The Four Pillars of Advanced Fraud Analytics

Posted by Ross Worden on September 17, 2013
in Fraud Detection

Fraud has probably existed since the first humans started trading goods and services for money. To state the obvious, fraud is a serious issue. Fortunately, the advent of data analytics and visualization technology has now empowered fraud investigators with a plethora of tools that promise to detect, prevent, and even predict fraud. Unfortunately, with the advancing technology has come a stampede of buzzwords like predictive, investigative, and (the granddaddy of them all) Big Data (Represented In Capitals Like Important Things Should Be) to name a few.


It’s time to bypass the marketing buzz and start shifting our focus to where the rubber meets the road: the necessary evolution in the techniques we use to detect fraud. We need to rethink the way we conduct fraud investigations using analytics and visualization. While many analytical techniques exist (empowered by emerging technologies), there is one undying truth that all fraud investigators know:

There is no silver bullet.

Vendors promising a silver bullet, whether via technology or an army of consultants, perform our industry a disservice. This is a battle we can win, but we must be honest with each other and collaborate on both techniques and technologies.

Technology Enabled, Human Driven Fraud Detection

To cut through the buzz, this past month we introduced our concept of The Four Pillars of Advanced Fraud Analytics developed by the 21CT Fraud Intelligence Unit and their more than 50 years of combined fraud investigation work at all levels. Our goal with these four pillars is to introduce to the community a more effective and efficient way to embrace and harness the technology available in the market by using the human-driven methods proven to work:

click to enlarge

Pillar One: Targeting Methods & Raw Data Analytics — Target specific behaviors for automatic action, detect outliers, and highlight qualitatively valuable areas for investigation.

Pillar Two: Machine Learning & Scoring Algorithms — Identify suspicious people, places, and things (PPT) as starting points for further investigation.

Pillar Three: Link Analysis — Visualize basic connection paths from one PPT to other people, places, or things of interest.

Pillar Four: Social Network & Graph Pattern Analytics — Mathematically analyze complex patterns to gain critical context and discover unknown unknowns.

When used individually, they are often very effective, but ultimately suffer from issues like excessive false positives, insufficient flexibility, poor scalability, and an under-appreciation of the context that surrounds fraudulent behaviors. Together, the Four Pillars create an economy of scale in fraud investigations to achieve measurable results and provide rapid time-to-value:

  • Analyze massive data stores and fuse multiple data sources
  • Hunt for patterns of hidden fraudulent behavior and find the unknown unknowns
  • Identify and exploit common points of compromise to augment existing investigations and spawn new ones
  • Uncover false negatives more rapidly, reduce false positives, and ultimately put the pressure on fraudsters and their weak points
  • Be inductive and deductive, allowing exploratory link analysis to work in conjunction with top-down mathematical approaches
  • Visualize findings including suspicious payments, criminal techniques and methods, good vs. bad



Paul Cappabianca
September 18, 2013, 11:26 AM

It's clear a lot of thought and experience is behind this model. It's been my experience building a solution that pillar 1 and 2 can be done fairly economically with negative file reference data, but suffer as you pointed out when rules don't correlate multiple positives. The analytics pieces are exciting and become more scalable as inexpensive Iaas deployments can be combined with an API to expose as a service to customers.

Post a Comment
  1. Leave this field empty

* Required Field