Computing: How fraud-detection systems combine dozens of clues to spot 
suspicious patterns in mountains of transactions

THE pleasure of reading a classic detective story comes from the way that the 
sleuth puts together several clues to arrive at a surprising conclusion. What 
is enjoyable is not so much finding out who the villain is, but hearing the 
detectives explain their reasoning. Today, not all detectives are human. At 
insurance companies, banks and telecoms firms, fraud-detection software is used 
to comb through millions of transactions, looking for patterns and spotting 
fraudulent activity far more quickly and accurately than any human could. But 
like human detectives, these software sleuths follow logical rules and combine 
disparate pieces of data-and there is something curiously fascinating about the 
way they work.

Consider car insurance. Every Monday morning, telephone operators at insurance 
firms listen to stories of the weekend's motoring mishaps, typing the answers 
to several dozen standard questions into their computers. Once, each claim form 
then passed to a loss adjuster for approval; now software is increasingly used 
instead. The Monday-morning insurance claims, it turns out, are slightly more 
likely to be fraudulent than Tuesday claims, since weekends make it easier for 
policyholders who stage accidents to assemble friends as false witnesses. A 
single rule like that is straightforward enough for a human loss adjuster to 
take into account. But fraud-detection software can consider dozens of other 
variables, too.

If a claimant was nearly injured (because of an impact near the driver's seat, 
for example), the accident is less likely to have been staged and the claim 
less likely to be fraudulent, even if it is being filed on a Monday. Drivers of 
cars with low resale values are proportionately more likely to file fraudulent 
claims. But that factor is less important if the claimant also owns a luxury 
car, which suggests affluence. And if the insurance on the luxury car has 
expired, the likelihood of foul play drops further, since this increases the 
likelihood a person will drive a cheaper but properly insured car. And so on.

The staggering number of combinations, each an indication of fraud or 
legitimacy, underscores the limitations of human analysis. Fraud-detection 
software, however, can evaluate a vast number of permutations and deliver a 
fraud-probability score. And such programs are getting better as new claims 
provide extra statistics that can help tune the computational recipes, or 
algorithms, used to detect fraud.

German insurers, for example, recently noticed that claimants who call back 
shortly after filing, angrily demanding speedy settlement, are 
disproportionately more likely to be cheaters, says Jörg Schiller, an insurance 
expert at the Otto Beisheim School of Management in Vallendar, Germany. 
Evidently fraudsters consider themselves good actors. But when pugnacious 
policyholders call after the 20th of the month, the probability that they are 
acting decreases slightly, since funds from the previous month's paycheque may 
be dwindling. Mr Schiller says most car insurers in rich countries now use 
fraud-detection software, and those in developing countries are adopting it 

Play your cards right
With an estimated $250m in annual sales, and yearly growth topping 25%, the 
largest and fastest-growing category of fraud-detection software is that used 
to spot fraudulent credit-card transactions. According to the Association for 
Payment Clearing Services, based in London, such software is largely 
responsible for reducing losses from credit-card fraud in Britain alone from 
£505m ($925m) in 2004 to £439m ($799m) in 2005. Merchants implementing 
anti-fraud software for the first time commonly see losses from fraud reduced 
by half. Such software evaluates many parameters associated with each 
credit-card transaction, including specific details of the items being 
purchased (derived from their bar codes), to evaluate the likelihood of foul 
play in the form of a numerical risk score. Any transactions that score above a 
certain pre-defined threshold are then denied or challenged.

Buying petrol seems innocent enough. If no attendant is present, however, the 
risk score goes up, because fraudsters prefer to avoid face-to-face purchases. 
Buying a diamond ring soon after buying petrol results in an even higher risk 
score: thieves often test a card's validity with a small purchase before buying 
something much bigger. A $100 purchase at a shop that sells hard liquor is more 
likely to be fraudulent than a more expensive shopping spree at a wine shop, 
because whisky is easier to fence. A purchase of sports shoes is risky because 
trainers appeal to a demographic with less money than, say, buyers of golf 
clubs. Buying two pairs of trainers increases the risk, as this may indicate 
plans to resell them. Shoes in teenage sizes bump up the score further, since 
pre-teens are less likely to buy stolen goods. Sales in London, New York or 
Miami, all cities with vibrant black markets for shoes, push scores higher, as 
do purchases made during school holidays. The fraud history of individual shops 
can also be taken into account.

Seasoned criminals can, of course, figure out such rules and change their 
behaviour in an attempt to avoid detection. Some types of purchases are less 
likely to be fraudulent. A shopping spree in a linen shop, however, does not 
have much appeal to most criminals. However, says Mike Davis, a fraud expert at 
Butler Group, a consultancy, the "vast majority" of fraudsters are low-level 
opportunists fairly easily foiled by today's fraud-detection software. The 
situation, he says, is "spectacularly better" than it was just a few years ago.

