Stopping Fraud Early
Ouyang Ming

Interviewed by

Distinguished Scientist

Carole-Ann Matignon
Co-Founder & CEO
Sparkling ...
How big of a problem is Fraud at PayPal?
• PayPal attempts
• 50% invalid browser finger print
• Fraudsters are probing Pay...
What are the different type of risks?
• Account taken over: online world
• ID theft: more a credit issue, real world

• CC...
Where are the “fraudsters” coming from?
• Phishing
• Malware, spyware and botnet
• Data/security breach
• Shared passwords...
How do you identify Fraud?
• Customer claims

• CC charge back

• Merchant reports

• ACH returns

• Agents review

• Loss...
How do you stop Fraud?
• Manual review vs. data driven
• Data
• Point-in-Time notion
• Decision Management tools
• SAS
• K...
definitions
set '__is_WH' to boolean to string( ( CtrlActions number of actions "180" + CtrlActions number of actions "181...
How big is the solution?
• Events through rules engine:

over 110 million requests/day
• Machines we have for rules engine...
How do you know how well you do?
• Business Metrics and Business Objectives
• Hit rate / Catch rate
• Financial objectives...
How do you track performance over time?

• Flash Fraud is an Endless Game
• Technology evolvement: proxy, VPN, Remote Desk...
Let’s end with an anecdote…

© 2013 Sparkling Logic, Inc. company confidential
Upcoming SlideShare
Loading in …5
×

Decision Camp 2013 - Ouyang Ming - PayPal - stopping fraud early

496 views

Published on

PayPal discusses challenges related to payment fraud, and the technology they use to stop it faster

Published in: Technology, Economy & Finance
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
496
On SlideShare
0
From Embeds
0
Number of Embeds
8
Actions
Shares
0
Downloads
3
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide
  • Welcome to Decision CAMP 2013I am Carole-Ann Matignon…I have done AI forever, starting with Expert Systems – how many of you were around in the 90’s doing expert systems?Then rules, then business rules and now decision managementIt has been an amazing journey for all of us, and I am really glad that we are welcoming today many of you that are new to this discipline.This is what decision CAMP is about: networking with like-minded individuals that share a passion for these technologies, providing a ton of educational materials, sharing best practices and lessons learned, and encouraging discussions. It is for old-timers and newcomers alike.I remember attending business rules forum 15 years ago… It was the early days… It was much smaller than decision camp today! This industry has grown significantly and I am blessed that I could part of this journey.
  • Decision Camp 2013 - Ouyang Ming - PayPal - stopping fraud early

