in digital currenc y
play

in Digital Currenc y Soups Ranjan (soups@coinbase.com) Dir. of Data - PowerPoint PPT Presentation

Mar 30, 2024 •297 likes •789 views

Preventing Fraud and Account Takeovers in Digital Currenc y Soups Ranjan (soups@coinbase.com) Dir. of Data Science & Risk engineering Weve helped ~6M users in 33 countries exchange $6B in & out of digital currency cross-border

  1. Preventing Fraud and Account Takeovers in Digital Currenc y Soups Ranjan (soups@coinbase.com) Dir. of Data Science & Risk engineering

  2. We’ve helped ~6M users in 33 countries exchange $6B in & out of digital currency —cross-border remittances —merchants can accept bitcoins with no chargeback risk —alternative investment

  3. Bitcoin is instant & non-reversible Hardest payment fraud & security problems in the world What does it take to solve it?

  4. Agenda ● Payment fraud ● Account takeovers

  5. Payment Fraud

  6. Coinbase Sign-up Flow

  7. What does fraud at Coinbase look like? Alice disputes the 1. Steals Alice’s purchase bank account Scammer info or credit card numbe r 2. Steals Bob’s identity Coinbase returns funds back to Alice 3. Steals Carl’s mobile phone (call forwarding, SIM swap, etc)

  8. Fraud Prevention: Human meets Machine Intelligence Machine Intelligence Human actions “train” machine Identify “high risk” users Human Intelligence

  9. Supervised Machine Learning

  10. Precog: Supervised Machine Learning ● Train a model with two labels: ○ Fraud vs. Non-fraud ● Collect signals from user as they are signing-up ○ Fingerprint: Device, Browser, Location ○ Email, Phone number, ID, SSN, Bank → name, address ● Use ML model to get risk-score for each user

  11. Why does Machine Learning work to detect fraud? ● Name & Address Mismatches across different sources ● Names may mismatch for regular users as well: ○ e.g. “Jonathan Kim” vs. “Jon Kim” ○ Use distance measures: Jaccard Similarity or Levenshtein

  12. Why does Machine Learning work to detect fraud? Broken Window Theory Velocity based Signals

  13. How do we use the risk score? Before: Ban users with risk score > X Now: Determine user’s purchase limits Paying to train our ML model

  14. How does your purchase limit evolve? Risk Score ● Purchase volume ● Time (Aging of funds w/ no reversals) ● Verifications

  15. Precog: ML training and scoring Feature Engineering Transforms Training Model Flask Feature Engineering User Transforms app Scoring

  16. Logistic Regression - Feature Selection Generalizable models work better with unseen data ● use regularization to remove less important features ● cross validation to pick hyper-parameter If two signals are 100% correlated with each other ● L1-regularization will pick one signal at random and other will be 0 ● L2-regularization will pick both and give them equal coefficients

  17. Metrics Machine Learning: ● Log loss: how close is P(fraud) to 1 (0) for fraud (good) Business: ● Fraud rate: Loss ($) / Purchase volume ($) Fraud whales Removed phone# Fraud rate 5 6 7 1 1 1 0 0 0 2 2 2

  18. When an ML model goes wrong

  19. Model deployment — 1 Compare challenger model against production in shadow mode ● Deploy challenger model in shadow mode ● Compute distributions for user samples (good and bad)

  20. Model deployment —2 Estimate impact to whales (high $ value users) Accept false positives if overall model accuracy goes up ● Lock their scores and purchase limits

  21. Production A/B Test Is model with best AUC or Logloss also best in fraud rate? ● A/B test to compare Production model vs. Challenger model ● Compute fraud rate over 2-3 months ● Challenger model promoted to production if its better in fraud-rate

  22. Unsupervised Machine Learning

  23. Where does supervised machine learning fail? ● Problem: ○ Chargeback window is large (ACH: 60 days, Cards: 6 months) ○ Need to detect a new scammer trend before the window ● Unsupervised approaches to quickly extrapolate “human intuition”: ○ Anomaly Detection ○ Related user modeling ○ Rules engine

  24. Anomaly Detection: Identify trends before chargebacks Accounts with Bank “xyz”

  25. Related Users Detection: Identify accounts controlled by same individual A ● Deterministic: User clusters Linking users by attributes ● Normalized email ● SSN B ● Bank account C ● Credit card ● Driver’s License ● Probabilistic: Cosine similarity

  26. Custom Rules Engine Create and retire rules quickly Rule Actions ● Ban user ● Lock risk score to high value ● Require Facematch

  27. Case Study: “Verizon” Debit Card ring

  28. Verizon Debit Card Ring Ring Characteristics: ● Stolen debit cards ● Photoshopped IDs ● Stolen Verizon phones to verify account

