eCommerce Payments Fraud Prevention: Machine Learning Battle Against Cybercriminals

As e-commerce and online retail transactions are taking over more businesses, fraudsters are adapting to new systems too. In this post, Denis Baranov lists the most common fraud scenarios in online retail and explains how ML-powered algorithms help to prevent these.
9 min read
ALL articles
By Denis Baranov
Head of Retail & Distribution Practice
eCommerce Payments Fraud Prevention: Machine Learning Battle Against Cybercriminals

Common Fraud Scenarios in Online Retail

Fraud volumes have recently increased by 7.3% for U.S. e-commerce and retail merchants. It seems only natural that the main e-commerce frauds happen in the payment stage: identity theft, phishing, account theft and others. While fraudsters have become more sophisticated, so has fraud prevention.

The most common type of a fraud scenario, identity theft can have effects of different scope. Someone who steals your information to commit fraud can use it however they please, from a credit card swindle to tax reports and medical services.

In retail, one of the most common types of identity theft is using personal data to get money or products from a merchant. How can you prevent identity theft? Behavioral analytics solve fraud detection challenges. Algorithms can track any suspicious activity, and this way; fraudulent attempts can be prevented.

As a part identity theft, account takeover is also growing increasingly common. Intruders steal an online account, and then, pretending to be the customer, change their information and eventually post unauthorized payments. Account takeovers are a disturbing trend “at the highest loss rate, up a staggering 72 percent over prior year.”

Also, customers rely on reviews as they choose a company or a product, so fraudulent companies and merchants of marketplaces are likely to abuse it, committing merchant fraud. To get on the top of search lists, they can create fake reviews for their accounts to lure customers. To prevent merchant frauds, you can use Machine Learning algorithms that can find suspicious activity through opinion mining and behavior analysis.

Chargeback fraud, also known as "friendly fraud," happens when a customer buys a product and then requests their money back from the bank that they use. Insidious at heart, people caught committing chargeback fraud are prosecuted for theft and larceny. What does chargeback fraud mean? Say, someone is buying a product using a card online. Then he or she is claiming to their bank that their information was stolen, and they did not buy this product. So, business must reimburse them, while he or she  keeps the product in secret. Such fraudulent actions are especially widespread in service industries, such as gambling. To fight chargeback fraud, you can use a secure ecommerce platform and a reputable payment processor with seller protection and fraud detection.

Next in this list, affiliate fraud is a fraud designed to abuse an affiliate marketing program and generate commissions from it. It can happen through an automation or through real people creating fake accounts: either way, the goal is to abuse the program and get benefits. It also includes any activity that violates the terms and conditions of a program. To prevent affiliate fraud, one can use solutions that find high-risk IP addresses that are sending non-human traffic to multiple internet destinations.

Machine Learning Algorithms and Software to Detect Anomalies and Find Patterns

1. Detecting the Enemy

As it becomes clear, Machine Learning applications can be the key to fighting against most common frauds in online retail. Data science has a lot of anti-fraud practices. Let’s take a closer look at what types of Machine Learning engines are available, how they work and how to make them work for you.

At its core, Aartificial iIntelligence (AI) separates incoming information, or objects, into two categories: normal distribution and anomalies, also known as outliers. Anomalies (outliers) are all sorts of object and values that do not fit into the normal picture, which makes them suspicious. AI can analyze different objects: images, transactions, or texts. These variables can show if user behavior is unexpected, if user actions are normal and if transactions are typical. Once there are any mismatches and inconsistencies whatsoever, AI will separate these objects from the rest.

After AI finds anomalies, it can block it or send it to a human reviewer to check. In binary problems, anomaly detection is the best solution, for example, if a transaction is looking suspicious, AI can request a user to make more steps of verification. However, people still make harder complex decisions better, so process can handle easy resolutions saving customer’s time, while people can look at complicated cases. A good instrument on its own, anomaly detection is not going to be sufficient and needs to be a part of a stronger anti-fraud system.

You can hear many names of showing anomalies in data science and machine learning: outlier mining, novelty detection, anomaly modeling, outlier detection. They all refer to the same process at its core.

Outlier Analysis by Charu Aggarwal classifies aAnomaly detection models into the following groups:

  • Extreme Value Analysis

Extreme value analysis means finding extremes within a set of data: points that are too low or too far compared to Standard Deviation. It is a good method to analyze data set initially or as a last step after other methods are used.

  • Probability and Statistical Models

After estimating parameters of the model and then calculating probability if certain data point belongs to the distribution, one can find anomalies within data by looking at elements with low probability.

  • Linear Regression Models

Using linear correlations, one can model data into lower dimensions, then each data point is connected to the plane that fits the lower dimension. Resulting distance is the source for finding anomalies.