But the technology trips up cleverer fraudsters too, using a variety of tricks. 
The software can, for example, assign a customised scoring algorithm to each 
credit card, depending on its normal usage patterns. That algorithm can then be 
fine-tuned after each transaction. If a card belonging to a Berliner has never 
been used to purchase a plane ticket or buy goods outside Germany, the system 
may block an attempt to book a Moscow-Tokyo flight leaving in three hours. An 
attempt to charge a moped to an elderly woman's card may fail. Cards are often 
blocked when the volume of transactions for which they are used abruptly spikes.

E-businesses using anti-fraud software now block about 8% of all transactions. 
Some aborted orders, of course, are not fraudulent. Each "false positive" 
reduces profits and angers an honest shopper. To limit such damage, risk 
managers (employed by the software developers or the merchants themselves) 
study sales data compiled before the anti-fraud software was implemented. This 
analysis helps retailers find the optimal score threshold to determine which 
orders they accept.

Online fraudsters have tricks of their own, of course. Carl Clump, the boss of 
Retail Decisions, a fraud-detection firm based near London with clients 
including Wal-Mart, Sears and Bloomingdale's, offers an example. Not long ago, 
American scammers began buying CDs of classical music with their purchases of 
expensive items, apparently in an effort to deceive anti-fraud systems (since 
such music is generally assumed not to appeal to young, tech-savvy criminals). 
Retail Decisions' software, called PRISM, detected the trend. Now, purchases 
that combine classical or opera CDs with expensive goods receive a higher score 
than purchases of high-cost items alone.

By reading a computer's internet-protocol address, anti-fraud systems can 
"geolocate" online buyers, and raise or lower scores depending on where they 
are. Most systems penalise customers in places such as Eastern Europe, China, 
Thailand and Vietnam. More dramatically, many merchants block all transactions 
from certain countries. As this practice becomes more widespread, many 
countries, mostly in West Africa, are being completely shut out of 
international e-commerce. SN Brussels Airlines, for example, uses software 
developed by Ogone, a Belgian firm that protects more than 6,400 European 
merchants, to shut out all computers in Liberia and Congo. Without it, says 
Bruno Brusselmans, director of online sales, "I don't even want to think about 
what would happen."

Telecoms firms have always suffered heavily from fraud, which is thought to 
reduce industry revenues by around 5%. But new software that identifies 
fraudulent callers on mobile networks is helping some operators slash their 
losses. Telecom Italia's 140 anti-fraud engineers trimmed losses this year to 
less than 1% by freezing about 30,000 phones a month, says anti-fraud director 
Fabio Scarpelli. 

Such spectacular drops in fraud are more commonplace in the developing world, 
where mobile operators now investing in the technology. David Ronen, of ECtel, 
a firm based in Rosh Ha'ayin, Israel, with more than 100 telecoms clients and 
galloping growth in poor countries, says his firm's software establishes the 
normal calling patterns of individuals in order to detect tell-tale "weird 
situations". For example, if a mobile account opened in Shanghai, and sparingly 
used for local calls, begins making numerous calls from Beijing to a few 
numbers in a distant western province, then it is likely that a phone thief is 
calling friends back home.

Fair Isaac, a large fraud-detection firm based in Minneapolis, operates a 
system so fast that it can block dialled calls before they are even connected. 
The software, called Falcon, is widely used, since laws prevent many telecoms 
firms from terminating non-prepaid calls once they are connected. Wily 
criminals are increasingly operating black-market phoning businesses based in 
parks and on street corners. "You may see 30 people with cell phones on one 
corner and one guy is dialling all the numbers for them," says Ted Crooks of 
Fair Isaac. The calls, often to expensive destinations in poor countries, 
sometimes last days, Mr Crooks says, because cheats use forwarding systems to 
serve many customers with a single call. Technology that can pinpoint handsets' 
locations, however, allows calls in "hot" areas renowned for such illicit 
operations to be blocked.

It is all a far cry from piecing together clues in a country house, or the 
drudgery of real-life detective work. But the result is the same. Life gets 
harder for the bad guys, and the honest citizens, who ultimately pick up the 
bill for fraud, are protected. The digital detectives, like those in mystery 
novels, arrive at their conclusions by combining apparently trivial morsels of 
information. But as Sherlock Holmes put it, "I am glad of all details, whether 
they seem to you to be relevant or not."

"Let me know, that at least, she will try
Then she'll be a true love of mine"

[Non-text portions of this message have been removed]

Sageata Albastra e cea mai mare tzeapa a transportului public! 
Yahoo! Groups Links

<*> To visit your group on the web, go to:

<*> Your email settings:
    Individual Email | Traditional

<*> To change settings online go to:
    (Yahoo! ID required)

<*> To change settings via email:
    mailto:[EMAIL PROTECTED] 
    mailto:[EMAIL PROTECTED]

<*> To unsubscribe from this group, send an email to:

<*> Your use of Yahoo! Groups is subject to:

Raspunde prin e-mail lui