IBM Flushes Out Fraud with Big Data Analytics
When it comes to fraud, the relentless advanced of computer technology is a double-edge sword. On the one hand, it gives fraudsters creative new ways to perform and conceal their graft, but it also gives people new ways to protect themselves. The good guys got a leg up this week when IBM announced a major counter-fraud initiative that prominently features big data analytics.
Fraud and its ugly cousin, financial crimes, are global scourges that are estimated to suck 10 to 15 percent out of the world’s $70-trillion pocketbook every year, about $3.5 trillion of which is due to internal fraud and embezzlement. For every $1 billion earned by a company, it’s been accepted as fact that $100 million to $150 million of it will go right into the criminals’ bank accounts–most of it tax-free, to boot.
Much like corruption, companies in many parts of the world simply accept fraud as a cost of doing business. It’s too hard to detect it, they said. Just leave it be and don’t waste any more time or money fighting it. But as Internet and mobile channels grew, fraudsters found new ways to conduct and conceal their crimes, and fraud grew.
As global crime syndicates got more technologically sophisticated, they started popping off audacious schemes that combined multiple cyber-crime disciplines, such the $45 million ATM theft uncovered in May 2013 that combined hacking into payment processors and the manufacture of fake debit cards. Retail giant Target’s massive data breach hasn’t been fully described, but it’s known that point of sale (POS) terminals–the highly fortified computer clients that most companies trust as secure–were compromised.
The rise of the Age of Data has aided and abetted the fraudsters, providing them both cover and capability. Massive data breaches over the years have flooded the black market with credit card numbers, Social Security numbers, and other marketable entities that are currency among cybercriminals. There is no honor among thieves, but criminals commonly work together to exploit vulnerabilities created by digital economy.
But the big data age cuts both ways, and now IBM is stepping up with a new collection of software and services designed to help enterprises and public organizations detect fraud. IBM’s Rick Hoehne, who holds the title of global counter fraud and financial crimes leader, recently spoke with Datanami about the new anti-fraud initiative and specifically what role big data analytics will play.
“About two years ago we noticed a significant uptick in insurance companies, for instance, that were asking more our data and analytics capabilities around fraud,” Hoehne says. “As we started poking around, we found that the mindset was starting to change, that we’re no longer accepting fraud as a cost of doing business.”
Hoehne has spent many years working with the insurance industry, which always accepted fraud as a cost of doing business. “It still does in a lot of places,” he says. “You just understand it’s about 15 percent of incurred losses, and you factor it into your rates and it is what it is. And that was because it was too hard to find. It was just too was hard to connect the dots and predict whether something was legitimate or not. Now with the advances in big data, link detection, predictive analytics, we can do things we never could do before.”
Hoehne recently met with an insurance company that was tired of paying out for a series of staged traffic accidents. “It took over two years to realize that, on a series of staged accidents that all seemed independent, that it was a police officer doing all the reports,” he says. “We now can bring all of that data together, and do the link detection and link analysis to understand relationships and connect dots.”
Many of today’s sophisticated fraud schemes are complex, multi-channel initiatives that are specifically designed to mask the trails and signals left by fraudsters and to thwart stand-alone fraud detection systems. To counter that, IBM took an integrated, cross-channel approach, and that is the gist of the yesterday’s product announcement.
Not only has IBM built the integration glue that connects multiple counter-fraud products in IBM’s portfolio–including Cognos, i2, SPSS, Q1 Labs, Trusteer, and SoftLayer–but it did a most un-IBM thing and gave them a single product ID number and a single licensing metric. That alone will shave about three weeks off the ordering process for a large enterprise. Deployments on IBM’s SoftLayer cloud will simplify the process of installing and operating the software, too.
IBM also unveiled Red Cell, a new group of about 500 Big Blue fraud-fighting super heroes whose goal is to help clients detect and put an end to fraud in their organizations. “It’s just like X-Force, but it’s applied to fraud intelligence rather than the security and malware space,” Hoehne says.
There are no big data components in the new counter fraud portfolio proper, but big data parts are expected to be widely used nonetheless. Depending on the client, IBM will bring its Hadoop product, called InfoSphere BigInsights, to bear on the problem. Rather than coding MapReduce, IBM will use SQL interfaces to simplify life for the programmers. InfoSphere Streams is also being used for real-time fraud detection and its Big Sheets software is being used for visualization and queries.
“The volume of data that’s available in the observation space, it’s just too damn big to fit into a structured warehouse,” Hoehne says. “We need the big data capability to bring it in, in an unstructured fashion, and then structure it as we ned it and begin building the models for behaviorisms, for accounts or individuals. We couldn’t do some of the things we can do now–and feel like need to do now–without big data.”
Hadoop is more likely to be used in the banking space to help customers, for example, connect the dots between unstructured data, such as wire transfer orders, and log-in and authentication attempts. “I’m more likely to put a Hadoop repository in front of that to be the mixing bowl so that I can bring all these sources of data together, normalize them, tokenize them, and then begin to analyze them,” he says. “I need to use big data techniques to connect those dots.”
IBM’s fraud-fighters just finished a proof of concept that involved using Hadoop to aggregate, store, and analyze multiple sources of data, including cyber data, transactional data, unstructured data, and external data. “That’s all being done with big data techniques. It’s very powerful,” Hoehne says. “It’s nice to actually be using big data for a purpose and not just talking about it as an interesting hype concept.”
Look out, fraudsters. IBM may pivot about as gracefully as an elephant. But once it gets moving in the right direction, it’s a force to be reckoned with.