Taking control of another's account, most frequently in order to commit fraud.
Self-learning technique that automatically modifies the neural network model weights by leveraging up-to-date information based on case dispositions and tagged transactions.
Customer authentication deployed dependent on the unique attributes of every interaction, including level of risk, customer ability or preference, cost, and availability of authentication methods.
Beyond simple reporting or business intelligence, advanced analytics is a general term that refers to sophisticated techniques and tools that are used to gain deep insights from data and make predictions. There are a variety of algorithms and approaches within advanced analytics, including machine learning, neural networks, scorecards, regression, and many others.
Advanced machine learning (ML) and artificial intelligence (AI) for financial institutions, enabling them to enhance the efficiency and effectiveness of their AML efforts in suspicious activity transaction monitoring.
Regulatory-driven requirements to monitor customer transactions for money laundering activity, including assessing historical and current customer information and interactions.
Apache Ignite is a horizontally scalable, fault-tolerant distributed in-memory computing platform for building real-time applications that can process terabytes of data with in-memory speed.
Apache Kafka is an open-source stream-processing software platform developed by the Apache Software Foundation, written in Scala and Java. The project aims to provide a unified, high-throughput, low-latency platform for handling real-time data feeds
Apache Spark is an open-source, distributed processing system used for big data workloads. It utilizes in-memory caching and optimized query execution for fast queries against data of any size. Simply put, Spark is a fast and general engine for large-scale data processing
Fraud committed by using false information during the application process. Can be first-party fraud where an applicant submits false information about themselves or third-party fraud where a fraudster impersonates another's identity to open an account.
API is the acronym for application programming interface, which is a software intermediary that allows two applications to talk to each other.
Records that show actions taken by an analyst, including author, date/time stamps, etc.
In computing, authentication is the process of verifying the identity of a person or device.
Fully managed and scalable cloud services platform available from FICO on Amazon Web Service infrastructure.
An efficient way of processing large volumes of data where a large set of transactions collect over time. Data is collected, entered, and processed and uploaded for use in developing insights in a single transfer at set intervals (hourly, daily, weekly, as needed).
Dynamic and efficient tracking of most frequently used time, location, and entities (e.g., payer accounts, payee accounts, foreign account countries, transaction amounts, merchants, devices, among others).
Identification of an individual based on their unique patterns of behavior, for example, keystroke analysis or gait analysis.
Customer authentication based on their unique physical or behavioral attributes, for example, their fingerprint, facial scan, or keystroke.
Business Process Model and Notation (BPMN) is a standard for business process modeling that provides a graphical notation for specifying business processes in a Business Process Diagram (BPD). The objective of BPMN is to support business process management, for both technical users and business users, by providing a notation that is intuitive to business users, yet able to represent complex process semantics.
Identifies the risks the business has. Examples of the risk a company has are: Credit Risk, Business Interruption, Privacy, Cyber, etc. The Assessment would include the controls to manage the and potentially mitigate the risk. Businesses require the ability to continuously monitor and update an institution-specific risk analysis to adopt a mandated risk-based approach to satisfy regulatory requirements.
Rules manager that provides an area for building and editing rules for business and operational decisions, and includes standard features such as maker checker, audit trails, and more.
Capabilities to combat transaction fraud on payment cards, such as a credit card or debit card, whether point of sale (POS) or card not present (CNP).
Centralized decisions is a unique term that further evolves the enterprise digital decisioning journey to its ultimate end point. Instead of connecting just silos, a platform can also centralize decision-related assets. An organization that has embraced a service-oriented architecture can centralize its data, business terms, data attributes, decision logic, and even various analytics. By doing this, any business leader can see a true customer journey through a complex set of offerings without obfuscation created by business silos.
Predicts future customer behavior by collaboratively learning across all customers and assigns customers to archetypes to improve risk sensitivity based on collective behavior within peer groups.
Consortium models built for commercial purchasing cards, including purchasing cards, T&C cards, and other corporate selling cards. The model contains transaction and non-financial activity. The models are available for the UK & I and US.
