Credit card fraud is a growing problem for all banks globally as more payments are digitised. It creates significant disruption for customers and card providers as:

• Customers are charged for items that they did not purchase. This means that they will have to contact their card providers and go through the laborious process of seeking charge reversals and getting a new card.
• Card providers spend considerable effort investigating the fraudulent transactions and bear the costs associated with issuing replacement cards. Card providers may also experience declining revenue as customers affected by fraud have less confidence and may move some of their spendings to other providers.

With credit card fraud being a global issue, most banks have subscribed to fraud detection services from industry providers which cover the most common fraud types. These services are updated dynamically as specific merchants across the global card issuer networks are identified as being fraudulent. However, these solutions are general and tend to prevent fraud at a merchant level and may miss more granular fraud attack patterns.

Fraudsters are getting smarter every day and new attack types are constantly emerging. By using machine learning, we can identify abnormal payment transactions from the very first occurrence. Data enables us to provide OCBC customers with greater peace of mind while delivering significant savings to the bottom line.

- Andrea Pisoni, Head, AI Lab, Group Data Office

As such, OCBC Bank’s AI Lab has developed a credit card fraud detection solution to supplement the traditional fraud detection platforms. This solution is designed to score every card payment transaction at an individual customer level and augment them with a higher-level monitoring engine.

While it’s easy to pick up and fix problems in a controlled environment, in real-world scenarios, this can be more difficult as hackers and scammers employ many different methods to avoid detection. Non-fraudulent transactions are easy to identify as they fit the customers’ usual activity profile. However, having millions of non-fraudulent transactions can hinder the detection of fraud as these transactions introduce a significant degree of noise. This can make it challenging for just one model to identify transactions that are suspicious.

That’s why, we have set up a fraud detection pipeline by cascading two distinct models: a denoising model and a detector model.

This is what the pipeline roughly looks like:

1. Starting from a data set of raw credit card transactions, we first extract features at the transaction level (such as whether a transaction was physical or online and the time of the day when the transaction was performed).
2. Second, we aggregate the transactions to generate features at the customer level – collecting information on the customer’s habits and patterns that the models will be able to use to detect anomalies.
3. Next, we aggregate the transactions again to generate merchant level features. This provides the models with merchant information (such as how many transactions a given merchant receives in a period). This gives extra context for the models to determine whether a transaction is risky.
4. We then execute the denoising model to remove transactions that are obviously non-fraudulent.
5. Then we re-aggregate transactions to build additional customer and merchant level features to the higher risk “surviving” data set.
6. Finally, we execute the detector model to identify possible fraudulent transactions.

After the engine identifies transactions that are likely fraudulent, personalised communications are then sent to customers to notify them of the abnormal transactions. At the same time, we provide information on how to review the transaction and raise any potential disputes. Over 30% of the transactions issued daily are categorised by customers as disputes showing that the engine is successful in identifying suspicious activities.

Fraud usually occurs very rapidly, and customers tend not to become aware of fraudulent transactions until many days have passed. The OCBC models can identify the suspicious activity from the very first transaction and immediately notify the customer. This reduces the potential loss to the customer significantly as well as the post-event investigation and refund effort.

Through advanced analytics, we’re able to give our customers greater peace of mind, while generating significant savings through reduced fraud volumes.