Banking Frontiers

AI now a double-edged sword

While it has unquestion­able benefits for banks and financial services institutio­ns in fraud containmen­t, AI is also a high-end tool for fraudsters:

- Mohan@bankingfro­

Artificial intelligen­ce (AI) techniques have been in use in banks since the early 2010s for what is then defined as anomaly detection – in other words in finding out deviations from a norm - in matters relating to fraud, cybersecur­ity and AML processes. There have been different approaches in the use of AI in various types of frauds and banks could reap adequate benefits from having AI-based fraud detection solutions because by developing one model, they could apply that to different channels.

Fraud management is essentiall­y a process to identify, detect, react and stop the execution of fraud. By analyzing massive volumes of data, AI systems are now capable of spotting irregulari­ties that could point to a possible fraud. Several forms of fraud, including phishing, identity theft and payment fraud, can be detected and prevented by systems powered by AI. They can also adjust to changing circumstan­ces and pick up on emerging trends, making them more effective. Today’s AI-based solutions can also connect with other security systems (for example, biometric authentica­tion tools and identity verificati­on tools) and work in cohesion.


One clear example cited by AI experts of the use of AI system in fraud management is the case of Danske Bank, which implemente­d a fraud detection solution developed by San Diego, California-based Teradata, a global enterprise software company. The company helped the bank to modernize its fraud detection process and reduce some 1200 false positives per day. A case study on the implementa­tion had quoted that the bank, once fully implemente­d the solution, could reduce its false positives by 60% and could reach 80% as the model continued to learn, increase detection of real fraud by 50% and refocus its time and resources toward actual cases of fraud and identifyin­g new fraud methods.

Coming to the current times, fraudulent activities have evolved to unpreceden­ted levels. Globally, one of the recent instances of innovative frauds detected has been the dividend tax fraud, which had impacted several financial institutio­ns in European countries - cited as a clear instance of the extent to which fraudulent activities can change over time and how even the best of the preventive solutions can fail. Also called dividend stripping, it is committed through a complex mechanism of trading, selling and repurchasi­ng shares over a certain period to unlawfully avoid payment of dividend taxes, or to claim unjustifie­d tax reimbursem­ents.


In the fraud space, it has recently been demonstrat­ed that one can hack into an individual’s bank account using a copy of the AI-generated voice of the individual. Using generative AI tools, a fraudster can get informatio­n like account balance and transactio­n history by faking the account holder’s voice and convincing the concerned bank official that it is the

customer who is interactin­g. Fraudsters have also been using images and videos imitating the individual to get his or her login credential­s and then hack the account. Another threat perception is fake account creation where automated bots can create fake accounts at great speed, which gives fraudsters the ability to influence product reviews, distribute false informatio­n and spread malware.


Even as newer methods are being evolved and implemente­d in fraud detection and prevention across the world, fraudsters have only become more sophistica­ted and innovative. For example, the global trend shows there have been increases in instances of deepfake scams, in cybercrime­s, in phishing, in ransomware attacks, in investment frauds, and in e-commerce frauds. Some of the newer genre of frauds are card-testing fraud, where fraudsters steal credential­s of a card but before making any large-scale fraud, go on making smaller transactio­ns to test the capacity of the card and then make the

hit; account takeover fraud which is a type of identity theft in which the fraudsters get someone’s account and utilize it in illegal activities, and triangulat­ion fraud, which consists of 3 key players - a seller who is genuine, an individual who intends to shop, and a fraudster.

AI is, however, a double-edged sword. While it has been unscrupulo­usly used by fraudsters, it has also come to the aid of financial services institutio­ns. AI has proven that it can make fraud detection faster, more reliable and more efficient where traditiona­l fraud-detection models fail.


For example, AI-powered systems can process huge amounts of data faster and accurately than some of the existing software-based systems. Some of these systems help to reduce the error margin in identifyin­g normal and fraudulent customer behaviour, authentica­te payments faster and provide analysts with actionable insights.

AI-based systems are now expeditiou­sly used to detect and flag anomalies in realtime banking transactio­ns, app usage, payment methods and similar areas.

Some of the latest AI models are capable of self-learning by processing historical data and continuous­ly changing themselves to evolving fraud patterns. Using machine learning, predictive models can be developed to mitigate risks from frauds and this is possible with no or minimum human interventi­on.

For example, in identity theft, AI has very effective tools. Being familiar with customer behaviour patterns, these tools can detect unusual activity like password changes and contact details and flag the customer, after which remedial measures can be initiated. Likewise, in the case of phishing, the fraudulent activity can be detected by assessing email subject lines, content and other details and classify questionab­le emails as spam. This alerts the user and mitigates fraud risk. Algorithms based on ML can easily differenti­ate between original and fake identities, authentica­te signatures and spot forgeries with a high accuracy rate.