Containers are a solution to the problem of how to get software to run reliably when moved from one computing environment to another. Put simply, a container consists of an entire runtime environment: an application, plus all its dependencies, libraries and other binaries, and configuration files needed to run it, bundled into one package. By containerizing the application platform and its dependencies, differences in OS distributions and underlying infrastructure are abstracted away. All containers are run by a single operating system kernel and therefore use fewer resources than virtual machines. It is beneficial to have components that are reusable, such as business logic, analytic configuration, and executable content that are packaged in a container for a single click deployment, upgrading and scalability in a platform.
Services that create real-time aggregations and calculate derived variables that can feed any fraud or financial crime detection strategy.
In context-aware personalized recommendations, a contextual user profile contains user's multimedia consumption preferences/interests in relation to contextual information such as location, optional personal information, user's device characteristics, and network information.
Regional or country-specific consortium models built for credit card transactions. The model contains transaction and non-financial activity. The model is available in the UK & I, US, Canada, Malaysia, Australia, Asia Pacific, Brazil, South Africa, and other international regions.
Models built to meet specific customer requirements with customer’s data.
Confirmation that an individual accessing or using an account is the legitimate accountholder.
The strategies, policies, and technologies that ensure customers gain appropriate access to accounts and systems.
Confirmation of a customer's identity across the customer lifecycle from initial identity proofing through ongoing authentication whenever they interact with the organization.
A 360-degree view of the customer that includes all relevant customer information, including customer, account, transactions, alerts, and cases.
Gives the ability to identify those on a set of lists, including good lists, hotlists, etc.
The process of importing, transferring, loading, and processing data for later use or storage in a database. It involves connecting to various data sources, extracting data, and detecting changes in data. Data is brought into platforms in two different methods: batch or streaming. Enterprises collect large volumes of data, in both a structured and unstructured format. They use that data to discover real-time or near real-time insights that inform decision making and support digital transformation.
DataOps (data operations) is an emerging discipline that brings together developer operations (DevOps) teams with data engineer and data scientist roles to provide the tools, processes, and organizational structures to support the data-focused enterprise.
Regional or country-specific consortium models built for debit card signature and PIN transactions. The model contains transaction and non-financial activity. The model is available in the UK & I, US, and international regions.
In making or managing any business decision, businesses need to identify and manage those things that inform or direct their decisions. Decision Assets would include any data, analytics or algorithms, AI or machine learning, rules, knowledge owners, logic authors or subject matter experts, or any other intelligence or process that go into making any decision. These assets should be tracked and audited as part of any decision automation project.
A decision engine is a term that represents the logic, often in the form of a rules flow or decision tree, that can be operationalized to automate a decision. Most business decisions tend to be complex and can be made up of a series of smaller decisions. A decision engine articulates how smaller decisions branch off to bigger and more complex decisions and ultimately end with a final outcome. This logic can be codified, documented, and often executed in an automated fashion. A decision engine, often crafted by a subject matter expert, articulates the decision logic, leverages decision assets to inform a decision, can be audited, and, ultimately, automatically executed through a business process system.
Decision management is the art and science of automating and managing business decisions. It is an umbrella term that largely encompasses the continuum of ingesting data, making insights, integrating business processes, optimizing outcomes, delivering applications and business processes embedded with analytics, learning from and evolving business processes, and auditing decision making assets.
A holistic change in behavior, change in thought process, and the way you look at analysis.
Also sometimes referred to as decision management suites, a decision platform is a set of tools and capabilities that leverage a common infrastructure for doing decision automation and management. These capabilities include some combination of data ingestion and wrangling, predictive analytics, rules authoring, optimization, service orchestration, asset management, and learning loop. It may also include low code application development as required. A decision platform should provide all the authoring and decision design capabilities along with analytic and decision execution, tracking, maturity testing, and audit.
Decisioning is a verb form of the word decision. That is the act of designing and implementing a decision or set of decisions that lead to an action (or the distinct decision to not take an action), usually in a business context. Often instantiated in the form of business rules or process, decisioning is often conflated as complex with multiple possible outcomes, and, while it can be, it can also be a simple exercise that results in a simple binary response.
Flexibility and freedom to use and deploy open source models, customer developed, or other vendor-developed models.
