Beyond The Blackbox: Elevating Fraud Detection with Transparent Risk Scoring

Technology has a vital role to play as financial institutions fight back against fraudulent activity, which continues to grow—Alloy's Annual State of Fraud Benchmark Report, 91% of respondents said that fraud rates have increased at their organization year-over-year.

While solutions are available that help identify fraud, many lack visibility into the underlying attributes. These are vital when it comes to pinpointing deep fake identities and fraud. What they often end up doing is assigning an application or an account with a risk score. But what does that risk score actually mean? 

To truly understand and keep pace with evolving forms of fraud, we need to go beyond the black box and provide transparency to the risk-scoring process. This was the topic for a webinar I had the pleasure of participating in not too long ago with my FiVerity colleague and Lead Data Scientist, Nilabh Ohol. Nilabh and I were joined by DCU Fraud Investigator Kelley Donnelly for a wide-ranging discussion. 

Key focus areas included the following:

• Why the industry is calling for transparent risk scoring

• How transparent risk scoring works

• Real-world examples of how transparent risk scoring can help to spot deep-fake identities and spot fraud

Go beyond the black box and provide transparent risk scores

Before we kicked things off, I had to pause and thank the unsung heroes of the industry – the fraud analysts who work tirelessly to fight back against the onslaught of attacks by bad actors. These analysts are the ones leading the charge with a greater understanding of what contributes to a risk score.

As you may imagine, these analysts are interested in understanding how fraud is being perpetrated. Right now, the volume of attacks is overwhelming. Add to that that fraudsters are becoming increasingly more sophisticated, devising truly innovative and smart kinds of hacks and scams. These analysts are telling us they want to share their understanding of what drives these attacks with their teams and other institutions. This sharing includes going beyond their four walls to other institutions.

This sentiment certainly chimed with Donnelly, who spends hours every day looking for the needle in the haystack – deep fake identities and fraudulent accounts. The problem has only been exacerbated recently as the volume of fraudulent activity has skyrocketed. She says the key is using technology to identify bad actors and collaborating with other institutions to share information on fraud.

“Over the past couple of years, the volume [of fraudulent activity] has just gone out of control,” explained Donnelly. “We have people applying [for accounts] that are good people, and then you have the bad actors. Trying to find those bad actors is like a needle in a haystack. But, with our tools, finding those needles is a little bit easier. And the tools allow us to show examples to our staff and other credit unions or banks, and build those relationships, meaning we can stop it not just at my financial institution, but other financial institutions as well.”

One of the major challenges in Donnelly’s role is that not only is the volume of fraudulent activity continuing to grow, but it’s also constantly evolving. As soon as one form of fraud is identified and curtailed, fraudsters move on to a new scam. 

“As soon as we figure out something that they’re doing, they’re going to change their scheme one hundred percent, they’re going to do a 180,” said Donnelly. “We saw an intake of synthetic identity fraud a couple of years ago, and even last year, and once we were able to stop that synthetic fraud, they changed gears on us and went more towards identity theft. So, we always have to be on top of everything and look at our different reports and the tools we have to stop this.”

Transparent risk scoring help financial institutions detect emerging forms of fraud

This need to identify emerging forms of fraud is one of the major catalysts for going beyond a black box that provides a risk score but no real insight into how the score has been determined. Technology is certainly part of the answer, but it’s not enough. As Nilabh explained, it’s about utilizing expert human knowledge to help train machines to detect fraud better.

“We’re always playing catch up to new forms of fraud,” said Ohol. “And I think that’s why we realized that a black box score will only get you so far. What we want to do is understand the evolution of fraud. And, with the help of subject matter experts, in this case, fraud investigators, incorporate vast amounts of knowledge as a feedback loop to generate variations of these evolving patterns and identities and then present this back to the front-end investigators to help them identify newer types of activities.”

While it’s a panel of subject matter experts who ultimately help to refine and improve the machine learning models that detect fraud, Ohol and his team of data scientists had to ask themselves several questions when defining the FiVerity approach to building a transparent risk score.

“How do you provide a risk score to an identity?” said Ohol. “But not only that, how do you provide indicators and attributes that are contributing towards a score? If an identity is 90% likely to be fraud, what attributes suggest it’s more likely to be fraud? And on top of that, what are the attributes that bring the score down? Transparent scoring helps eliminate many biases. And that could be a subconscious bias or a bias because we have been looking at the data over and over again with similar signals. It [transparent scoring] contributes to a more holistic and more informed decision-making process.”

Having discussed the theory behind transparent risk scoring, the panel referred to Donnelly for a real-world example of how it is used on a day-to-day basis. The key for her is having access to information that helps to make an informed decision that, if left solely to a black box, could otherwise negatively impact innocent people.

“Our financial institution has customers who are brand new to this country and are trying to establish credit,” explained Donnelly. “And that may bring their risk score up because they might move around a lot at first trying to settle themselves, so they have a bunch of different addresses being reported on their credit report. We must be able to identify between someone who’s just coming into this country trying to establish themselves and bad actors. So even though we have that risk score, we must also look beyond that and not only teach the computer that not everybody is bad but also teach ourselves as well.”

AI + Collaboration = The Winning Formula

The key is to leverage solutions that harness the power of artificial intelligence (AI) to help detect fraud. These types of tools were not always available to financial institutions. As a result, fraud analysts had to wait for an account to “go bad” before being alerted to potentially fraudulent activity. AI helps flip that on its head. 

Through the power of AI, teams can determine if the ID in question is a synthetic [identity] and do so in ten minutes. To give that some perspective, Donnelly said that previously, her team would have to wait for a loan to go bad, which could take 30 or 60 days. Then, she would have to wait for someone to alert them. And, depending on the volume, it could take months. So, at that point, they would have already lost that money. With AI, they can stop it even before it gets opened. In instances when it already has been opened, her team can stop it, especially with a credit card, before any money is even spent. 

As mentioned earlier, Donnelly is also able to share insights with other financial institutions. It's a collaborative ethos that is vital to fraud detection and supported by the Patriot Act, which allows them to give other institutions a heads-up. 

As you can imagine, this discussion was very enlightening. It also validated many of the keys that I have been touting, particularly the need for a two-pronged approach that pairs innovation with collaboration. That’s a winning formula to stopping identity fraud. Just ask the team at DCU.