  29. No physical device needed to receive SMS 2FA tokens ● SMS 2FA is readable online eg Verizon online portal ● SMS 2FA tokens received on temporary phones ● ie SMS 2FA == telco password

  30. Ring detected via Anomaly Detection Ring Detection: ● Scammer wasn’t thorough ● Used same screen resolution: 1600 x 1200

  31. Risk engine automatically raises risk score

  32. The games they play

  33. Important to know user has the ID Increasingly easy to obtain “stolen” IDs (Dropbox, social engineering scams) Physical Address Verification: Face Match: selfie + ID Send a postcard to address on ID

  34. Romance / Tech Support Scams phone inside image

  35. Selfie photos: Not fool proof

  36. Face Match for laughs

  37. Account Takeovers

  38. Two factor Authentication (2FA) If you store anything of value online, you must have two factors: ○ Something you know (strong password) ○ Something you always have (physical device)

  39. Unfortunately, this is how 2FA was implemented everywhere “Something you always have (physical device)” ● Physical device was equated to phone number ● Easy to steal phone number: ○ Delivery attacks: read SMS online, SMS hijacking ○ Phone number theft: phone porting

  40. Account takeovers using SIM Swap 1. scammer finds name, password and phone# 2. scammer ports phone# to device under his control Don’t allow SMS 2FA 3. scammer now receives 4. scammer logs in with password and 2FA codes via SMS 2FA and steals bitcoins

  41. Recommendations for Coinbase users Passwords: Use a password manager 2FA: install Google Authenticator

  42. Why Authenticator / TOTP apps? Authenticator: nothing ever sent in the air ● Time-based One Time Password (TOTP) ● Secret set up once using QR codes

  43. Detecting Account Takeovers ● Still need to protect SMS users ● Association Rule Mining to discover ML rules ● Detect suspicious withdrawals ● Delay for 48-72 hours

  44. Victim of account takeover ● Victim receives SMS / email ● Can lock their account

  45. Protecting yourself online

  46. Securing non-Coinbase sites If you have Gauth on Coinbase, you are all set! But many online sites still only support SMS based 2FA: Call up telcos and put a SIM lock: ● Tell them you are already compromised ● ask them to only allow porting when you are in-store & ask for your ID If on Android phone, move to Google Fi: ● No call centers, no social engineering

  47. Google Fi - one more thing Gmail + Google Fi => 2 factors reduced to 1 ● both factors only protected by Google password ● With that password, attacker can stil port your Google Fi phone number ● Protect your Google account like a bank ● Use Gauth or Yubikey behind Google 


  49. We are hiring: data eng, data analysts, ML eng soups@coinbase.com https://medium.com/@soupsranjan Data & Risk team

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

CurrenC SF and Electronic Pay: Building Financial Access and Inclusion at Work SF Office of

CurrenC SF and Electronic Pay: Building Financial Access and Inclusion at Work SF Office of

CurrenC SF and Electronic Pay: Building Financial Access and Inclusion at Work SF Office of Financial Empowerment Created in 2006 within Office of Treasurer Pioneering innovative pathways to financial inclusion and prosperity Four

502 views • 14 slides
The Digital Revolution 1 Digital Revolution Nadias Theme 2 Digital Revolution Digital

The Digital Revolution 1 Digital Revolution Nadias Theme 2 Digital Revolution Digital

XIII Olympic Congress Copenhagen The Digital Revolution 1 Digital Revolution Nadias Theme 2 Digital Revolution Digital Revolution Digital Revolution Higher Volume & Value Amortizes broadcasting costs -

518 views • 15 slides
www.centre-for-digital-business.com t hemes Did we not see the digital era coming? o Digital

www.centre-for-digital-business.com t hemes Did we not see the digital era coming? o Digital

Marie Johnson 2015 European Digital Identity Conference Managing Director and Chief Digital Officer 15 16 April 2015 Centre for Digital Business The Netherlands www.centre-for-digital-business.com t hemes Did we not see the digital era

788 views • 37 slides
A Framework for Analysis 1. Digital Endowments 2. Digital Intensities 3. Digital Restrictions

A Framework for Analysis 1. Digital Endowments 2. Digital Intensities 3. Digital Restrictions

A Framework for Analysis 1. Digital Endowments 2. Digital Intensities 3. Digital Restrictions Digital Endowments - Europe has strong endowments when measured with other parts of the world (e.g. Internet use, educated labour, digital skills).