Digital account opening (DAO) is the process of empowering an applicant to quickly, easily, and securely open an account digitally. At a minimum, DAO should capture and auto-fill basic personal identity information, qualify applicants against risk and fraud threats, verify applicant identity (often with third-party data sources), fund the account in real time through a debit/credit card or with mobile deposit capture, and integrate with the core banking system. Best-in-class DAO also includes contextual prequalification and cross-sell of products and services, online and mobile single sign-on, multichannel integration to save and resume account opening at any point in the process, electronic signatures, and photo or file upload of supporting documents (identification, agreements, etc.)
A distributed system is a system whose components are located on different networked computers, which communicate and coordinate their actions by passing messages to one another from any system. The components interact with one another to achieve a common goal. A computer program that runs within a distributed system is called a distributed program (and distributed programming is the process of writing such programs). Distributed computing also refers to the use of distributed systems to solve computational problems. In distributed computing, a problem is divided into many tasks, each of which is solved by one or more computers, which communicate with each other via message passing.
Ethical AI refers to designing artificial intelligent systems that are inherently trustworthy, transparent, fair, unbiased, and explainable. Ethical AI includes removing bias from data, leveraging explainable model architectures, isolating and testing latent features for bias, monitoring models in production for data and bias drift, enforcing immutable model development audit logs with blockchain, and standardizing on a corporate model governance standard to ensure all AI and machine learning systems are designed to an auditable standard of fairness, equal access, safety, and with customer trust in mind.
Machine learning (ML) models are at the heart of AI, and in many cases it can be difficult or impossible to explain how a ML model makes a given prediction. Explainable artificial intelligence (xAI) refers to a collection of techniques that are applied to ML models to deduce explanations associated with the prediction at the local level (for a given customer) as well as at a global level (across many customers). These approaches can dramatically range in accuracy as they associate an explanation for models that are not interpretable, i.e., black box machine learning models.
Leveraging third-party data to enrich an organization’s own data assets for a robust profile of customers, transactions, etc.
Foreign Account Tax Compliance Act (FATCA) and Common Reporting Standards (CRS). FATCA is a US requirement and CRS has been adopted by many global countries. Both regulatory actions were enacted to ensure that each country is receiving the tax revenue that is due to each country. Similar to KYC, data is collected and analyzed for reporting to the US and each country as part of the CRS requirements.
Consolidated alerting and case management capabilities across both fraud and financial crime, giving organizations a broader perspective of customer behavior throughout the entire customer lifecycle.
Fully managed and scalable cloud services platform from FICO on FICO infrastructure.
Combines the capabilities of FICO® Analytics Workbench, FICO® InstantML, and Catalyst Models to enable data scientists to design, author, train, and test financial crimes models from a single platform.
Enables FICO customers to engage with their customers in two-way communications via their preferred channel (e.g., email, voice, text, and mobile app notifications). Integrated with FICO® Alert & Case Manager and FICO® Falcon® Fraud Manager.
A cloud-based Falcon companion solution that proactively detects and priorities (by risk score) compromised merchants and data breaches, automatically alerting fraud teams. The payment data analyzed is a cross-issuer view utilizing the power of the FICO® Falcon® Intelligence Network, FICO’s consortium data lake of over 9,000 financial institutions.
Assesses the behavior of a specific merchant and combines this information with individual consumers’ behavior data to derive a more comprehensive risk assessment of a transaction for consortium card models.
An entity resolution and graph analytics platform that enables organizations to systematically scan disparate internal and third-party data, leveraging world class proprietary fuzzy matching algorithms to resolve identities and the common relationships between them.
A dashboard that offers a visual representation of compliance risk, paired with the ability to immediately call up customer-level details on initial and ongoing customer due diligence, sanctions screening history, transaction monitoring alerts and cases, and alert and case adjudication.
Data accumulation, documentation, and batch preparation for Financial Crimes Enforcement Network (FinCEN) Currency Transaction Reporting (CTR), Suspicious Activity Reporting (SAR) and Patriot Act 314 (a) requirements.
Fraud committed by someone using their own identity, often by making false claims.
The detection of fraud using analytic techniques that “learn” patterns in datasets without being guided by a human analyst.