  • roximity-Based Anomaly Detection

Data is separated in groups based on certain factors. DBSCAN (Density-Based Spatial Clustering of Applications with Noise) is a good example of this method.

  • Information Theoretic Models

The most minimalist code length describing a data set increases because of anomalies, which is used to detect them.

  • High-Dimensional Anomaly Detection

The more data, the harder it is to analyze, so methods for largest data sets are different.

Talk to our eCommerce Expert

2. AI Analytics and Learning

Behavioral Profiling Analytics

Many organizations, especially financial institutions, look at user behavior to track suspicious activity. Through each step of transaction, you can expect a certain user behavior thanks to behavior analytics ran by machine learning. All possible information is collected: accounts, devices, each individual and each merchant, to be able to keep an updated database and have informed predictions for customer behavior. Keeping the database constantly updated decreases a risk of the fraud, so it is an essential part of this process - both fraudulent and illegal.

Now, AI learns by combining different data sets and analyzing connections between them. Types of learning can differ in various features, so we will focus on supervised and unsupervised learning.

Supervised Learning

Supervised learning means that you have both normal and outlier points in your dataset, and it is especially good at encoding any interdependencies between data points as well as building prediction models on past experiences. Two Supervised Machine Learning types are Classification and Regression. Classification labels incoming data and puts it into categories depending on past data samples. Examples of Classification are:

  • Support Vector Machines

Separating transactions data samples into two different classes on a plane graph with a formulate showing the smaller error compared to ground truth dataset (real transactions) so that the largest margins between normal and fraudulent transactions provide much-needed security.

  • Decision Trees

A Supervised decision tree can make classifications (predictions) based  on entered data of normal and abnormal transactions. It  computes fraudulence scores starting for the root node to child nodes,   which also split in other child nodes and so on. Depending on data input,  it can happen in binary or multi-fashion conditions. Once the tree is  ready, a new data input (transaction) runs through the root of the tree  according to its features.

  • K-Nearest Neighbor (or k-NN)
  • Random Forest

To stay up to date with ever-changing malware attacks, developers must understand specifications of each field, perform a lot of manual labor and make sure that datasets are as large as possible to ensure security and run algorithms using enough data. Even though supervised machine learning is extremely effective for learning patters, it has one downside: not being able to recognize a threat if the pattern changes.

Regression includes algorithms that can identify patterns and calculate predictions of patterns continuously. Examples of Regression are:

  • Linear Regression
  • Logistic Regression
  • Polynomial Regression

Unsupervised Learning

Unsupervised learning does not need any data to run through manually to train. It assumes that as in statistics, most of data is going to be normal with a small number of exceptions - outliers. Two Unsupervised Machine Learning types are Clustering and Association. A couple of examples could be autoencoders and hypothesis-based analysis.

Unsupervised learning, unless regularly monitored, can also go in wrong directions and confuse data analysis. This is where people come in. Even though machine learning allows us to help and analyses large sets of data and see patterns, people are still essential to fraud prevention. Experience, gut feeling, and complex decision making are still strengths of people, not algorithms. The key is to mix and match strengths of both to create a balanced scheme, so that you can catch more elusive fraud.

In case of a few examples of fraudulent activities, one can detect anomalies through auto-encoder, which is unsupervised on its own but is often used within supervised methods. It excludes anomaly samples in the beginning and only uses it for testing. We can train a neural autoencoder on one class of events, so it is able to notice unusual ones. There is number of middle layers between an equal number of input and output units. The difference between the input and final layer helps figure out if it is a fraud or not. Basically, neural network architecture can process data and compress it in a representative smaller version of original data which helps to understand the overall picture.

Another interesting technique to detect anomalies is isolation forest. Just like the auto-encoder method, it is great for businesses where there have not been that many fraudulent cases yet. Isolation forest only focuses on anomalies instead of having both normal and abnormal data points; the algorithm chooses a value from a range of a feature – all of them completely random. These selections then step-by-step grow into a tree. The more random splits (also known as mean length), the deeper this tree is. Trees grow into a forest, then you measure the mean length number over the forest and end up being the main measure of normality, a certain base line that helps us see outliers. As you make random splits using outliers, these trees are shorter than the sets with normal values. In the end, we end up registering abnormalities more specifically.

Sign Up for Updates!

Subscribe now to receive industry-related articles and updates

Choose industries of interest
Thank You for Joining!

You will receive regular updates based on your interests. No spam guaranteed

Add another email address
Read more
Sign Up for Updates!
Choose industries of interest
Thank You for Joining!

You will receive regular updates based on your interests. No spam guaranteed

Add another email address
We are glad you found us
Please explore our services and find out how we can support your business goals.
Get in Touch