graphs vs fraud
play

Graphs vs Fraud! Dr. Jim Webber Chief Scientist, Neo4j @jimwebber - PowerPoint PPT Presentation

Aug 10, 2023 •415 likes •1.12k views

Graphs vs Fraud! Dr. Jim Webber Chief Scientist, Neo4j @jimwebber Overview First-party Fraud Whiplash for Cash Online Payment and Identity Master Data Management Provenance Governance First-party Fraud First-Party

  1. Graphs vs Fraud! Dr. Jim Webber Chief Scientist, Neo4j @jimwebber

  2. Overview • First-party Fraud • Whiplash for Cash • Online Payment and Identity • Master Data Management • Provenance • Governance

  3. “First-party Fraud”

  4. First-Party Fraud • Fraudster’s aim: apply for lines of credit, act normally, extend credit, then…run off with it • Fabricate a network of synthetic IDs, aggregate smaller lines of credit into substantial value • Often a hidden problem since only banks are hit • Whereas third-party fraud involves customers whose identities are stolen • More on that later…

  5. So what? • $10’s billions lost by US banks every year • 25% of the total consumer credit write-offs in the USA • Around 20% of unsecured bad debt in EU and USA is misclassified • In reality it is first-party fraud These are en enormous us numbers

  6. Fraud Ring

  7. Then the fraud happens… • Revolving doors strategy • Money moves from account to account to provide legitimate transaction history • Banks duly increase credit lines • Observed responsible credit behaviour • Fraudsters max out all lines of credit and then bust out

  8. … and the Bank loses • Collections process ensues • Real addresses are visited • Fraudsters deny all knowledge of synthetic IDs • Bank writes off debt • Two fraudsters can easily rack up $80k • Well organised crime rings can rack up many times that

  9. Discrete Analysis Fails to predict…

  10. …and Makes it Hard to React • When the bust out starts to happen, how do you know what to cancel? • And how do you do it faster then the fraudster to limit your losses? • A graph, that’s how!

  11. Probably Non-Fraudulent Cohabiters

  12. Probable Cohabiters Query MATCH (p1:Person)-[:HOLDS|LIVES_AT*]->() <-[:HOLDS|LIVES_AT*]-(p2:Person) WHERE p1 <> p2 RETURN DISTINCT p1

  13. Dodgy-Looking Chain

  14. Risky People MATCH (p1:Person)-[:HOLDS|LIVES_AT]->() <-[:HOLDS|LIVES_AT]-(p2:Person) -[:HOLDS|LIVES_AT]->() <-[:HOLDS|LIVES_AT]-(p3:Person) WHERE p1 <> p2 AND p2 <> p3 AND p3 <> p1 WITH collect (p1.name) + collect(p2.name) + collect(p3.name) AS names UNWIND names AS fraudster RETURN DISTINCT fraudster

  15. Pretty quick… Number of people: [5163] Number of fraudsters: [40] Time taken: [2495] ms

  16. Localise the focus MATCH (p1:Person {name:'Sol'}) -[:HOLDS|LIVES_AT]->()… Number of fraudsters: [5] Time taken: [431] ms

  17. St Stop p a b bust-ou out in in ms ms.

  18. Quickly Revoke Cards in Bust-Out MATCH (p1:Person)-[:HOLDS|LIVES_AT]->() <-[:HOLDS|LIVES_AT]-(p2:Person) -[:HOLDS|LIVES_AT]->() <-[:HOLDS|LIVES_AT]-(p3:Person) WHERE p1 <> p2 AND p2 <> p3 AND p3 <> p1 WITH collect (p1) + collect(p2)+ collect(p3) AS names UNWIND names AS fraudster MATCH (fraudster)-[o:OWNS]->(card:CreditCard) DELETE o, card

  19. “Auto Fraud”

  20. Whiplash http://georgia-clinic.com/blog/wp-content/uploads/2013/10/whiplash.jpg

  21. Whiplash for Cash http://georgia-clinic.com/blog/wp-content/uploads/2013/10/whiplash.jpg http://cdn2.holytaco.com/wp-content/uploads/2012/06/lottery-winner.jpg

  23. Risk • $80,000,000,000 annually on auto insurance fraud and growing • Even small % reductions are worthwhile! • British policyholders pay ~£100 per year to cover fraud • US drivers pay $200-$300 per year according to US National Insurance Crime Bureau

