How Connected Analysis Can Put a Dent in Cyber-crime

Graph databases provide a new front in fraud-catching technology, making use of real-time analysis to quickly identify suspicious acts.

A graph database is a database that uses graph structures with nodes, edges and properties to represent and store data. Every element in a graph database contains a direct pointer to its adjacent element, and no index lookups are necessary. This is extremely fast, and companies such as Facebook, Google and others use them on a daily basis.

Bank fraudsters apply for credit cards, loans, overdrafts and unsecured banking credit lines with no intention of paying them back. First-party fraud costs banking institutions tens of billions of dollars every year. Fraudsters behave similar to legitimate customers until the moment they “bust out,” cleaning out all their accounts and promptly disappearing. Another complexity is the exponential nature of the relationships between participants in a fraud ring and the overall dollar value controlled by the operation.

A group of criminals organizes into a fraud ring and uses a subset of legitimate contact information to create a number of synthetic identities. Accounts are opened using these false identities, and new ones are added in the form of credit cards, overdraft protection, personal loans and more. Accounts are used normally with revolving credit lines increasing over time. One day the ring “busts out,” with the criminals coordinating to max out all available credit lines before disappearing with the funds—for good.

Fraud costs the insurance industry an estimated $80 billion annually in the U.S. and is on the rise. While existing analysis techniques catch a handful of fraud scenarios, sophisticated criminals often elude these methods through collaboration. Criminal rings conceal collusion skillfully by staging complex “paper collisions” that do not arouse suspicion.

In a typical fraud scenario, rings of fraudsters collaborate to stage fake accidents and claim soft-tissue injuries. These fake accidents never really happen; they are “paper collisions,” complete with fake drivers, fake passengers, fake pedestrians and even fake witnesses. Because soft-tissue injuries are easy to falsify, difficult to validate and expensive to treat, they are a favorite among fraudsters, who have even developed a term for them: “whiplash for cash.”

As our lives become increasingly digital, a growing number of financial transactions are conducted online. Fraudsters have been quick to adapt and devise clever ways to defraud online payment systems. While e-commerce fraud usually involves criminal rings, a well-educated fraudster can easily create a large number of synthetic identities on his own to carry on sizable schemes.

Online transactions typically take place with identifiers. These include facets such as user ID, IP address, geolocation, a tracking cookie and a credit card number. The relationships between these identifiers are usually close to one-to-one, with some variation due to shared machines, families sharing a credit card number, etc. However, as soon as these relationships go beyond a reasonable number, fraud is often at play. And with e-commerce processes moving faster than ever, the time margins to detect fraud are slimming.

Whether it’s insurance, e-commerce or first-party bank fraud, no detection effort is perfect. However, when you look beyond individual data points to the connections that link them, you gain significant value. These connections often go unnoticed until it is too late, yet they often hold the best clues. Unlike other ways of looking at data, graphs are designed to express relatedness. Graph databases uncover patterns that are difficult to detect using traditional representations such as tables. An increasing number of companies now use graph databases to solve connected data problems, including fraud detection.

Graph databases can be an enabler for efficient and manageable fraud detection solutions. From fraud rings and collusive groups to educated criminals operating on their own, graph databases provide a unique ability to uncover a variety of important fraud patterns—and all in real time. Collusions that were previously hidden become obvious when using a system designed to manage connected data. Real-time graph queries are a powerful tool for detecting high-impact fraud scenarios.

In every case, it’s critical to detect fraud as quickly as possible. As processes grow faster and more automated, the time margins for detecting fraud narrow significantly. This calls for real-time solutions.