861 views • 17 slides
2. Digital Data CHAPTER HIGHLIGHTS Elements of digital media. Digital codes. Di it l d

2. Digital Data CHAPTER HIGHLIGHTS Elements of digital media. Digital codes. Di it l d

CHAPTER 2. Digital Data CHAPTER HIGHLIGHTS Elements of digital media. Digital codes. Di it l d Digital files. Digitization process. Compression for digital media. Advantages of digital media. Challenges of digital

258 views • 14 slides
Shift to Digital Strategy Shift to Digital Strategy Contents Introduction The Digital

Shift to Digital Strategy Shift to Digital Strategy Contents Introduction The Digital

Shift to Digital Strategy Shift to Digital Strategy Contents Introduction The Digital Value Chain Edenred Digital Strategy Financial Impacts New Growth Opportunities 2 Why shifting to digital makes sense for all

300 views • 29 slides
DMR and Digital Voice Modes DMR and Digital Voice Modes DMR and Digital Voice Modes DMR and

DMR and Digital Voice Modes DMR and Digital Voice Modes DMR and Digital Voice Modes DMR and

DMR and Digital Voice Modes DMR and Digital Voice Modes DMR and Digital Voice Modes DMR and Digital Voice Modes Presented by N7MOT Lenny Gemar Amateur radio began with spark gap transmitters, evolving to Morse code and analog voice

442 views • 20 slides
Digital Signatures Digital Signatures And Putting It All Together Digital Signatures And

Digital Signatures Digital Signatures And Putting It All Together Digital Signatures And

Digital Signatures Digital Signatures And Putting It All Together Digital Signatures And Putting It All Together Lecture 12 Digital Signatures Digital Signatures Syntax: KeyGen, Sign SK and Verify VK . Security: Same experiment as MAC s,

1.72k views • 142 slides
Digital Advertising (PPC/SEM) Course Digital Advertising (PPC/SEM) Equinet 1 Academy Digital

Digital Advertising (PPC/SEM) Course Digital Advertising (PPC/SEM) Equinet 1 Academy Digital

Equinet Academy Digital Advertising (PPC/SEM) Course Digital Advertising (PPC/SEM) Equinet 1 Academy Digital Advertising Framework Determine Campaign Analyse & Digital Setup & Gather Data Optimise Define Marketing

1.6k views • 110 slides
1 Arbitrated Digital Signatures Digital Signature Standard (DSS) US Govt approved signature

1 Arbitrated Digital Signatures Digital Signature Standard (DSS) US Govt approved signature

CPE 542: CRYPTOGRAPHY & NETWORK SECURITY Digital Signatures have looked at message authentication but does not address issues of lack of trust Chapter 13 Digital Signatures digital signatures provide the ability to:

361 views • 3 slides
inequalities Bob Gann Digital Inclusion Lead NHS Digital Our digital life in 2025 Experts

inequalities Bob Gann Digital Inclusion Lead NHS Digital Our digital life in 2025 Experts

Digital technology and health inequalities Bob Gann Digital Inclusion Lead NHS Digital Our digital life in 2025 Experts predict that in ten years the internet will be readily available, everywhere, at low cost embedded in peoples

255 views • 13 slides
About this presentation : Learning : What is Digital Forensics ? Political : Digital

About this presentation : Learning : What is Digital Forensics ? Political : Digital

An introduction to digital forensics About this presentation : Learning : What is Digital Forensics ? Political : Digital Forensics and Open Sources licensing Tool time : Digital Forensics Framework Presented by Solal Jacob core dev.

444 views • 30 slides
MANTEL DIGITAL DataPrint Presentation About Mantel Digital Mantel Digital designs, develops,

MANTEL DIGITAL DataPrint Presentation About Mantel Digital Mantel Digital designs, develops,

MANTEL DIGITAL DataPrint Presentation About Mantel Digital Mantel Digital designs, develops, manufactures and markets a complete line of digital direct-to-media printing equipment and supplies. DataPrint Aluminium Data Screen DataPrint -

505 views • 13 slides
Chapter 8 Digital Media Computer Concepts 2013 8 Section A: Digital Sound Digital Audio

Chapter 8 Digital Media Computer Concepts 2013 8 Section A: Digital Sound Digital Audio

12-11-27 Chapter 8 Digital Media Computer Concepts 2013 8 Section A: Digital Sound Digital Audio Basics Digital Audio File Formats MIDI Music Speech Recognition and Synthesis Chapter 8: Digital Media 2 8 Digital Audio

