This document discusses how to build a fraud detection solution using Neo4j graph database. It covers typical fraudsters and types of fraud, challenges with traditional fraud detection methods, and how graph databases can provide a more holistic view of relationships to better detect fraud rings and organized crime. The document also outlines a typical fraud detection architecture with Neo4j at the core to power a 360-degree view of transactions in real-time and help detect patterns. It concludes with a demo and Q&A section.

1. How to Build a Fraud Detection
Solution with Neo4j
Joe Depeau
Sr. Presales Consultant, UK
18th July, 2018
@joedepeau
http://linkedin.com/in/joedepeau

2. • Who are Today’s Fraudsters?
• Fraud Detection from a Data Modelling Perspective
• How to Fight Fraud Rings with Graphs
• A Closer Look at Credit Card Fraud
• How Neo4j Fits in a Typical Architecture
• Demo
• Summary
• Q & A
2
Agenda

3. Who are Today’s
Fraudsters?
3

4. 4
Who Are Today’s Fraudsters?

5. 5
Organized in
groups
Synthetic
Identities
Stolen
Identities
Hijacked
Devices
Who Are Today’s Fraudsters?

6. 6
Types of Fraud
• Credit Card Fraud
• Rogue Merchants
• Fraud Rings
• Insurance Fraud
• eCommerce Fraud
• Fraud we don’t know about yet…

7. 7
Digitized and Analog
World of Fraud
Constantly Evolving Few and Many Players
“One Step Ahead”
Simple and Complex

8. Fraud Detection
(from a data modelling perspective)
8

9. 9
Raw Data

10. 10
Anomalies

11. 11
Patterns

12. 12
1)
Detect
2) Respond
Fraud Prevention is About
Reacting to Patterns
(And doing it fast!)

13. 13
Relational
Database
Choosing Underlying
Technology

14. 14
Data Modelled as a Graph!
Graph
Database

15. 15
ACCOUNT
HOLDER 2
Modeling a fraud ring as a graph
ACCOUNT
HOLDER 1
ACCOUNT
HOLDER 3

16. 16
ACCOUNT
HOLDER 2
ACCOUNT
HOLDER 1
ACCOUNT
HOLDER 3
CREDIT
CARD
BANK
ACCOUNT
BANK
ACCOUNT
BANK
ACCOUNT
PHONE
NUMBER
UNSECURED
LOAN
SSN 2
UNSECURED
LOAN
Modeling a fraud ring as a graph

17. 17
ACCOUNT
HOLDER 2
ACCOUNT
HOLDER 3
CREDIT
CARD
BANK
ACCOUNT
BANK
ACCOUNT
BANK
ACCOUNT
ADDRESS
PHONE
NUMBER
PHONE
NUMBER
SSN 2
UNSECURED
LOAN
SSN 2
UNSECURED
LOAN
Modeling a fraud ring as a graph
ACCOUNT
HOLDER 1

18. How to Fight Fraud
Rings with Graphs
18

19. 19
“Don’t consider traditional technology
adequate to keep up with criminal
trends”
Market Guide for Online Fraud Detection, April 27, 2015

20. 20
Endpoint-Centric
Analysis of users and
their end-points
1
Navigation Centric
Analysis of
navigation behavior
and suspect patterns
2
Account-Centric
Analysis of anomaly
behavior by channel
3
PC’s
Mobile Phones
IP-addresses
User ID’s
Comparing Transaction
Identity Vetting
Traditional Fraud Detection Methods
Layered Model for Fraud Prevention (https://www.gartner.com/newsroom/id/1695014)

21. 21
Unable to detect
• Fraud rings
• Fake IP-addresses
• Hijacked devices
• Synthetic Identities
• Stolen Identities
• And more…
Weaknesses
DISCRETE ANALYSIS
Endpoint-Centric
Analysis of users and
their end-points
1
Navigation Centric
Analysis of
navigation behavior
and suspect patterns
2
Account-Centric
Analysis of anomaly
behavior by channel
3
Traditional Fraud Detection Methods
Layered Model for Fraud Prevention (https://www.gartner.com/newsroom/id/1695014)

