Editor’s note: Neo Technology’s Emil Eifrem argues that the increasingly sophisticated techniques used by organized criminals makes them a highly suitable target for graph database supported countermeasures in the fight against fraud. Find them at Neo4J.com -bg
Tahir Lodhi headed up one of the largest credit card fraud schemes ever charged by the US Department of Justice, and in January this year he pleaded guilty to conspiracy to commit bank fraud, admitting how he’d worked with co-conspirators to create thousands of fake identities to gather up tens of thousands of credit cards.
According to court records, Lodi and his confederates fabricated more than 7,000 false identities to obtain tens of thousands of credit cards, running up $200 million in charges. The gang set up 1,800 fake “drop addresses” – ranging from post office boxes to houses – to maintain the web of deception. These addresses were also used to obtain credit card terminals that helped them run up further charges on the fraudulent cards.
In addition, several jewelry stores were in on the scam, using multiple credit card processing accounts to accept large numbers of transactions and splitting the proceeds between the gang members.
Steering clear of false positives
One wonders how this ring operated undetected for such a long time, especially as they were using very common fraud tactics. Initially they used the cards to pay bills, boosting their creditworthiness. Then, after some time, they spent the maximum on all the accounts, did not repay them and disappeared without trace.
This may be a very common pattern, but it is not an easy one to detect using traditional database methods. Standard tools for tackling fraud utilized by banks – such as monitoring for deviation from normal purchasing patterns – involve working with discrete data, rather than examining the bigger network of relationships.
Discrete data may pinpoint sole operators, but it can’t easily find shared characteristics that typify fraud rings. In addition, such methods often turn up false positives, which can be detrimental to customer relationships.
Traditional database approaches are hobbled by the fact that they can only really model data as a set of tables and columns, carrying out complex joins and self-joins when the dataset becomes more inter-related. Such queries are technically difficult to construct and expensive to run. There is also the problem of performance faltering as the total dataset size grows.
The connections involved in fraud rings are always exponentially large (e.g., the Tahir Lodhi case involved 18,000!). Such huge numbers make it very difficult to spot a sophisticated ring instead of a few individual cases of fraud. Plus, if fraud rings are operating cross-borders or continents, as is often the case, they are even more challenging to track.
Stopping the fraudsters connections
Fraud detection applications are not a new concept, but continuously changing techniques used by sophisticated fraud rings are making their detection far more difficult. Gartner cautions “Don’t consider legacy fraud detection technology adequate if the vendor fails to keep up with criminal trends. Replace or complement the technology with solutions from vendors that continue to innovate, which is a necessity when combating rapidly evolving criminal behavior” (See Gartner’s Market Guide for Online Fraud Detection)
This is where the power of the graph database comes in.
Graph databases have been developed to work with data at scale, by manipulating the patterns within it. Graph databases, utilized together with a data query languages like Cypher, provide a simple semantic for detecting fraud rings and navigating the data connections in-memory, even in real time. This makes noticing the connections between fraudsters and their activities far more open to detection.
Unlike most other ways of looking at data, graph databases are designed to exploit relationships in data, which means they can uncover patterns difficult to detect using traditional representations such as tables. Forrester says over a quarter of enterprises will be using such databases by 2017, for instance (see Forrester’s Graph Database market overview).
Graph databases were initially developed in-house by the big social web giants back at the end of the 1990s. Google, for instance, using graphs, exploited the connections in every Web document to rank search results, namely the “Google algorithm.” Now these technologies – that it took these Web giants many engineers-hours to construct – are available to the wider market.
The fight against fraud is ongoing and growing as more financial transactions go online. As fraud operations become more global and sophisticated, those in counter fraud need to use the best technology available to track relationships in data.
Legacy systems to do not have the capabilities to detect fraud in real-time. The way forward is to augment current fraud infrastructures with connected analysis provided by powerful graph databases.