In general, AI uses a group of algorithms that monitor incoming data and stop fraud threats before they materializ­e. AI-based systems deployed can learn with historical data and adjust their rules to stop threats that may have never arisen in the past. Also being dynamic, these systems can continuous­ly function to cut down false positives (genuine users being blocked) by improving the accuracy of its rules. And these activities can be performed at super speed without impacting user experience.


Experts identify the major benefits of using AI in fraud detection as:

Real-time detection as AI tools can processes incoming data and block new threats dynamicall­y.

Perfection as usage grows as AI tools become better and more effective with more data getting analyzed.

Fraud detection in almost real-time, which helps free up staff involved in preventing frauds.

AI tools in fraud detection have their own limitation­s, however. Even the most refined AI tools have shown their frailties in countering phishing, social engineerin­g and other types of social frauds, mainly because these threats are not automated.


What are the major benefits that AI brings in fraud management domain?

Real - t i me s u r v e i l l a n c e where b y occurrence of fraudulent transactio­ns can be thwarted post-haste.

Advanced pattern recognitio­n whereby complex patterns and correlatio­ns

can be detected in data that may be impossible for human-based systems. Behavioura­l analysis where user behaviour can be analyzed and profiles created to detect aberration­s from typical patterns.

Adaptive learning as AI systems continuous­ly gain knowledge from fresh data, adjusting to changing fraud techniques.


Major AI tools that are being developed and deployed or almost ready for deployment in fraud management domain are:

1. Tools for fingerprin­ting for creating thorough user profiles, extensive data enrichment based on email addresses, IP addresses, or phone numbers, and the ability to examine social and digital profiles

2. Digital security tools that integrate separate API tools into a unified and complete solution and for verificati­on of identity of users thereby preventing unauthoriz­ed access to accounts. This is essentiall­y a tool against Account Takeover frauds.

3. Tools for payments optimizati­on,

revenue protection and abuse protection. 4. Tool s that can r e t r i e v e e mail informatio­n from databases, including those of service providers, social networking sites and webmail hosts. These tools can also examine and enhance informatio­n derived from phone numbers and IP addresses. 5. Tools that can extract actionable informatio­n from various sources to assist in countering fraud risks involved in transactio­ns, account opening, KYC

etc. These tools are intended to protect an organizati­on from fraud risks that use automated scripts, like taking over of account, keying credential­s, card fraud, fake account, etc.


AI has developed and assumed an unbelievab­le role today. There are generative AI tools like ChatGPT, Claude and Midjourney, which are now available to anyone with a connectivi­ty. While these tools are useful across a wide range of use cases, these have also been exploited by fraudsters.

Generative AI has become a major tool for fraudsters to create scores of fake identity documents, contracts, invoices and other essential scam materials in a matter of minutes. They can therefore scale up fraud schemes and target thousands of victims. This is mainly because generative AI has made is possible for anyone to create the texts, images and audio that resemble human creations. Generative AI tools are helping fraudsters create varied, tailored content for each target and most of these tools can be used anonymousl­y.

And there is no effective regulatory framework to counter this malady.

Many experts in financial crime have warned that generative AI is one of the biggest threats facing the financial services industry. Some of them have compared it to the Wild West and the gunslinger­s, bank robberies and bounties.

Neverthele­ss, many of them have not lost hope. They say generative AI can also be tapped to create tools for fraud detection and control. Since much of financial services involves text and numbers, generative AI and Large Language Models (LLMs), capable of learning meaning and context, can be harnessed to develop more intelligen­t and capable chatbots and improve fraud detection. Those in banks handling manual fraud reviews can make use of LLM-based assistants to tap into informatio­n from policy documents that can help expedite decision

making on whether cases are fraudulent. LLMs are also helpful in predicting the next transactio­n of a customer, which can help banks pre-emptively assess risks and block fraudulent transactio­ns.

It is now more than ever necessary for financial services institutio­ns to develop more advanced models using more data to secure themselves. They must also aim at reducing false positives in fraud detection for transactio­ns to improve customer satisfacti­on.

 ?? ?? AI is now an effective programmin­g tool for ... as those working to thwart fraud attempts
AI is now an effective programmin­g tool for ... as those working to thwart fraud attempts
 ?? ?? A hacker on the job, probably attemtping at an identity theft
A hacker on the job, probably attemtping at an identity theft
 ?? ?? Generative AI is all about generating text, images, synthetic data, or other media
Generative AI is all about generating text, images, synthetic data, or other media

Newspapers in English

Newspapers from India