graphs vs fraud
play

Graphs vs Fraud! Dr. Jim Webber Chief Scientist, Neo4j @jimwebber - PowerPoint PPT Presentation

Aug 10, 2023 •415 likes •1.12k views

Graphs vs Fraud! Dr. Jim Webber Chief Scientist, Neo4j @jimwebber Overview First-party Fraud Whiplash for Cash Online Payment and Identity Master Data Management Provenance Governance First-party Fraud First-Party

  1. Graphs vs Fraud! Dr. Jim Webber Chief Scientist, Neo4j @jimwebber

  2. Overview • First-party Fraud • Whiplash for Cash • Online Payment and Identity • Master Data Management • Provenance • Governance

  3. “First-party Fraud”

  4. First-Party Fraud • Fraudster’s aim: apply for lines of credit, act normally, extend credit, then…run off with it • Fabricate a network of synthetic IDs, aggregate smaller lines of credit into substantial value • Often a hidden problem since only banks are hit • Whereas third-party fraud involves customers whose identities are stolen • More on that later…

  5. So what? • $10’s billions lost by US banks every year • 25% of the total consumer credit write-offs in the USA • Around 20% of unsecured bad debt in EU and USA is misclassified • In reality it is first-party fraud These are en enormous us numbers

  6. Fraud Ring

  7. Then the fraud happens… • Revolving doors strategy • Money moves from account to account to provide legitimate transaction history • Banks duly increase credit lines • Observed responsible credit behaviour • Fraudsters max out all lines of credit and then bust out

  8. … and the Bank loses • Collections process ensues • Real addresses are visited • Fraudsters deny all knowledge of synthetic IDs • Bank writes off debt • Two fraudsters can easily rack up $80k • Well organised crime rings can rack up many times that

  9. Discrete Analysis Fails to predict…

  10. …and Makes it Hard to React • When the bust out starts to happen, how do you know what to cancel? • And how do you do it faster then the fraudster to limit your losses? • A graph, that’s how!

  11. Probably Non-Fraudulent Cohabiters

  12. Probable Cohabiters Query MATCH (p1:Person)-[:HOLDS|LIVES_AT*]->() <-[:HOLDS|LIVES_AT*]-(p2:Person) WHERE p1 <> p2 RETURN DISTINCT p1

  13. Dodgy-Looking Chain

  14. Risky People MATCH (p1:Person)-[:HOLDS|LIVES_AT]->() <-[:HOLDS|LIVES_AT]-(p2:Person) -[:HOLDS|LIVES_AT]->() <-[:HOLDS|LIVES_AT]-(p3:Person) WHERE p1 <> p2 AND p2 <> p3 AND p3 <> p1 WITH collect (p1.name) + collect(p2.name) + collect(p3.name) AS names UNWIND names AS fraudster RETURN DISTINCT fraudster

  15. Pretty quick… Number of people: [5163] Number of fraudsters: [40] Time taken: [2495] ms

  16. Localise the focus MATCH (p1:Person {name:'Sol'}) -[:HOLDS|LIVES_AT]->()… Number of fraudsters: [5] Time taken: [431] ms

  17. St Stop p a b bust-ou out in in ms ms.

  18. Quickly Revoke Cards in Bust-Out MATCH (p1:Person)-[:HOLDS|LIVES_AT]->() <-[:HOLDS|LIVES_AT]-(p2:Person) -[:HOLDS|LIVES_AT]->() <-[:HOLDS|LIVES_AT]-(p3:Person) WHERE p1 <> p2 AND p2 <> p3 AND p3 <> p1 WITH collect (p1) + collect(p2)+ collect(p3) AS names UNWIND names AS fraudster MATCH (fraudster)-[o:OWNS]->(card:CreditCard) DELETE o, card

  19. “Auto Fraud”

  20. Whiplash http://georgia-clinic.com/blog/wp-content/uploads/2013/10/whiplash.jpg

  21. Whiplash for Cash http://georgia-clinic.com/blog/wp-content/uploads/2013/10/whiplash.jpg http://cdn2.holytaco.com/wp-content/uploads/2012/06/lottery-winner.jpg

  23. Risk • $80,000,000,000 annually on auto insurance fraud and growing • Even small % reductions are worthwhile! • British policyholders pay ~£100 per year to cover fraud • US drivers pay $200-$300 per year according to US National Insurance Crime Bureau