  24. How? “Flash for Cash” “Crash for Cash”

  25. Regular Drivers

  26. Regular Drivers Query MATCH (p:Person)-[:DRIVES]->(c:Car) WHERE NOT (p)<-[:BRIEFED]-(:Lawyer) AND NOT (p)<-[:EXAMINED]-(:Doctor) AND NOT (p)-[:WITNESSED]->(:Car) AND NOT (p)-[:PASSENGER_IN]->(:Car) RETURN p,c LIMIT 100

  27. Genuine Claimants

  28. Genuine Claimants Query MATCH (p:Person)-[:DRIVES]->(:Car), (p)<-[:BRIEFED]-(:Lawyer), (p)<-[:EXAMINED]-(:Doctor) OPTIONAL MATCH (p)-[w:WITNESSED]->(:Car), (p)-[pi:PASSENGER_IN]->(:Car) WITH p, count(w) AS noWitnessed, count(pi) as noPassengerIn

  29. Fraudsters

  30. Fraudsters MATCH (p:Person)-[:DRIVES]->(:Car), (p)<-[:BRIEFED]-(:Lawyer), (p)<-[:EXAMINED]-(:Doctor), (p)-[w:WITNESSED]->(:Car), (p)-[pi:PASSENGER_IN]->(:Car) WITH p, count(w) AS noWitnessed, count(pi) as noPassengerIn WHERE noWitnessed > 1 OR noPassengerIn > 1 RETURN p

  31. Auto-fraud Graph • Once you have the fraudsters, finding their support team is easy. • (fraudster)<-[:EXAMINED]-(d:Doctor) • (fraudster)<-[:BRIEFED]-(l:Lawyer) • And it’s also easy to find their passengers • (fraudster)-[:DRIVES]->(:Car)<-[:PASSENGER_IN]-(p) • And easy to find other places where they’ve maybe committed fraud • (fraudster)-[:WITNESSED]->(:Car) • (fraudster)-[:PASSENGER_IN]->(:Car) • And you can see this in milliseconds!

  32. It It’ s a all a about th the patterns

  33. “Phoney Persona”

  34. Online Payments Fraud (First-Party) • Stealing credentials is commonplace • Phishing, malware, simple naïve users • Buying stolen credit card numbers is easy • How should one protect against seemingly fine credentials? • And valid credit card numbers?

  35. We are all little stars • Username and passwords • Two-factor auth • IP addresses, cookies • Credit card, paypal account • Some gaming sites already do some of this • Arts and Crafts platform Etsy already embraced the idea of graph of identity

  36. An Individual Identity Subgraph fred@rbs.co.uk 1234LOL 128.240.229.18

  37. We are all made of stars…

  38. Specific Weighted Identity Query Bare MATCH (u:User {username:'Jim', password: 'secret'}) Minimum OPTIONAL MATCH Other Specific (u) -[cookie:PROVIDED]->(:Cookie {id:'1234'}) Considerations OPTIONAL MATCH (u)-[address:FROM]->(:IP {network:'128.240.0.0'}) RETURN SUM(cookie.weighting) + SUM(address.weighting) Final AS score Decision

  39. General Weighted Identity Query Bare MATCH (u:User {username:'Jim', password: 'secret'}) Minimum OPTIONAL MATCH (u)-[rel]->() All Available Weightings WHERE has(rel.weighting) Final RETURN SUM(rel.weighting) AS score Decision

  40. An Individual Login History fred@rbs.co.uk 1234LOL

  41. From 1 st to 3 rd Party • The 1 st party identity graph can easily be extended to 3 rd party fraud • Like in the bank fraud ring, fraudsters can mix-n-match claims • Start with a few phished accounts and expand from there!

