Microsoft has developed a mobile banking fraud detection architecture that uses artificial intelligence (AI) to spot fraudulent transactions in less than two seconds using a combination of Azure cloud services.
The company, which developed the solution for a banking client, this week effectively open-sourced the architecture, publishing a step-by-step guide for Azure subscribers seeking to replicate it.
As Kate Baroni, a software architect at Microsoft Azure puts it in her 15-page Solution Guide: Mobile Bank Fraud [pdf]: “The time it takes to react to a fraudulent transaction directly influences how much financial loss can be prevented. The sooner the detection takes place, the less the financial loss.”
“Two seconds – ideally a lot less – to collect a complex JSON message, authenticate it, parse and transform the JSON…”
“[You have got] two seconds to collect a complex JSON message, authenticate it, parse and transform the JSON, create account features from the data attributes, submit the transaction for a fraud score, and synchronize with a backend case management system. Latency and response times are critical in a fraud detection solution and the infrastructure to support it must be fast and scalable.”
A major challenge is that many fraud monitoring solutions today still rely on rule-based engines, the guide notes, which are effective at detecting established patterns of fraud-like transactions generated from risky IP addresses, or multiple transactions generated within a very short period on a brand-new account.
But as Baroni notes: “In today’s criminal environment, rule-based engines have one significant limitation: rules do not adapt quickly to new or evolving types of attacks, and they have the following constraints:
- Detection is not real-time, so fraud is detected only after financial loss occurs.
- Rules are binary and limited; they cannot accommodate the of complexity and combinations of input variables that can be evaluated. This results in high false positives.
- Rules are hard coded into business logic. Curating the rules, incorporating new data sources, or adding new fraud patterns usually means application changes that impact a business process. Propagating changes throughout a business process can be cumbersome and expensive.”
To help overcome these limitations, Microsoft’s team created an architecture (see illustration above) that operates with three workstreams, using a combination of Azure’s Data Factory, Event Hub, Functions, Key Vault, Logic Apps, Machine Learning Studio, SQL Database and more.
The workstreams comprise an event-driven pipeline that ingests and processes log data, creates and maintains behavioral account profiles, incorporates a fraud classification model, and produces a predictive score; a model training workstream that combines on-premises historical fraud data and ingested log data and, finally, functionality to integrate to back-end business processes.
As Baroni puts it in an accompanying blog: “Most steps in the event processing pipeline start with a call to Azure Functions because functions are serverless, easily scaled out, and can be scheduled. The power of data in this solution comes from mobile messages that are standardized, joined, and aggregated with historical data to create behavior profiles. This is done using the in-memory technologies in Azure SQL. Training of a fraud classifier is done with Azure Machine Learning Studio (AML Studio) and custom R code to create account level metrics.”.
See Also: The Threat to the Banking Industry from Malware and its Sale on the Black Market
Speaking to Computer Business Review Ben Brabyn, Head of London based Tech community Level39 said that: “The lack of human contact in a digital process can be unnerving, and security concerns around mobile banking are a challenge that need to be addressed. Recent money laundering concerns flagged by Revolut to the FCA reflect consumer worries – only 27 percent of consumers [for example] feel digital challengers can keep their money safe. For the fintech sector to fulfill its potential, it is essential for digitally savvy businesses to build trust in their services.”
Those happy to get their hands dirty implementing Synthetic Minority Oversampling Techniques (SMOTE) in AML studio and tackling Boosted Decision Tree algorithms may be keen to take a look at the full Mobile bank fraud solution guide…