Member Article

Graph Technology: The Silver Bullet To Beating Fraud

Neo Technology’s Emil Eifrem argues that such organised criminality’s very sophistication makes them highly suitable for graph database-supported countermeasures

In January 2016, a criminal called Tahir Lodhi pleaded guilty in a US court for conspiracy to commit bank fraud, admitting how he’d worked with co-conspirators to create thousands of fake identities to gather up tens of thousands of credit cards.

Lodi and his New Jersey based confederates ran up $200 million in charges. Sizeable as that figure is it may be a drop in a huge fraud ocean, based on scams centred on fake ID creation spawning multiple accounts that begin legitimately - but are only ever heading in one direction: massive theft.

Adopting and promoting these fake identities meant Lodhi and his gang could easily create “drop addresses,” numbering more than 1,800, ranging from post office boxes to houses, to help maintain their deception.

The false identities used for the fraud were further legitimised by being framed as employees of the various sham companies the ring was setting up. Meanwhile, these bogus “companies” worked with legitimate retailers, who would let its members conduct fake transactions on the fraudulent cards – then split the proceeds.

Avoiding false positives

You might wonder how the ring could have operated undetected for so long, especially since they used common tactics to conduct their fraud. It’s a common pattern after all – cultivating a line of credit over six, nine, or twelve months, using it like a very good customer, then maxing out the credit line and absconding.

However, while it may be a standard pattern, it’s not an easily detectable one if you are using traditional database tools. The problem is that a bank’s standard instruments for dealing with fraud, like monitoring for deviation from normal purchasing patterns, is all about working with discrete data, rather than looking at the bigger network of relationships.

That’s an issue because discrete data may pick up sole operators, but it can’t easily detect the shared characteristics that typify fraud rings. What’s more, such methods tend to issue too many false positives, which harm customer relationships.

Such problems bedevil traditional relational database approaches, as they can only really model data as a set of tables and columns, carrying out complex joins and self-joins when the dataset becomes more inter-related. Such queries are technically tricky to construct and expensive to run – and making them work in synchronous time is not easy, with performance faltering as the total dataset size increases. After all, the number of connections involved in such fraud rings is always exponentially large, and in the New Jersey case a phenomenal 18,000, which means it’s difficult to see if there is a fraud scheme rather than a few individual instances of fraud.

And if attacks are made against different institutions by the same collective, let alone cross-border or cross-continent, as they often are, it can also be extremely difficult to connect the dots and trace the attacks back to the original source.

Stopping such fraud rings means making a lot of connections

Undoubtedly, knowing your customers’ usual way of working with their finances, cross-checking data with credit bureaus and heavily monitoring their activity after a new credit line is opened or an existing one increased, is important.

But the next step is to take advantage of technology that excels at spotting new fraud patterns, and in real-time. Step forward graph databases, which were created to work with data at scale, by manipulating the patterns in it. Graph databases, used with modern data query languages like Cypher, offer a simple semantic for detecting fraud rings and navigating the data connections in-memory, even real-time.

That makes spotting the connections between fraudsters and their activities far more straightforward – potentially, before anything untoward takes place. And I don’t have to remind you that as business processes become faster and increasingly more automated, the window we have to detect fraud is shrinking too.

Here’s an example. PayPal, which moved $230bn worth of currency over its networks in 2014, employs graph techniques to perform sophisticated fraud detection at global scale. IDC estimates that this approach has already saved it more than $700m in potential loss due to fraud – and that graphs have enabled the company to perform robust predictive fraud analysis, to boot.

The fight against fraud is constantly evolving. And as fraud operations becomes more loosely connected, and increasingly more global, more difficult to detect, those working to counter fraud will need to use the best technology available for tracking relationships in data.

Graphs really do seem to fit that bill. Pioneers like PayPal have recognised their potential – and so should you.

The author is co-founder and CEO of Neo Technology, the company behind Neo4j, the world’s leading graph database (http://neo4j.com/)

This was posted in Bdaily's Members' News section by Emil Eifrem .