This is the slide deck I used at my talk titled 'Catch them in the Act - Fraud Detection with WSO2 Analytics Platform' at the wso2 Asia Conference 2016

1. Catch them in the Act
Fraud Detection with
WSO2 Analytics Platform
Seshika Fernando
Technical Lead
WSO2

2. $4 Trillion in Global Fraud Losses
Analysts predict Businesses are losing 5% of business revenues
to Fraud each year

4. Many Ways
• Generic Rules
• Fraud Scoring
• Machine Learning
• Markov Models

5. Capturing Domain Expertise
Fraudsters
• Use stolen cards
• Buy expensive stuff
• In large quantities
• Very quickly
• At odd hours
• Ship to many places
• Provide weird email addresses

6. Complex Event Processing
Notify if there is a 10% increase in overall trading activity AND the average price of commodities has
fallen 2% in the last 4 hours

7. Moving Averages
from TransactionStream#window.time(60 min)
select itemNo, avg(qty), stdev(qty)
group by itemNo
update AvgTbl as a
on itemNo == a.itemNo
from TransactionStream[itemNo == a.itemNo and qty>(a.avg +3*a.stdev) in AvgTbl as a]
select *
insert into FraudStream

8. Transaction Velocity
from e1 = TransactionStream ->
e2 = TransactionStream[e1.cardNo==e2.cardNo]<2:>
within 5 min
select e1.cardNo, e1.txnID, e2[0].txnID, e2[1].txnID
insert into FraudStream

9. The False Positive Trap
So what if I buy expensive stuff
Very quickly
At odd hours
Ship to many places
Rich guy
Impulse Shopper
Night owl
Many girlfriends?
Blocking genuine customers could be
counterproductive and costly

10. Avoid False Positives with Scoring
Use combination of rules
Give weights to each rule
Single number that reflects multiple fraud indicators
Use a threshold to reject transactions
• You just bought a diamond ring
• You bought 20 diamond rings, within 15 minutes at
3am and shipped it to 4 global locations?

11. How to score
Score = 0.001 * itemPrice
+ 0.1 * itemQuantity
+ 2.5 * isFreeEmail
+ 5 * riskyCountry
+ 8 * suspicousIPRange
+ 5 * suspicousUsername
+ 3 * highTransactionVelocity

12. Known devil is better than an unknown angel...

13. Machine Learning
Utilize Machine Learning techniques to identify ‘unknown’
types of fraud

14. Is organized crime that simple?

15. Markov Models
• Model randomly changing systems
• Detect rare activity sequences using
– Classification
– Probability Calculation
– Metric Calculation

16. Markov Models for Fraud Detection

17. One true inference
invariably suggests
others
- Sherlock Holmes

18. Dig deeper using Interactive Analytics
• Provide access to historical data to dig deeper
• Make querying and filtering easy and intuitive
• Provide useful visualizations to isolate incidents and
unearth connections

19. Curious?
http://wso2.com/analytics/solutions/fraud-and-
anomaly-detection-solution/

20. Payment Fraud

21. Anti Money Laundering

22. Identity Fraud

24. Thank You