  42. Shared Connections fred@rbs.co.uk nick@bearings.com 1234LOL Ca$hMon£y 128.240.229.18

  43. Graphing Shared Connections Hmm….

  44. Scan for Potential Fraudsters MATCH (u1:User)--(x)--(u2:User) Network in WHERE u1 <> u2 AND NOT (x:IP) common is OK RETURN x

  45. Stop specific fraudster network, quickly MATCH path = (u1:User {username: 'Jim'})-[*]-(x)-[*]-(u2:User) WHERE u1<>u2 AND NOT (x:IP) AND NOT (x:User) RETURN path

  46. How do these fit with traditional fraud prevention? Gartner’s Layered Fraud Prevention Approach http://www.gartner.com/newsroom/id/1695014

  47. “Chronic Master Data”

  48. Master Data Management • Provide high quality, joined up data to the right process at the right time • Bridge silos, leverage all data (including legacy) • Database point of view: fancy indexes • Graph database point of view: a Web of data • Multidimensional, path-centric index

  49. Master Data Management Examples • Adidas: Shared Metadata Service • 360 degree view of data via the graph • Without disturbing existing (valuable) systems! • ICE: Global directory for participants, market makers, investment funds etc. • Futures and trading house • Social network for brokers Recommendations for the right broker means more business! • Recommendations are trivial in a graph • • Pitney Bowes productised platform on top of Neo4j • Materially affected their stock rating • http://www.zacks.com/stock/news/157741/pitney-bowes-selects-neo4j-to-develop- graphbased-mdm

  50. Easy Recommendations: Triadic Closure http://www.isciencemag.co.uk/blog/are-you-a-social-network-junkie/

  51. Triadic Closure (1)

  52. Triadic Closure (2)

  53. Easy Global Query MATCH (me:Trader)-[:TRUSTS]- (:Trader)-[:TRUSTS]-(you:Trader) WHERE me <> you AND NOT me-[:TRUSTS]-(you) WITH me, you MERGE (me)-[:TRUSTS]->(you) RETURN me, you

  54. Or Super-fast Local Query MATCH (me:Trader name:'Ed')-[:TRUSTS]- (:Trader)-[:TRUSTS]-(you:Trader) WHERE me <> you AND NOT me-[:TRUSTS]-(you) WITH me, you MERGE (me)-[:TRUSTS]->(you) RETURN me, you

  55. Side note: Triadic Closures Predict WWI [Easley and Kleinberg]

  56. What has this to do with stopping fraud? • Recommendations are a positive version of anti-recommendations • Identifying fraud is an anti-recommendation • So you can use triadic closure to try to identify networks of fraudsters and their targets via transitive relations

  57. “False Provenance”

  58. Provenance • Banks are awash with data • And spend a lot of time moving and transforming it • Where did this data come from? • Compliance and auditors want to know • How do I show how this data got computed/transformed/moved?

  59. It’s a graph!

  60. <foo> … <foo/> SELECT * FROM ACCOUNTS WHERE…

Recommend

Fraud Overview Agenda Fraud Overview Fraud Triangle and Red Flags Fraud Prevention

Fraud Overview Agenda Fraud Overview Fraud Triangle and Red Flags Fraud Prevention

Fraud Overview Agenda Fraud Overview Fraud Triangle and Red Flags Fraud Prevention Case Studies Our Commitment Spring ISD Source: ACFE &amp; Fraud Overview What Is Fraud? Fraud is any intentional act or

405 views • 18 slides
Fraud Prevention: The Prevention and Detection of Fraud Begins with You Takeaways What is

Fraud Prevention: The Prevention and Detection of Fraud Begins with You Takeaways What is

Fraud Prevention: The Prevention and Detection of Fraud Begins with You Takeaways What is fraud? Definition Facts Four factors Fraud risk assessment Four evaluation criteria Common fraud schemes Case studies

707 views • 60 slides
What is Fraud ? The Fraud Act 2006 defines fraud as . Headed by Investigations Manager

What is Fraud ? The Fraud Act 2006 defines fraud as . Headed by Investigations Manager

Points to cover Leicester City Council Revenues &amp; Benefits Investigation Team What is Fraud? Fraud Awareness Key issues for the Team Audit and Risk Committee Referrals &amp; Investigation Process Sanctions &amp;

69 views • 4 slides
The Fraud Indicator in the UK Professor Mark Button Centre for Counter Fraud Studies Outline of

The Fraud Indicator in the UK Professor Mark Button Centre for Counter Fraud Studies Outline of

The Fraud Indicator in the UK Professor Mark Button Centre for Counter Fraud Studies Outline of Presentation General measures of fraud Past measurement of fraud The annual fraud indicator and fraud Theres no fraud here, Ive

