Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

GraphTalks Copenhagen - Analyzing Fraud with Graph Databases

David Montag, Neo4j
GraphTalks Copenhagen

  • Login to see the comments

GraphTalks Copenhagen - Analyzing Fraud with Graph Databases

  1. 1. Analyzing Fraud with Graph Databases
  2. 2. What Does Fraud Look Like?
  3. 3. Organized in groups Synthetic Identities Stolen Identities Hijacked Devices What Does Fraud Look Like?
  4. 4. Types of Fraud • Insurance Fraud • eCommerce Fraud • Credit Card Fraud • Rogue Merchants • Fraud we don’t know about yet…
  5. 5. Endpoint-Centric Analysis of users and their end-points 1. Navigation Centric Analysis of navigation behavior and suspect patterns 2. Account-Centric Analysis of anomaly behavior by channel 3. PC:s Mobile Phones IP-addresses User ID:s Comparing Transaction Identity Vetting Traditional Fraud Detection Methods
  6. 6. DISCRETE ANALYSIS Endpoint-Centric Analysis of users and their end-points 1. Navigation Centric Analysis of navigation behavior and suspect patterns 2. Account-Centric Analysis of anomaly behavior by channel 3. Traditional Fraud Detection Methods
  7. 7. INVESTIGATE Revolving Debt Number of Accounts INVESTIGATE Normal behavior Fraud Detection with Discrete Analysis
  8. 8. Difficult or unable to detect: • Synthetic identities • Stolen identities • Fraud rings • Nth degree links • And more… Weaknesses DISCRETE ANALYSIS Endpoint-Centric Analysis of users and their end-points 1. Navigation Centric Analysis of navigation behavior and suspect patterns 2. Account-Centric Analysis of anomaly behavior by channel 3. Traditional Fraud Detection Methods
  9. 9. CONNECTED ANALYSIS Endpoint-Centric Analysis of users and their end-points Navigation Centric Analysis of navigation behavior and suspect patterns Account-Centric Analysis of anomaly behavior by channel DISCRETE ANALYSIS 1. 2. 3. Cross Channel Analysis of anomaly behavior correlated across channels 4. Entity Linking Analysis of relationships to detect organized crime and collusion 5. Modern Fraud Detection
  10. 10. Revolving Debt Number of Accounts Normal behavior Fraudulent pattern Fraud Detection with Connected Analysis
  11. 11. ACCOUNT HOLDER 2 ACCOUNT HOLDER 1 ACCOUNT HOLDER 3 Fraud Detection with Connected Analysis
  12. 12. ACCOUNT HOLDER 2 ACCOUNT HOLDER 1 ACCOUNT HOLDER 3 CREDIT CARD BANK ACCOUNT BANK ACCOUNT BANK ACCOUNT PHONE NUMBER UNSECURED LOAN SSN 2 UNSECURED LOAN Fraud Detection with Connected Analysis
  13. 13. ACCOUNT HOLDER 2 ACCOUNT HOLDER 1 ACCOUNT HOLDER 3 CREDIT CARD BANK ACCOUNT BANK ACCOUNT BANK ACCOUNT ADDRESS PHONE NUMBER PHONE NUMBER SSN 2 UNSECURED LOAN SSN 2 UNSECURED LOAN Fraud Detection with Connected Analysis
  14. 14. CONNECTED ANALYSIS Endpoint-Centric Analysis of users and their end-points Navigation Centric Analysis of navigation behavior and suspect patterns Account-Centric Analysis of anomaly behavior by channel DISCRETE ANALYSIS 1. 2. 3. Cross Channel Analysis of anomaly behavior correlated across channels 4. Entity Linking Analysis of relationships to detect organized crime and collusion 5. Modern Fraud Detection
  15. 15. “Don’t consider traditional technology adequate to keep up with criminal trends” Market Guide for Online Fraud Detection, April 27, 2015
  16. 16. Architecture with Neo4j
  17. 17. Money Transferring Purchases Bank Services Relational/tabular database Develop Batch Jobs Data Scientists + Good for Discrete Analysis – No Holistic View of Data-Relationships – Slow query speed for connections Insurance Claims
