According to Javelin Strategy & Research, US$16 billion was lost globally to identity theft or fraud last year, which is almost US$1 billion more than that in 2015. Could analytics be the answer to reducing this loss in future? CIO Asia spoke to David Stewart, business director, Security Intelligence Solutions, Banking, SAS Security Intelligence Practice, to find out his thoughts.
What are the top challenges that banks in the Asia Pacific (APAC) region face when it comes to combating/preventing fraud?
Fraud attacks have become increasingly sophisticated, especially in the cyber/malware attack vector. Given the amount of international trade activity in the region, APAC companies are prone to complex corporate structures, which adds difficulty in knowing customer and counterparty risks.
According to a research study conducted by IDC and managed security services provider Quann, 91 percent of companies in Singapore are only in the early stages of security preparedness. This exposes loopholes in companies and increases their risk vulnerability. Furthermore, with digitalisation and the sheer number of payment activities occurring through mobile and impersonal channels, the ability to provide secure payments and be certain of the party executing them becomes increasingly difficult.
Another challenge comes in the form of data quality. While there are many vendors promoting artificial intelligence (AI) and machine learning to deploy models quickly and easily, what we are failing to consider is that the time spent in model building, testing and validation is dependent on good data quality.
In this case, it is an often neglected component of AI and machine learning. The importance of good data hygiene needs to be emphasised, as it greatly reduces the time spent on data cleansing and transformation when building these models. While companies tend to ask for faster deploying of models, we need to ensure that the data they have on hand is of a certain quality. Otherwise, it is likely to impede the process.
With the increasing speed and sophistication of fraud, a model that was deployed the previous month, for example, may not be as effective in dealing with fraud cases of tomorrow. Self-learning and autonomous models will then be effective in giving companies the agility to prevent these attacks when their own sets of rules are put in place to handle scored transactions.
For example, Nets, a Nordic-based payments processor, faced problems with fraud detection and had a reactive approach to fraud-prevention. With fraud criminals becoming more active and organised, and using advanced technology to access and exploit cardholder information, they needed to move to a proactive approach.
The use of SAS Fraud Management enabled them to improve their fraud detection rate by 50 percent, reduce card fraud by 50 to 70 percent, and cut false positives in half. This means that Nets is not only detecting and preventing more fraud, but also inconveniencing fewer cardholders.