  24. How? “Flash for Cash” “Crash for Cash”

  25. Regular Drivers

  26. Regular Drivers Query MATCH (p:Person)-[:DRIVES]->(c:Car) WHERE NOT (p)<-[:BRIEFED]-(:Lawyer) AND NOT (p)<-[:EXAMINED]-(:Doctor) AND NOT (p)-[:WITNESSED]->(:Car) AND NOT (p)-[:PASSENGER_IN]->(:Car) RETURN p,c LIMIT 100

  27. Genuine Claimants

  28. Genuine Claimants Query MATCH (p:Person)-[:DRIVES]->(:Car), (p)<-[:BRIEFED]-(:Lawyer), (p)<-[:EXAMINED]-(:Doctor) OPTIONAL MATCH (p)-[w:WITNESSED]->(:Car), (p)-[pi:PASSENGER_IN]->(:Car) WITH p, count(w) AS noWitnessed, count(pi) as noPassengerIn

  29. Fraudsters

  30. Fraudsters MATCH (p:Person)-[:DRIVES]->(:Car), (p)<-[:BRIEFED]-(:Lawyer), (p)<-[:EXAMINED]-(:Doctor), (p)-[w:WITNESSED]->(:Car), (p)-[pi:PASSENGER_IN]->(:Car) WITH p, count(w) AS noWitnessed, count(pi) as noPassengerIn WHERE noWitnessed > 1 OR noPassengerIn > 1 RETURN p

  31. Auto-fraud Graph • Once you have the fraudsters, finding their support team is easy. • (fraudster)<-[:EXAMINED]-(d:Doctor) • (fraudster)<-[:BRIEFED]-(l:Lawyer) • And it’s also easy to find their passengers • (fraudster)-[:DRIVES]->(:Car)<-[:PASSENGER_IN]-(p) • And easy to find other places where they’ve maybe committed fraud • (fraudster)-[:WITNESSED]->(:Car) • (fraudster)-[:PASSENGER_IN]->(:Car) • And you can see this in milliseconds!

  32. It It’ s a all a about th the patterns

  33. “Phoney Persona”

  34. Online Payments Fraud (First-Party) • Stealing credentials is commonplace • Phishing, malware, simple naïve users • Buying stolen credit card numbers is easy • How should one protect against seemingly fine credentials? • And valid credit card numbers?

  35. We are all little stars • Username and passwords • Two-factor auth • IP addresses, cookies • Credit card, paypal account • Some gaming sites already do some of this • Arts and Crafts platform Etsy already embraced the idea of graph of identity

  36. An Individual Identity Subgraph fred@rbs.co.uk 1234LOL 128.240.229.18

  37. We are all made of stars…

  38. Specific Weighted Identity Query Bare MATCH (u:User {username:'Jim', password: 'secret'}) Minimum OPTIONAL MATCH Other Specific (u) -[cookie:PROVIDED]->(:Cookie {id:'1234'}) Considerations OPTIONAL MATCH (u)-[address:FROM]->(:IP {network:'128.240.0.0'}) RETURN SUM(cookie.weighting) + SUM(address.weighting) Final AS score Decision

  39. General Weighted Identity Query Bare MATCH (u:User {username:'Jim', password: 'secret'}) Minimum OPTIONAL MATCH (u)-[rel]->() All Available Weightings WHERE has(rel.weighting) Final RETURN SUM(rel.weighting) AS score Decision

  40. An Individual Login History fred@rbs.co.uk 1234LOL

  41. From 1 st to 3 rd Party • The 1 st party identity graph can easily be extended to 3 rd party fraud • Like in the bank fraud ring, fraudsters can mix-n-match claims • Start with a few phished accounts and expand from there!

  42. Shared Connections fred@rbs.co.uk nick@bearings.com 1234LOL Ca$hMon£y 128.240.229.18

  43. Graphing Shared Connections Hmm….

  44. Scan for Potential Fraudsters MATCH (u1:User)--(x)--(u2:User) Network in WHERE u1 <> u2 AND NOT (x:IP) common is OK RETURN x

  45. Stop specific fraudster network, quickly MATCH path = (u1:User {username: 'Jim'})-[*]-(x)-[*]-(u2:User) WHERE u1<>u2 AND NOT (x:IP) AND NOT (x:User) RETURN path

  46. How do these fit with traditional fraud prevention? Gartner’s Layered Fraud Prevention Approach http://www.gartner.com/newsroom/id/1695014

  47. “Chronic Master Data”