Multiple frauds within an account portfolio controlled by the same fraudster or group of fraudsters.
Technology that allows you to connect inexact matches, for example, variations in how a name is spelled.
Rules editor with the ability to find both exact and approximate matches across data fields.
Complements debit and card consortium models by providing a continuous risk profile assessment of ATMs based on suspicious behavior occurring at ATMs. This analytic add-on is available for consortium debit card models.
Visual representation of social network analytics that exposes the activity of fraud rings.
This enables companies to run their applications in the cloud, on their own infrastructure (on-premises) or a hybrid of both. A common hybrid strategy is to run a platform in the cloud without having to move your data – which may be in an on-premises storage environment.
Confirmation that an individual is the same person whose identity you have previously proved.
The process of identifying an individual by confirming the validity of their documentary evidence and confirming it belongs to them.
Confirmation of the existence of an identity through documentary evidence.
Confirmation that a validated identity belongs to the individual presenting it.
Information technology (IT) infrastructure is the components required to operate and manage enterprise IT environments. These components include hardware, software, networking components, an operating system (OS), and data storage, all of which are used to deliver IT services and solutions.
Customer authentication based on something the customer is, for example, a biometric.
The deliberate misuse of an organization’s resources and clients by employees.
Customer authentication based on something only the customer knows, for example, a password.
Kubernetes (K8s) is an open-source system for automating deployment, scaling, and management of containerized applications. Kubernetes enables people to move their application workloads to other environments such as AWS, Oracle Cloud, Microsoft Azure, etc.
KYC risk rating is a risk assessment that an organization completes to assess the money laundering risk of an individual, business, trust, etc. CDD is the customer due diligence that is done to support the risk assessment rating. This can be a regulatory-driven requirement in some countries and in others it can be an important component of their AML program.
Integrated capability enabling link visualization and graph analytics to advance detection and investigation of fraud rings.
Confirmation during the identity verification process that the individual concerned is present rather than being spoofed by a fraudster using a photograph or video.
Technology that creates a detailed representation of merchant-level risk behavior for a more comprehensive view of risk, which adapts to reflect new fraud conditions at the merchant and merchant location levels.
Approximation of how the models will perform based on retrospective data.
A system of integrated but self-contained functional components that work together or independently.
Confirmation of a person's identity by using multiple factors from the categories of inherence, possession, and knowledge.
Detects behavioral outliers in real time and automatically adjusts to accommodate new consumer behavioral patterns, changing peer volumes, and fraud trends.
Software infrastructure that allows for a single instance to serve multiple customers by isolating each tenant’s data and in many instances configurations.
Next best action is a customer-centric approach to marketing that considers multiple different actions that could be taken for a specific customer and then decides on the best one to provide. Moreover, next best action requires the need for automated self-learning decisions, using machine learning and AI, to make a decision in real time that will improve the chances of a conversion at the moment that a customer is making a purchase decision.
Customer centric communications across all customer engagement channels: voice, SMS, email, mail, call center, and more. Interactions are orchestrated intelligently across these online and offline channels and consider contact preferences to reach customers efficiently.
Software that is installed and run on the customer’s infrastructure or a client’s cloud environment.
Operationalizing advanced analytics means finding and implementing analytics in business processes; going beyond basic business intelligence and providing leaders with the transparency needed to efficiently evaluate, simulate, and iterate data-driven decisions.
Identification of an individual based on their unique physical attributes, for example, their fingerprint, facial scan, or voice print.
Customer authentication based on something only the customer has, for example, the sending of one time passcodes to confirm possession of a device.
Consortium models built specifically for the unique pre-paid reloadable card transactions. The model contains transaction and non-financial activity. The model is available in the US in addition to an international prepaid model for all other regions.
Prescriptive analytics is considered the most sophisticated form of analytics and often achieved with artificial intelligence. Prescriptive analytic approaches go beyond describing what happened in the past (descriptive analytics), what caused something to happen (diagnostic analytics), or predicting what is likely to occur in the future (predictive analytics). They prescribe specific actions that can be taken to cause a desired future outcome.