684 views • 26 slides
Prioritising the Fight Against Fraud: A Strategic Approach The Association of Certified Fraud

Prioritising the Fight Against Fraud: A Strategic Approach The Association of Certified Fraud

Prioritising the Fight Against Fraud: A Strategic Approach The Association of Certified Fraud Examiners (ACFE) is an international, professional organization dedicated to fighting fraud and white-collar crime . As fraud becomes increasingly more

373 views • 24 slides
Definition of Fraud Fraud is an intentional deception made for personal gain Fraud Triangle

Definition of Fraud Fraud is an intentional deception made for personal gain Fraud Triangle

MMTCTA Fraud Internal Controls Presented By Ron Smith &amp; Greg Chabot, RHR Smith &amp; Co. May 14, 2015 About RHR Smith &amp; Company: RHR does approx 130 of Maines 500 Municipalities In the past year RHR has Investigated 23+

506 views • 39 slides
Medicare ACOs: Fraud and Abuse Perspectives This webinar is brought to you by the Fraud &amp;

Medicare ACOs: Fraud and Abuse Perspectives This webinar is brought to you by the Fraud &amp;

Medicare ACOs: Fraud and Abuse Perspectives This webinar is brought to you by the Fraud &amp; Abuse (Fraud) Practice Group and the Accountable Care Organization Task Force (ACO TF) (a joint endeavor of the Antitrust; Fraud and Abuse; Health

408 views • 26 slides
The Role of Internal Controls in the Fight Against Fraud A Tale of Fraud! Payroll manager

The Role of Internal Controls in the Fight Against Fraud A Tale of Fraud! Payroll manager

The Role of Internal Controls in the Fight Against Fraud A Tale of Fraud! Payroll manager makes $2.25MM disappear! It must be Magic! Fraud Statistics 5% of GWP lost to employee fraud &amp; abuse More than $3.5 Trillion per year

559 views • 44 slides
Fraud in the NHS Iain Flinn Counter Fraud Specialist March 2011 Areas Susceptible to Fraud

Fraud in the NHS Iain Flinn Counter Fraud Specialist March 2011 Areas Susceptible to Fraud

Fraud in the NHS Iain Flinn Counter Fraud Specialist March 2011 Areas Susceptible to Fraud Procurement Qualifications Sickness / Attendance / Time Recording Ghosts Salary payments Prescriptions Health Tourists

619 views • 9 slides
The Work of the New Zealand Serious Fraud Office White Collar Crime and Serious Fraud Conference

The Work of the New Zealand Serious Fraud Office White Collar Crime and Serious Fraud Conference

The Work of the New Zealand Serious Fraud Office White Collar Crime and Serious Fraud Conference AUCKLAND 2 JULY 2010 WHAT IS THE SERIOUS FRAUD OFFICE? SFO: An Overview Mandate investigate and prosecute serious or complex fraud Part 1 -

421 views • 13 slides
Risky Business: How Companies Fall Victim to Fraud Presented by: Tony Okray Julie Latchaw

Risky Business: How Companies Fall Victim to Fraud Presented by: Tony Okray Julie Latchaw

6/5/2016 Risky Business: How Companies Fall Victim to Fraud Presented by: Tony Okray Julie Latchaw Julie Lombardi Member FDIC Agenda: Fraud Statistics Fun With Numbers Check Fraud &amp; ACH Fraud Your Role in Preventing Fraud Fraud

238 views • 13 slides
Onyx Fraud is rife online Online fraud aggregated 10bn in 2017 Fraud costs are increasing, due

Onyx Fraud is rife online Online fraud aggregated 10bn in 2017 Fraud costs are increasing, due

Onyx Fraud is rife online Online fraud aggregated 10bn in 2017 Fraud costs are increasing, due to technology sophistication Internet provides unrestricted access to a larger pool of potential victims Banks should arm themselves with

276 views • 16 slides
CYBER FRAUD Presented by: JACK R. SUDOL, MBA Cyber Fraud FBI Announcement Between October

CYBER FRAUD Presented by: JACK R. SUDOL, MBA Cyber Fraud FBI Announcement Between October