413 views • 7 slides
DIGITAL COMMUNICATIONS SUMMARY 1. MEDIA LANDSCAPE TRANSFORMATION 2. KERING DIGITAL STRATEGY

DIGITAL COMMUNICATIONS SUMMARY 1. MEDIA LANDSCAPE TRANSFORMATION 2. KERING DIGITAL STRATEGY

DIGITAL COMMUNICATIONS SUMMARY 1. MEDIA LANDSCAPE TRANSFORMATION 2. KERING DIGITAL STRATEGY ACCELERATION 3. GUCCI DIGITAL MARKETING DIGITAL COMMUNICATIONS 2 STRONG DIGITAL SHIFT IN MEDIA CONSUMPTION AND AD SPENDS DAILY MINUTES SPENT PER

512 views • 49 slides
Web Based Interfaces for Digital 2- Way Radio NW Digital Radio Corporation Our Market

Web Based Interfaces for Digital 2- Way Radio NW Digital Radio Corporation Our Market

Web Based Interfaces for Digital 2- Way Radio NW Digital Radio Corporation Our Market Amateur (Ham) Radio Operators Emergency Communications Support Digital Data (Messaging), Digital Voice Ad-Hoc Networking Situational

279 views • 14 slides
NetFPGA Hardware Modules for Input, Output and EWMA Bit-Rate Computation 1 Alfio Lombardo, 2 Diego

NetFPGA Hardware Modules for Input, Output and EWMA Bit-Rate Computation 1 Alfio Lombardo, 2 Diego

I n t e r n a t i o n a l J o u r n a l o f F u t u r e G e n e r a t i o n C o mmu n i c a t i o n a n d N e t w o r k i n g V o l . 5 , N o . 2 , J u n e , 2 0 1 2

318 views • 14 slides
Building Secure ColdFusion Applications Presented By Pete Freitag Principal Consultant, Foundeo

Building Secure ColdFusion Applications Presented By Pete Freitag Principal Consultant, Foundeo

Building Secure ColdFusion Applications Presented By Pete Freitag Principal Consultant, Foundeo Inc. The Plan: 1. Unchecked Input 2. File Uploads 3. XSS - Cross Site Scripting 4. SQL Injection 5. Cross Site Request Forgery 6. CRLF

425 views • 16 slides
The Common Debian Build System (CDBS) Peter Eisentraut FOSDEM 2009 Peter Eisentraut CDBS What

The Common Debian Build System (CDBS) Peter Eisentraut FOSDEM 2009 Peter Eisentraut CDBS What

The Common Debian Build System (CDBS) Peter Eisentraut FOSDEM 2009 Peter Eisentraut CDBS What is CDBS? A set of makefile fragments to include into debian/rules Makes packaging complex packages easier. Makes packaging simple packages harder.

449 views • 27 slides
Myth Busters Open source and Security By Aseem Jakhar $ whoami $ whoami We break break

Myth Busters Open source and Security By Aseem Jakhar $ whoami $ whoami We break break

Myth Busters Open source and Security By Aseem Jakhar $ whoami $ whoami We break break things! things! We $ whoami When not working, we do charity $ whoami When not working, we do charity By breaking products for free :)

659 views • 28 slides
Iran and the Soft War for Internet Dominance Claudio Guarnieri (@botherder) & Collin Anderson

Iran and the Soft War for Internet Dominance Claudio Guarnieri (@botherder) & Collin Anderson

Iran and the Soft War for Internet Dominance Claudio Guarnieri (@botherder) & Collin Anderson (@cda) Who we are nex cda @botherder @cda Technologist at Amnesty Networked systems researcher, International. based in

870 views • 85 slides
Privacy and data protection by design cross-over of multiple disciplines Marit Hansen

Privacy and data protection by design cross-over of multiple disciplines Marit Hansen

Privacy and data protection by design cross-over of multiple disciplines Marit Hansen Privacy and Information Commissioner Schleswig-Holstein, Germany marit.hansen@datenschutzzentrum.de Annual Privacy Forum 2015 Luxembourg, 7 October,

551 views • 29 slides
Web Standards: The Right Tool for the Right Job Kazuhito Kidachi Mitsue-Links Co.,Ltd.

Web Standards: The Right Tool for the Right Job Kazuhito Kidachi Mitsue-Links Co.,Ltd.

Web Standards: The Right Tool for the Right Job Kazuhito Kidachi Mitsue-Links Co.,Ltd. Corporate Officer & Web Development Team Front-end Engineer Web Standards Project (WaSP) Liaison in Japan SOFTEXPO & DCF 2006, Seoul, Korea About

966 views • 47 slides
November 14, 2017 StillfrontGroup in brief A developer and publisher of games, with the aim of

November 14, 2017 StillfrontGroup in brief A developer and publisher of games, with the aim of

Presentation Q3 Report November 14, 2017 StillfrontGroup in brief A developer and publisher of games, with the aim of becoming the leading group of independent studio Approximately 1 159k monthly active users (MAUs) and 235k daily

725 views • 23 slides

More recommend