    1. 1. Stopping Fraud Early Ouyang Ming Interviewed by Distinguished Scientist Carole-Ann Matignon Co-Founder & CEO Sparkling Logic © 2013 Sparkling Logic, Inc. company confidential
    2. 2. How big of a problem is Fraud at PayPal? • PayPal attempts • 50% invalid browser finger print • Fraudsters are probing PayPal system • Losses upticks whenever we have tech issues: for bigger issues, the loss could easily double or triple © 2013 Sparkling Logic, Inc. company confidential
    3. 3. What are the different type of risks? • Account taken over: online world • ID theft: more a credit issue, real world • CC risk • ACH risk: stolen vs. credit © 2013 Sparkling Logic, Inc. company confidential
    4. 4. Where are the “fraudsters” coming from? • Phishing • Malware, spyware and botnet • Data/security breach • Shared passwords: 40k out of 200k matched w/ PP • Unintentional issues: recycled emails • Underground market © 2013 Sparkling Logic, Inc. company confidential
    5. 5. How do you identify Fraud? • Customer claims • CC charge back • Merchant reports • ACH returns • Agents review • Loss monitoring © 2013 Sparkling Logic, Inc. company confidential
    6. 6. How do you stop Fraud? • Manual review vs. data driven • Data • Point-in-Time notion • Decision Management tools • SAS • Knowledge Seeker • Sparkling Logic SMARTS BluePen © 2013 Sparkling Logic, Inc. company confidential
    7. 7. definitions set '__is_WH' to boolean to string( ( CtrlActions number of actions "180" + CtrlActions number of actions "181" + CtrlActions number of actions "182" ) is more than 0 ) ; set '__true_cc_idi' to all of the following conditions are true : - _VAR value of variable ( "IS_CAM_ATTEMPT" ) equals "1" - _VAR value of variable ( "IS_CAM_PLUS" ) equals "1" - _VAR value of variable ( "MODEL_SEGMENT_CAM" ) to integer is more than 0 , ; set '__attempt_amt' to Transaction USD amount USD amount ; set '__cam2013_score' to iif ( _VAR value of variable ( "CAMNNMODEL_SCORE2" ) is not empty ? True _VAR value of variable ( "CAMNNMODEL_SCORE2" ) : False "0" ) to decimal ; set '__p_value' to iif ( __cam2013_score is at least 1 ? True "0.54" : False iif ( __cam2013_score is less than 0.03 ? True "0" : False decimal number to string( __cam2013_score * __cam2013_score * __cam2013_score * 0.5841 - __cam2013_score * __cam2013_score * 0.305 + __cam2013_score * 0.2333 + 0.0032 ) ) ) to decimal ; set '__sim_qp_scr' to __p_value * __attempt_amt * 100 * 10 ; if __true_cc_idi and _VAR value of variable ( "CAMNNMODEL_SCORE2" ) is not empty and integer to string( User account number ) right 6 chars left 2 chars to integer is between 80 and 99 and none of the following conditions are true : - Transaction is dcc - Transaction is virtual terminal - Transaction is hss , and none of the following conditions are true : - Transaction is eBay customized end of auction - Transaction is eBay express payment - Transaction is eBay immediate payment - Transaction is eBay marketplace payment - Transaction is eBay motors deposit , and none of the following conditions are true : - FundingActions number of actions "98" is more than 0 and __is_WH equals "0" - FundingActions number of actions "29" is more than 0 and __is_WH equals "0" - FundingActions number of actions "16" is more than 0 and __is_WH equals "0" , and any of the following conditions is true : - _VAR value of variable ( "CAMNNMODEL_SCORE2" ) to decimal is at least 0.03 and __attempt_amt is at least 250 - _VAR value of variable ( "CAMNNMODEL_SCORE2" ) to decimal is at least 0.1 and __attempt_amt is at least 150 and less than 250 - _VAR value of variable ( "CAMNNMODEL_SCORE2" ) to decimal is at least 0.3 and __attempt_amt is at least 100 and less than 150 - _VAR value of variable ( "CAMNNMODEL_SCORE2" ) to decimal is at least 0.4 and __attempt_amt is at least 50 and less than 100 - _VAR value of variable ( "CAMNNMODEL_SCORE2" ) to decimal is at least 0.7 and __attempt_amt is at least 25 and less than 50 - _VAR value of variable ( "CAMNNMODEL_SCORE2" ) to decimal is at least 0.8 and __attempt_amt is at least 0 and less than 25 , and __sim_qp_scr is at least 40,000 and none of the following conditions are true : - 'User counterparty' has ALF ( alf_digital_content ) active on account - 'User counterparty' has ALF ( alf_digital_content_olg ) active on account - _RADD Misc 03 exists with keys ( "ARS_TRUE_INDUSTRY" , "ARS_TRUE_INDUSTRY" , "ARS_TRUE_INDUSTRY" , integer to string( 'User counterparty' account number ) ) and _RADD Misc 03 string variable "CAT" with keys ( "ARS_TRUE_INDUSTRY" , "ARS_TRUE_INDUSTRY" , "ARS_TRUE_INDUSTRY" , integer to string( 'User counterparty' account number ) ) equals "gaming" - _RADD Misc 03 exists with keys ( "ARS_DG_SELLER_LIST" , "ARS_DG_SELLER_LIST" , "ARS_DG_SELLER_LIST" , integer to string( 'User counterparty' account number ) ) and _RADD Misc 03 integer variable "IS_DG" with keys ( "ARS_DG_SELLER_LIST" , "ARS_DG_SELLER_LIST" , "ARS_DG_SELLER_LIST" , integer to string( 'User counterparty' account number ) ) equals 1 , then the BREFundingActions flag hold the current transaction of User ; What does a Flash Fraud rule look like? © 2013 Sparkling Logic, Inc. company confidential
    8. 8. How big is the solution? • Events through rules engine: over 110 million requests/day • Machines we have for rules engine: 360 boxes © 2013 Sparkling Logic, Inc. company confidential
    9. 9. How do you know how well you do? • Business Metrics and Business Objectives • Hit rate / Catch rate • Financial objectives © 2013 Sparkling Logic, Inc. company confidential
    10. 10. How do you track performance over time? • Flash Fraud is an Endless Game • Technology evolvement: proxy, VPN, Remote Desktop • Interactive game: you change, they change accordingly • Control Groups © 2013 Sparkling Logic, Inc. company confidential
    11. 11. Let’s end with an anecdote… © 2013 Sparkling Logic, Inc. company confidential

    ×