is 'continuous authentication'. Fraudsters are using AI to defraud merchants, so merchants need to fight back using AI."
Botnets that imitate human behaviour
Forget about using botnets to carry out Distributed Denial of Service (DDoS) attacks – CashShield has observed an unnamed Russian fraud syndicate that has programmed an army of zombie computers infected with malware to simulate human behaviour.
"For example, we see that they are logging into YouTube for nine to 10 minutes, they are leaving three to four comments on Facebook pages they create. It's always nine to 10 minutes, it's always three to four comments. Several thousand computers within the botnet are doing this exact behaviour at the same time per minute," says Lee.
"Fraud syndicates do this repeatedly automatically because they don't have time to do it manually. Each fraudulent transaction will make them USD$5 (£3.89). For them to make sense of it, they need to do thousands at a time."
But how does the firm know what a regular person is doing on the internet? It sounds really Big Brother, but websites and advertisers online can already see a lot of what you do online. If you go to a website and log in, then the website receives identifiers about you, such as your IP address and your email address.
With these details, metasearch (also known as social profiling) can be used to figure out which social media accounts are connected to you, and when was the last time you either posted a comment publicly on YouTube or uploaded a video. Investigating this data is known as passive biometric analytics.
Using dynamic neural networks
Traditionally, companies detect fraud by analysing data sent over telecommunications channels using rules-based computer systems, which used to be considered the best technology around for fraud detection.
Humans programme the computer to detect simple known patterns, such as recognising that your credit card might have been stolen when you live in the UK and just paid for something in the supermarket, but the next day your card is used in Barbados.
The problem is that you now need a lot more data in order to determine that a transaction really is suspicious, which is why companies are turning to real time machine learning to spot fraud syndicates.
In particular, CashShield has developed a dynamic neural network that is able to churn a million points within 0.1 seconds. Its system is now being used by gaming PC manufacturer Razer and Chinese online shopping giant Alibaba Group.
Typically neural networks follow a top-down approach – large networks of artificially intelligent classical computers are trained using computer algorithms to solve complex problems in a similar way to the human central nervous system, whereby different layers examine different parts of the problem and combine to produce an answer.
In a dynamic neural network, there are both layers and modules. The modules act as pillars between the layers in a neural network, so even if some information is missing, it does not affect the decision made by the network. The module is a cluster of categories and it keeps running tests to gather other data to form a profile until you have enough information to pass it onto the next layer.
"Our machine learning technique is unique because if there is an absence of data, certain layers crumble, so you need the modules. This way, the layers and modules move around dynamically until they find the answer," explains Lee.
"It has taken five years to develop this. Our system contains a combination of financial algorithms that are typically used to maximise the merchant's revenues as well as traditional decision-making fraud algorithms plus the algorithms we have developed. It is unique to use this financial algorithm in a fraud protection system."