Fraud Finders: Pattern Recognition

William Gibson, the author widely known for coining the term cyberspace, released the novel Pattern Recognition earlier this year. The book (like some of Gibson’s other works) features a protagonist with an intuitive ability to detect nonobvious patterns in huge amounts of data. Although Gibson is considered a science-fiction writer, Pattern Recognition is set in modern times, which is appropriate because pattern recognition technology most likely already has a place in your toolkit and is being evermore applied in the security field.

One of the most common areas for applying pattern recognition is financial fraud detection. Software scans reams of transactional data, looking for anomalies that might result from fishy business. This process leads to a never-ending arms race of sorts: As detection methods become more sophisticated, fraud perpetrators have to use more ingenious methods themselves to avoid getting nabbed.

Penny Gillespie, a senior analyst at Forrester Research, says that this race is as old as fraud itself. For years, all transactions over a certain limit (say $10,000) have been automatically checked for fraud. Knowing that, criminals started making multiple smaller transactions. So now banking software is being fine-tuned to examine the smaller transactions and look for repeated withdrawals within a short time frame, ATM cards used far from their usual geographic locations, and other more subtle indicators that something’s amiss.

Gillespie offers two illustrations from personal experience. Twice her credit card issuer has called to verify that her card was being used by its legitimate owner. The first time, Gillespie (who’s based in Virginia) was doing some shopping on a trip to New York City. “That’s a pretty usual [situation for verification]the card company was seeing relatively large purchases outside of my normal region,” she says. The second, more recent call, however, was over a single $15 purchase at her usual gas station. “I asked why they were calling over such a small amount, and they said, ‘You’ve never purchased gasoline with this card before.’ And they were rightI usually use a debit card, but on that occasion I didn’t have the debit card with me,” she says.

A recent product announcement in the field was that of Unisys’ early-June release of the Active Risk Monitoring System (ARMS), a software suite for detecting financial fraud. Gillespie lists a host of other software and service providers in this area, a varied roster including Fair, Isaac & Co., Equifax, Mantas and Searchspace.

Unisys says a key selling point for ARMS is that it examines transactions in real-time, rather than scanning warehoused data after the fact. Warehousing can be quite effective in certain applications as well, however. In July, SAS issued a release about the use of its business intelligence software for fraud detection at Fireman’s Fund Insurance Co., saying the company saves upward of $20 million per year by sussing out false insurance claims. This case study highlights one of fraud detection software’s outstanding characteristics, given the current economic state: The return on investment for such purchases can often be directly placed on the corporate bottom line.

Underlying most pattern recognition products is the technology formerly known as artificial intelligence, or AI. AI got such a bad rap because its early commercial implementations didn’t live up to their hype, and the term is now largely discarded in favor of “neural networks” or nonspecific monikers like “business-rules-driven software.” But AI and pattern recognition support biometric access control devices and antiterrorism facial recognition software. And they can be applied to examine anything that produces large transaction volumes: stock and currency trades, border crossings, phone records, and register- and store-level cash flows. The government uses pattern recognition to help track down money laundering operations; Forrester’s Gillespie says she has seen software vendors with very sophisticated examples of applied AI in that arena.

Wherever it’s applied, pattern recognition amounts to an attempt to automate the experienced security practitioner’s gutthe ability to eyeball a situation and say, “Something’s not right here.”