  18. 18. Relational database Data Lake + Good for Map Reduce + Good for Analytical Workloads – No holistic view – Non-operational workloads – Weeks-to-months processes Develop Patterns Data Scientists Merchant Data Credit Score Data Other 3rd Party Data Money Transferring Purchases Bank Services Insurance Claims
  19. 19. Data Lake Neo4j powers 360° view of transactions in real-time SENSE Transaction stream RESPOND Alerts & notification SYNC RELEVANT DATA Relational database Visualization UI Fine Tune Patterns Develop Patterns Data Scientists Merchant Data Credit Score Data Other 3rd Party Data Money Transferring Purchases Bank Services Insurance Claims Neo4j Cluster
  20. 20. Data Lake Neo4j powers 360° view of transactions in real-time SENSE Transaction stream RESPOND Alerts & notification SYNC RELEVANT DATA Relational database Visualization UI Fine Tune Patterns Develop Patterns Data Scientists Merchant Data Credit Score Data Other 3rd Party Data Money Transferring Purchases Bank Services Insurance Claims Neo4j Cluster New perspective into business
  21. 21. Data Lake Neo4j powers 360° view of transactions in real-time SENSE Transaction stream RESPOND Alerts & notification SYNC RELEVANT DATA Relational database Visualization UI Fine Tune Patterns Develop Patterns Data Scientists Merchant Data Credit Score Data Other 3rd Party Data Money Transferring Purchases Bank Services Insurance Claims Neo4j Cluster Rule-based scoring Predictive analytics Case management Augments classic tools:
  22. 22. The Impact of Fraud The payment card fraud alone, constitutes for over 16 billion dollar in losses for the bank-sector in the US. $16Bpayment card fraud in 2014* Banking $32Byearly e-commerce fraud** Fraud in E-commerce is estimated to cost over 32 billion dollars annually is the US.. E-commerce The impact of fraud on the insurance industry is estimated to be $80 billion annually in the US. Insurance $80Bestimated yearly impact*** *) Business Wire: http://www.businesswire.com/news/home/20150804007054/en/Global-Card-Fraud-Losses-Reach-16.31-Billion#.VcJZlvlVhBc **) E-commerce expert Andreas Thim, Klarna, 2015 ***) Coalition against insurance fraud: http://www.insurancefraud.org/article.htm?RecID=3274#.UnWuZ5E7ROA
  23. 23. Paper Collisions Insurance scammers invent automobile
 accidents complete with fake drivers,
 passengers and witnesses Insurance Fraud Example
  24. 24. Accidents Cars Doctor Attorney People Drives Is Passenger Drivers
 Passengers
 Witnesses Insurance Fraud Example
  25. 25. View of fraud ring 
 in a graph database Accident
 1 Accident
 2 Person
 1 Person
 2 Person
 3 Person
 4 Person
 5 Person
 6 Car
 1 Car
 2 Car
 3 Car
 4 INVOLVES DRIVES REPRESENTS WITNESSES ADJUSTS HEALS Insurance Fraud Graph
  26. 26. Dashboard Example
  27. 27. Patterns
  28. 28. KDD 2015 3 Subgraphs Subset of nodes and relationships in the data
  29. 29. Ego networks E The subgraph made up of all neighbors and the relationships among them Generalizable to Nth degree neighbors
  30. 30. Same Data, Different Perspective
  31. 31. Mapping Ego Networks
  32. 32. slope=2 slope=1 slope=1.35 Mapping Ego Networks
  33. 33. Mapping Ego Networks
  34. 34. Mapping Ego Networks
  35. 35. 128.240.229.18 fred@rbs.co.uk 1234LOL Personal Networks are Stars
  36. 36. 128.240.229.18 fred@rbs.co.uk 1234LOL nick@bearings.com Ca$hMon£y Overlapping Stars
  37. 37. Hmm….
  38. 38. MATCH (u1:User {name:”Rik”})––(x)––(u2:User) WHERE u1 <> u2 AND NOT (x:IP) RETURN x Network in common is OK Sample Query
  39. 39. Remember, It Scales
  40. 40. Detect & prevent fraud in real-time Faster credit risk analysis and transactions Reduce chargebacks Quickly adapt to new methods of fraud Why Neo4j? Who’s using it? Financial institutions use Neo4j to: FINANCE Government Online Retail
  41. 41. Don’t be a lonely node. Connect with us :-)

×