Orchestration To Fight The Crescendo Of Scams And Fraud

by TJ Horan

Data Orchestration for Fraud Prevention

There has been an awful lot of unsettling news about scams and fraud lately. A crescendo, even. As it happens, orchestration (of both data and process) is one of the most potent weapons in fighting scams and fraud. The good news is this technique is readily available today — and not a moment too soon.

Scams Are Front Page News

In recent weeks scams and fraud have been splashed across headlines everywhere. A New York Times story about people being tricked into sending money to fraudsters (known in the UK as authorized push payment [APP] fraud) on Zelle was one of the top stories for several days running, reverberating across news outlets worldwide.

Meanwhile, the recently released FICO Consumer Fraud Survey revealed a confounding inverse correlation between a meteoric rise in APP fraud in the UK and consumers’ apparent lack of worry about it. In 2020 APP fraud accounted for £479 million in gross losses, but by mid-2021, its occurrence had risen by 71%! APP fraud now makes up 38% of all UK fraud, yet only 6% of UK consumers cite being tricked into sending payment to a fraudster as their primary fraud concern.

The Future of Fraud Management: Orchestration

A number of technologies and techniques are available today to help banks detect and prevent the APP fraud associated with various types of scams. Here are a few metrics from FICO’s Scam Detection Score, which is included in FICO® Falcon® Fraud Manager Retail Banking Consumer v3.0 model:

[W]hen a customer uses their favorite device but transacts with a non-favorite credit account — for example, using their bank’s mobile app on their own mobile phone that they frequently use to transfer funds, but sending to a new credit account — the risk ratio is 10x times larger for scams as compared to third-party fraud.
Looking at combinations of favorites [transactions types, times and places], and combining them with other features of abnormality associated with transaction amounts (frequencies, time of day, and many other characteristics), allows FICO’s models to differentiate customers into classes of third-party fraud, APP scam and non-financial crime. In the case of scam transactions on favorite devices, the new Scam Detection Score identifies 24x the number of these transactions, compared to the standard fraud score at a typical non-fraud review rate!

More broadly, there are a multitude of ways to use fraud decisioning strategies for scam detection, by applying specific analytics to applications for credit, debit card activity, credit card activity and retail bank activity, as well as customer demographics. The common thread among all these scam-busting solutions? Orchestration.

What Is Orchestration?

As the term applies to business, “orchestration” brings together many disparate pieces to accomplish a goal or achieve an objective. For payments professionals this translates into first defining your fraud strategy, and then devising and implementing your data and technology strategies to back it up.

Orchestration in this context doesn’t work like a musical orchestra, in which all the instruments are present on the stage, brought together by the musical score and the conductor. Orchestration for fraud detection and prevention more closely resembles coordinating a large picnic: Who’s bringing the sandwiches? The snacks? The drinks? The brownies? The blanket? What’s the overall theme? If any of these pieces are missing, the picnic will still go on, but it won’t be quite as good. (Except if the brownies are forgotten, then the outing’s a bust.)

Fighting fraud is analogous to a picnic; what’s the overall objective of the fraud management initiative, and do I have the right data in the right place at the right time? There’s a need to focus on goals such as detecting money transfers being made to scammers, or fraudulent card not present (CNP) transactions, or any of the myriad other scenarios where fraud strikes. And then how do you coordinate all the pieces to come together, and add more in the future?

Orchestration in Practice

Orchestration is about pulling in and coordinating all the data and technology pieces to make a risk-appropriate decision in real-time or after the fact. For example, to assess a person to person (P2P) money transfer transaction for potential APP fraud, many pieces of customer data are relevant:

Device (known or unknown computer, tablet or smartphone)
Transaction type (e.g. P2P like Zelle, PayPal, Venmo, CashApp)
Geolocation of the device (which may be in the possession of someone other than the customer)
Account type (debit, credit, savings)
Specific account
Time of day
Frequency of this type of transaction

With proper orchestration, we can use sophisticated technology capabilities, informed by data from a myriad of sources, to answer key questions in real time and evaluate a transaction in milliseconds for potential fraud. Questions you might answer include:

Is this expected behavior?
How does it compare to prior transactions?
Is this transaction normal for the customer’s behavioral cohort?

For example, if we know that there have been three failed attempts to log into the customer account, a new payee was set up and the transfer is being sent to that payee, there is more relevant information available to flag a transaction as suspicious.

Orchestration is also critical in investigating transactions after the fact. Sticking with the P2P money transfer example, a transaction may be approved but flagged for further investigation. During this phase investigators want easy access to detailed device information that was unavailable at the time of the transaction (such as smartphone telemetry data, keystroke intensity and patterns, etc.) to help inform future fraud decisions. (Keystroke patterns and intensity are different in transactions made under duress, which can be consistent with the pressure that scammers typically exert on their victims.)

To net it out, there is more to orchestration than just looking at an individual transaction; access to more relevant data at all times truly is better.

Flexibility and Control are Key

Flexibility around how data is orchestrated and pulled together is essential for successful fraud management. So is control. “Otherwise, it’s very easy for flexibility to give rise to incredible spaghetti,” said Chartis Research Director Siddartha Dash during our recent conversation. “We need coherence and control of the analytics themselves. That requires well-mapped data; the technology platform should allow you to map data and data transformations.”

I agree. I want to see the original data and understand how it is mapped to the conditions of a fraud decision model. Sometimes the incremental decisions are several steps removed from the ultimate goals of the solutions, and assumptions made about the data don’t align. It’s important that the decisioning platform you use to develop a mission-critical fraud management production system creates that end-to-end alignment. You can accomplish much of this orchestration in Falcon, with even more granular control available in FICO® Platform.

Beyond Warm-Up Scale

Orchestration capabilities are particularly important in enterprise fraud management because the challenge has grown exponentially and in multiple dimensions. We used to discuss the scalability of a system in terms of how many financial transactions it could handle per second (tps). Years ago, 300 tps was perfectly acceptable for certain-sized institutions.

Now, when we look at things like non-monetary activity, authorizations and what’s happening in other payment channels, enterprise fraud systems need to handle much more than just high tps levels. Ability to handle appropriate transaction volume is important, but financial institutions need a scalable platform that readily grows as more and more data is ingested and orchestrated—an important point to keep at the forefront in fighting scams and fraud today, and whatever may be lurking on the horizon.