Public cloud is a term for cloud computing services offered over the public internet and available to anyone who wants to purchase them. Common public clouds include Amazon Web Services, Microsoft Azure, Oracle Cloud, and Red Hat OpenShift.
Streamlined reporting to government authorities and regulators and sophisticated performance dashboards for management and audit.
Visualization of performance data as well as strategic and operational data.
Consortium model that uses multilayered self-calibrating techniques for all retail banking digital transactions, e.g., P2P, online banking, ACH, SWIFT, wires. It is a global model.
Advanced analytic capabilities used to detect retail deposits fraud.
Capabilities to combat transaction fraud in retail banking channels—focused on inbound deposits.
Capabilities to combat transaction fraud in retail banking channels, such as ACH, wire, and P2P—focuses on outbound payments.
Strategy to avoid detrimental outcomes by assessing the severity and likelihood of all applicable risks and the actions necessary to manage them.
Regulatory-driven designated lists that organizations and individuals should not conduct business with. The watchlists are published by governments (e.g. OFAC, HM Treasury) and non-government agencies (e.g. UN). Customers, Vendors and Employee names are checked against the published lists when coming into an organization and periodically. Transaction Filtering is when the names are screened against the watchlists when payment transactions are made (payee and payor). The lists are dynamic in nature and continually change.
Service orchestration is the tooling or capability to tie together a set of services—decisioning, analytics, data, workflow, processes, etc.—into a logical order and calling on those services as needed to deliver a result. Often wrapped in a user experience to provide data input, workflow for approvals, etc., service orchestration is the power of delivering application logic in an agile manner. The value of service orchestration (as opposed to traditional approaches to software development) is measured in both time to market (often weeks), and change management (ability to change underlying services or logic without breaking applications).
Analysis across data sets to uncover the links that connects entities, usually used to uncover connected fraud or money laundering.
Automates the evaluation of hidden connections between entities such as transactions, applications, and organizations in data to understand where relationships exist, and derive features for analytic models that interpret those connections to detect fraud, money laundering, terrorism, and organized criminal networks. Currently available through FICO Identity Resolution Engine.
Software lifecycle management capabilities of a platform (e.g., how software is tracked, provisioned, authenticated, patched, updated, and eventually reaches end of life.)
An optimization solver is a software package containing algorithms and tools to solve mathematical optimization problems. Solvers are usually created uniquely to address specific problems or challenges, such as event planning, logistics, financial operations, etc. Applicable mathematical optimization challenges arise in all quantitative disciplines and have applications in several fields ranging from transportation and engineering to finance.
Immediately processed, in real time, from incoming data flows as its generated.
Customer authentication based on multiple factors from the separate categories of inherence, knowledge, and possession, formalized in PSD2 regulation.
Structured data refers to any data that resides in a fixed field within a record or file. This includes data contained in relational databases and spreadsheets. This type of data is easily searchable.
An extension of multi-tenancy that enables partners to segregate sub-tenant data within a single tenant in case manager to support multiple end clients without setting up multiple tenants.
The creation of fake identities using data from multiple sources in order to commit fraud, usually by making fraudulent applications.
The ability to ingest data from third-party vendors—e.g., Lexis Nexis, Emailage, World-Check Standard.
Fraud committed by someone using another's usually stolen identity.
Behavioral machine learning transaction-level profiles for each consumer’s activity, updated in real time with each transaction to understand spending patterns and detect anomalous transactions.
Unstructured data is all data types other than structured data, and it is not as easily searchable. It can include formats such as audio, video, and social media postings
User and role-based permissions that limit what a user can view or edit based on their defined role in the system.
Flexible, custom-defined fields that are passed and integrated for use in strategies, rule building, and investigations.
Flexible, custom-defined profiles for entities, e.g., devices or IP addresses that store values over time for different entities, e.g., multiple transactions, enabling the use of historical, transactional data in a rule.
Flexible, custom-defined variables that track values over multiple transactions (e.g., calculating the total spend through card-not-present transactions in a specified time period).
Manage and track the sequence of work that needs to be completed and the business processes required for them.
Take the next step
Connect with FICO for answers to all your product and solution questions. We look forward to hearing from you.