Machine learning technology will provide the best results in detection of fraud in the future. Indeed, many organizations are actively driving replacement of human-driven rules analysis with machine-driven solutions.
However, I believe that a mix of machined-led and human-led activity is the best fit for many organizations to maximize performance.
There are several perceptions that suggest fraud rules are no longer fit. Ultimately a data-driven approach, regardless of human or machine involvement, is a state that organizations need to move to in order to maximize detection in the present and to ease the transition to a more machine-driven future.
Manually implemented rules are usually put in place to prevent previous, or current known, fraud trends from further hurting an organization. They remain popular with fraud managers because they enable prompt reaction to emerging fraud trends and are easy for people to read.
But machine learning models are likewise reactive. Most modern machine learning methods rely on supervised methods such as XGBoost and Neural Networks, as these methods provide a streamlined approach to detecting fraud.
Supervised methods rely upon the data being marked as a genuine or fraudulent transaction. So that the algorithms can understand the patterns and distinguish the differences. It is not uncommon for these data markings to take upward of weeks and sometimes even months to implement, meaning the machine learning system cannot easily detect new fraud patterns in the same way that a manual rule can.
The nature of the machine learning methods, especially tree-based algorithms, is that they form an internal representation very similar to a rule set. So they still require frequent retraining as fraud patterns change, just like manual rules.
Decision trees create a rule set based on a single starting condition, such as the number of authorizations a card makes in a certain time. “Random forests” are a popular technique for fraud detection, but it is often not understood that they are ensembles of decision trees and are therefore rules based.
Many machine learning techniques require regular updates, just like manual rules, to be able to adapt to changing fraud patterns. Another distinction to make is that other machine learning techniques, such as neural networks and logistic regression, are black box models, meaning it is extremely difficult to understand the reasoning behind the fraud score, since that is all that is produced from a decision. This makes them less accessible for fraud managers and hard to understand and implement with confidence.
Traditionally rule sets are implemented and maintained according to fraud patterns that are being experienced by the business. Rules themselves cannot adapt to changing patterns, but they have the upper hand in speed of implementation.
Fraud attacks can be extremely fast moving. For example, in May 2016, fraudsters were able to withdraw 1.4 billion yen from cash machines in Japan using credit card data stolen from a South African bank . The transactions all occurred within a three-hour window at 7-Eleven cash machines and caused the bank to lose $19.25 million. It is extremely important for fraud strategies to have a manual rule option, so that emerging problems can be tackled immediately. These rules can then later be removed, as the fraudulent activity is covered by machine learning models.