22. 22
INVESTIGATE
Revolving Debt
Number of Accounts
INVESTIGATE
Normal behavior
Fraud Detection with Discrete Analysis

23. 23
Revolving Debt
Number of Accounts
Normal behavior
Fraudulent pattern
Fraud Detection with Connected Analysis

24. 24
CONNECTED ANALYSIS
Endpoint-Centric
Analysis of users and
their end-points
Navigation Centric
Analysis of
navigation behavior
and suspect patterns
Account-Centric
Analysis of anomaly
behavior by channel
DISCRETE ANALYSIS
1 2 3
Cross Channel
Analysis of anomaly
behavior correlated
across channels
4
Entity Linking
Analysis of relationships
to detect organized
crime and collusion
5
Augmented Fraud Detection
Layered Model for Fraud Prevention (https://www.gartner.com/newsroom/id/1695014)

25. 25

26. Blank Slide
26

27. A Closer Look at
Credit Card Fraud
27

28. 28
Manual skimming
of an ATM
Sophisticated Data Breaches
Retrieval of Credit Card
Information
Rogue Merchant

29. 29
USE
ISSUES
Terminal ATM-
skimming
Data Breach
Card
Holder
Card Issuer
Fraudster
USE $5MAKES
$10
MAKES
$2
MAKES
MAKES $4000
AT
Testing
Merchants
ATMAKES Tx

30. 30
TxTx
$2
TxTx
Tx
$2000
Tx Tx
$25$10$4
TxTx Tx Tx TxTxTx
Computer
Store
John
Gas Station
Sheila
Robert
$3
Karen
TxTxTx Tx Tx TxTx
$3000
Tx
Jewelry
StoreTx
$3
TxTxTx Tx Tx TxTx TxTx
TxTx TxTx Tx Tx TxTx
$8 $12
Tx
$1500
Furniture
Store
Tx Tx Tx

31. How Neo4j Fits in a
Typical Architecture
31

32. 32
Money
Transferring
Purchases Bank
Services Relational
databases
Develop Patterns
Data Science
team
+ Good for Discrete Analysis
– No Holistic View of Data-Relationships
– Slow query speed for connections

33. 33
Money
Transferring
Purchases Bank
Services Relational
databases
Data Lake
+Good for Map Reduce
+Good for Analytical Workloads
– No holistic view
– Non-operational workloads
– Weeks-to-months processes Develop Patterns
Data Science
team
Merchant
Data
Credit
Score
Data
Other 3rd
Party
Data

34. 34
Money
Transferring
Purchases Bank
Services
Neo4j powers
360° view of
transactions in
real-time
Neo4j
Cluster
SENSE
Transaction
stream
RESPOND
Alerts &
notification
LOAD RELEVANT DATA
Relational
databases
Data Lake
Visualization UI
Fine Tune Patterns
Develop Patterns
Data Science
team
Merchant
Data
Credit
Score
Data
Other 3rd
Party
Data
LOAD RELEVANT DATA

35. 35
Money
Transferring
Purchases Bank
Services
Neo4j powers
360° view of
transactions in
real-time
Neo4j
Cluster
SENSE
Transaction
stream
RESPOND
Alerts &
notification
Relational
databases
Data Lake
Visualization UI
Fine Tune Patterns
Develop Patterns
Data Science
team
Merchant
Data
Credit
Score
Data
Other 3rd
Party
Data
Data-set used
to explore
new insights
LOAD RELEVANT DATA
LOAD RELEVANT DATA

36. Demo
36

37. Q & A
37

38. 38
Valuable Resources!
neo4jsandbox.com https://neo4j.com/use-cases/fraud-detection/ neo4j.com/product
Sandbox
Fraud
Detection
Product