  48. Master Data Management • Provide high quality, joined up data to the right process at the right time • Bridge silos, leverage all data (including legacy) • Database point of view: fancy indexes • Graph database point of view: a Web of data • Multidimensional, path-centric index

  49. Master Data Management Examples • Adidas: Shared Metadata Service • 360 degree view of data via the graph • Without disturbing existing (valuable) systems! • ICE: Global directory for participants, market makers, investment funds etc. • Futures and trading house • Social network for brokers Recommendations for the right broker means more business! • Recommendations are trivial in a graph • • Pitney Bowes productised platform on top of Neo4j • Materially affected their stock rating • http://www.zacks.com/stock/news/157741/pitney-bowes-selects-neo4j-to-develop- graphbased-mdm

  50. Easy Recommendations: Triadic Closure http://www.isciencemag.co.uk/blog/are-you-a-social-network-junkie/

  51. Triadic Closure (1)

  52. Triadic Closure (2)

  53. Easy Global Query MATCH (me:Trader)-[:TRUSTS]- (:Trader)-[:TRUSTS]-(you:Trader) WHERE me <> you AND NOT me-[:TRUSTS]-(you) WITH me, you MERGE (me)-[:TRUSTS]->(you) RETURN me, you

  54. Or Super-fast Local Query MATCH (me:Trader name:'Ed')-[:TRUSTS]- (:Trader)-[:TRUSTS]-(you:Trader) WHERE me <> you AND NOT me-[:TRUSTS]-(you) WITH me, you MERGE (me)-[:TRUSTS]->(you) RETURN me, you

  55. Side note: Triadic Closures Predict WWI [Easley and Kleinberg]

  56. What has this to do with stopping fraud? • Recommendations are a positive version of anti-recommendations • Identifying fraud is an anti-recommendation • So you can use triadic closure to try to identify networks of fraudsters and their targets via transitive relations

  57. “False Provenance”

  58. Provenance • Banks are awash with data • And spend a lot of time moving and transforming it • Where did this data come from? • Compliance and auditors want to know • How do I show how this data got computed/transformed/moved?

  59. It’s a graph!

  60. <foo> … <foo/> SELECT * FROM ACCOUNTS WHERE…

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Fraud Overview Agenda Fraud Overview Fraud Triangle and Red Flags Fraud Prevention

Fraud Overview Agenda Fraud Overview Fraud Triangle and Red Flags Fraud Prevention

Fraud Overview Agenda Fraud Overview Fraud Triangle and Red Flags Fraud Prevention Case Studies Our Commitment Spring ISD Source: ACFE &amp; Fraud Overview What Is Fraud? Fraud is any intentional act or

405 views • 18 slides
Fraud Prevention: The Prevention and Detection of Fraud Begins with You Takeaways What is

Fraud Prevention: The Prevention and Detection of Fraud Begins with You Takeaways What is

Fraud Prevention: The Prevention and Detection of Fraud Begins with You Takeaways What is fraud? Definition Facts Four factors Fraud risk assessment Four evaluation criteria Common fraud schemes Case studies

707 views • 60 slides
What is Fraud ? The Fraud Act 2006 defines fraud as . Headed by Investigations Manager

What is Fraud ? The Fraud Act 2006 defines fraud as . Headed by Investigations Manager

Points to cover Leicester City Council Revenues &amp; Benefits Investigation Team What is Fraud? Fraud Awareness Key issues for the Team Audit and Risk Committee Referrals &amp; Investigation Process Sanctions &amp;

69 views • 4 slides
The Fraud Indicator in the UK Professor Mark Button Centre for Counter Fraud Studies Outline of

The Fraud Indicator in the UK Professor Mark Button Centre for Counter Fraud Studies Outline of

The Fraud Indicator in the UK Professor Mark Button Centre for Counter Fraud Studies Outline of Presentation General measures of fraud Past measurement of fraud The annual fraud indicator and fraud Theres no fraud here, Ive

684 views • 26 slides
Prioritising the Fight Against Fraud: A Strategic Approach The Association of Certified Fraud

Prioritising the Fight Against Fraud: A Strategic Approach The Association of Certified Fraud

Prioritising the Fight Against Fraud: A Strategic Approach The Association of Certified Fraud Examiners (ACFE) is an international, professional organization dedicated to fighting fraud and white-collar crime . As fraud becomes increasingly more

373 views • 24 slides
Definition of Fraud Fraud is an intentional deception made for personal gain Fraud Triangle

Definition of Fraud Fraud is an intentional deception made for personal gain Fraud Triangle

MMTCTA Fraud Internal Controls Presented By Ron Smith &amp; Greg Chabot, RHR Smith &amp; Co. May 14, 2015 About RHR Smith &amp; Company: RHR does approx 130 of Maines 500 Municipalities In the past year RHR has Investigated 23+

506 views • 39 slides
Medicare ACOs: Fraud and Abuse Perspectives This webinar is brought to you by the Fraud &amp;

Medicare ACOs: Fraud and Abuse Perspectives This webinar is brought to you by the Fraud &amp;

Medicare ACOs: Fraud and Abuse Perspectives This webinar is brought to you by the Fraud &amp; Abuse (Fraud) Practice Group and the Accountable Care Organization Task Force (ACO TF) (a joint endeavor of the Antitrust; Fraud and Abuse; Health

408 views • 26 slides
The Role of Internal Controls in the Fight Against Fraud A Tale of Fraud! Payroll manager

The Role of Internal Controls in the Fight Against Fraud A Tale of Fraud! Payroll manager

The Role of Internal Controls in the Fight Against Fraud A Tale of Fraud! Payroll manager makes $2.25MM disappear! It must be Magic! Fraud Statistics 5% of GWP lost to employee fraud &amp; abuse More than $3.5 Trillion per year

559 views • 44 slides
Fraud in the NHS Iain Flinn Counter Fraud Specialist March 2011 Areas Susceptible to Fraud

Fraud in the NHS Iain Flinn Counter Fraud Specialist March 2011 Areas Susceptible to Fraud

Fraud in the NHS Iain Flinn Counter Fraud Specialist March 2011 Areas Susceptible to Fraud Procurement Qualifications Sickness / Attendance / Time Recording Ghosts Salary payments Prescriptions Health Tourists

619 views • 9 slides
The Work of the New Zealand Serious Fraud Office White Collar Crime and Serious Fraud Conference

The Work of the New Zealand Serious Fraud Office White Collar Crime and Serious Fraud Conference

The Work of the New Zealand Serious Fraud Office White Collar Crime and Serious Fraud Conference AUCKLAND 2 JULY 2010 WHAT IS THE SERIOUS FRAUD OFFICE? SFO: An Overview Mandate investigate and prosecute serious or complex fraud Part 1 -

421 views • 13 slides
Risky Business: How Companies Fall Victim to Fraud Presented by: Tony Okray Julie Latchaw

Risky Business: How Companies Fall Victim to Fraud Presented by: Tony Okray Julie Latchaw

6/5/2016 Risky Business: How Companies Fall Victim to Fraud Presented by: Tony Okray Julie Latchaw Julie Lombardi Member FDIC Agenda: Fraud Statistics Fun With Numbers Check Fraud &amp; ACH Fraud Your Role in Preventing Fraud Fraud

238 views • 13 slides
Onyx Fraud is rife online Online fraud aggregated 10bn in 2017 Fraud costs are increasing, due

Onyx Fraud is rife online Online fraud aggregated 10bn in 2017 Fraud costs are increasing, due

Onyx Fraud is rife online Online fraud aggregated 10bn in 2017 Fraud costs are increasing, due to technology sophistication Internet provides unrestricted access to a larger pool of potential victims Banks should arm themselves with

276 views • 16 slides
CYBER FRAUD Presented by: JACK R. SUDOL, MBA Cyber Fraud FBI Announcement Between October

CYBER FRAUD Presented by: JACK R. SUDOL, MBA Cyber Fraud FBI Announcement Between October

CYBER FRAUD Presented by: JACK R. SUDOL, MBA Cyber Fraud FBI Announcement Between October 2013 and December 2016 the FBI reported 40,203 incidents of BEC/EAC totaling $5.3 Billion Dollars of Losses! The number of wire fraud scams

997 views • 20 slides
Fraud Presentation Presented by Stephen B. Sm ith, CPA Williams-Keepers LLC To Boone County Bar

Fraud Presentation Presented by Stephen B. Sm ith, CPA Williams-Keepers LLC To Boone County Bar

Fraud Presentation Presented by Stephen B. Sm ith, CPA Williams-Keepers LLC To Boone County Bar Association May 14, 2003 Perpetrators Employees are engaged in 64% of fraud cases Manager/executive fraud is 3.5 times as costly as fraud

501 views • 30 slides
Association of Certified Fraud Examiners ACFE 2018 GLOBAL STUDY ON OCCUPATIONAL FRAUD AND

Association of Certified Fraud Examiners ACFE 2018 GLOBAL STUDY ON OCCUPATIONAL FRAUD AND

Association of Certified Fraud Examiners ACFE 2018 GLOBAL STUDY ON OCCUPATIONAL FRAUD AND ABUSE 1 Key Findings 2 The Red Flags of Fraud Understanding and recognizing the behavioral red flags displayed by fraud perpetrators can help

323 views • 8 slides
Fraud Awareness Corporate Fraud Team Agenda for today Introduction to the session (Paul

Fraud Awareness Corporate Fraud Team Agenda for today Introduction to the session (Paul

Fraud Awareness Corporate Fraud Team Agenda for today Introduction to the session (Paul Sutton, Chief Finance Officer) The Corporate Fraud team role, how to make referrals (John Short- Interim Senior Fraud Investigations Officer)

265 views • 23 slides
WESTMAN &amp; ASSOCIATES PRESENTATIONS/WORKSHOPS Governance Presentation Topics Title/Description

WESTMAN &amp; ASSOCIATES PRESENTATIONS/WORKSHOPS Governance Presentation Topics Title/Description

WESTMAN &amp; ASSOCIATES PRESENTATIONS/WORKSHOPS Governance Presentation Topics Title/Description Intended Audience(s) Length Being a Great Board Chair - 10 Key Donts and Dos: Based on key points made in Mr. Current and aspiring board ~

105 views • 7 slides
Safe System Approach Claes Tingvall (Swedish Transport Administration) Peter Larsson (Swedish

Safe System Approach Claes Tingvall (Swedish Transport Administration) Peter Larsson (Swedish

Safe System Approach Claes Tingvall (Swedish Transport Administration) Peter Larsson (Swedish Transport Agency) 3. CONSIDERS that the level of road fatalities and injuries remain unacceptably high and STRESSES the importance of adapting motorways,

754 views • 28 slides
Analyst Presentation 3 November 2010 Agenda Henry Engelhardt, Group Chief Executive Officer

Analyst Presentation 3 November 2010 Agenda Henry Engelhardt, Group Chief Executive Officer

Analyst Presentation 3 November 2010 Agenda Henry Engelhardt, Group Chief Executive Officer Q3 Group highlights &amp; introduction UK car insurance Marketing Charlotte Bennett Marketing, Charlotte Bennett

746 views • 74 slides
1 2 3 4 5 6 Feeling of victimisation also extends to the perceptions that they dont

1 2 3 4 5 6 Feeling of victimisation also extends to the perceptions that they dont

1 2 3 4 5 6 Feeling of victimisation also extends to the perceptions that they dont want young people on the road They being government and society in general common across gender / SEGs and age groups although

944 views • 77 slides
Half-Year Results Presentation July 2018 Disclaimer LEGAL NOTICE This presentation has been

Half-Year Results Presentation July 2018 Disclaimer LEGAL NOTICE This presentation has been

Half-Year Results Presentation July 2018 Disclaimer LEGAL NOTICE This presentation has been prepared to inform investors and prospective investors in the secondary markets and other market participants about Sabre Insurance Group plc and its

349 views • 21 slides
Strategic Planning: Challenges and Strengths Michael Hemesath All Campus Community Forum August

Strategic Planning: Challenges and Strengths Michael Hemesath All Campus Community Forum August

Strategic Planning: Challenges and Strengths Michael Hemesath All Campus Community Forum August 19, 2014 Those of us working in higher education can sometimes get a feeling of intellectual whiplash as we go about our work. On the one hand, in

59 views • 4 slides
First half results 2015 Presentation for investors and analysts 24 th July 2015 2 Consolidated

First half results 2015 Presentation for investors and analysts 24 th July 2015 2 Consolidated

First half results 2015 Presentation for investors and analysts 24 th July 2015 2 Consolidated financial information Schedule and contacts Financial supplement Key highlights Contents 1 2 3 4 1 Key highlights Business growth, bolstered

921 views • 63 slides
Vehicle safety - A key factor in road traffic safety Anders Lie The Swedish National Road

Vehicle safety - A key factor in road traffic safety Anders Lie The Swedish National Road

Vehicle safety - A key factor in road traffic safety Anders Lie The Swedish National Road Administration 2009-04-14 Swedish Road Administration 2 The road transport system is an open and complex system Infrastructure Vehicles

201 views • 17 slides

More recommend