CYBER FRAUD Presented by: JACK R. SUDOL, MBA Cyber Fraud FBI Announcement Between October 2013 and December 2016 the FBI reported 40,203 incidents of BEC/EAC totaling $5.3 Billion Dollars of Losses! The number of wire fraud scams

997 views • 20 slides
Fraud Presentation Presented by Stephen B. Sm ith, CPA Williams-Keepers LLC To Boone County Bar

Fraud Presentation Presented by Stephen B. Sm ith, CPA Williams-Keepers LLC To Boone County Bar

Fraud Presentation Presented by Stephen B. Sm ith, CPA Williams-Keepers LLC To Boone County Bar Association May 14, 2003 Perpetrators Employees are engaged in 64% of fraud cases Manager/executive fraud is 3.5 times as costly as fraud

501 views • 30 slides
Association of Certified Fraud Examiners ACFE 2018 GLOBAL STUDY ON OCCUPATIONAL FRAUD AND

Association of Certified Fraud Examiners ACFE 2018 GLOBAL STUDY ON OCCUPATIONAL FRAUD AND

Association of Certified Fraud Examiners ACFE 2018 GLOBAL STUDY ON OCCUPATIONAL FRAUD AND ABUSE 1 Key Findings 2 The Red Flags of Fraud Understanding and recognizing the behavioral red flags displayed by fraud perpetrators can help

323 views • 8 slides
Fraud Awareness Corporate Fraud Team Agenda for today Introduction to the session (Paul

Fraud Awareness Corporate Fraud Team Agenda for today Introduction to the session (Paul

Fraud Awareness Corporate Fraud Team Agenda for today Introduction to the session (Paul Sutton, Chief Finance Officer) The Corporate Fraud team role, how to make referrals (John Short- Interim Senior Fraud Investigations Officer)

265 views • 23 slides
FRAUD AND ERROR The Basics What is Benefit Fraud The Law states that anyone who submits a

FRAUD AND ERROR The Basics What is Benefit Fraud The Law states that anyone who submits a

Fraud Investigation - Clare Lewis FRAUD AND ERROR The Basics What is Benefit Fraud The Law states that anyone who submits a claim form containing false information or misses out relevant information from the form or fails to declare

162 views • 13 slides
Eric Kinsherf, CPA MMAAA Conference June 12, 2018 Ag e nda Overview What is Fraud?

Eric Kinsherf, CPA MMAAA Conference June 12, 2018 Ag e nda Overview What is Fraud?

Eric Kinsherf, CPA MMAAA Conference June 12, 2018 Ag e nda Overview What is Fraud? How does Fraud happen? How to Detect and Prevent Fraud Summarize Ob je c tive s Gain better Understanding of Fraud Risk Illustrate

616 views • 46 slides
The F word: FRAUD Agenda About Internal Audit Audit team Internal Audit office overview

The F word: FRAUD Agenda About Internal Audit Audit team Internal Audit office overview

The F word: FRAUD Agenda About Internal Audit Audit team Internal Audit office overview Fraud and Fraud Schemes Define fraud Learn about different types of fraud and fraud schemes Fraud reporting methods Audit Team Corby

509 views • 32 slides
What You Should Know About Chargebacks, Gold Farming &amp; Account Takeovers Arthur Chu Fraud

What You Should Know About Chargebacks, Gold Farming &amp; Account Takeovers Arthur Chu Fraud

Organized Fraud: What You Should Know About Chargebacks, Gold Farming &amp; Account Takeovers Arthur Chu Fraud &amp; Investigation Manager - Nexon America Content Slide Gold Farming The Golden Triangle Of Fraud Mechanic Of Fraud

753 views • 31 slides
Insider Fraud Laura Hutton SAS detecting the invisible The new fraud landscape &amp; the rise

Insider Fraud Laura Hutton SAS detecting the invisible The new fraud landscape &amp; the rise

Insider Fraud Laura Hutton SAS detecting the invisible The new fraud landscape &amp; the rise of the insider How to rob a bank How to detect fraudulent staff Fraud is a global problem Typical organisations lose 5% of revenues Source:

503 views • 34 slides
Graphs () Graphs () Graphs Graphs Graphs are collections of nodes

Graphs () Graphs () Graphs Graphs Graphs are collections of nodes

Graphs () Graphs () Graphs Graphs Graphs are collections of nodes in which various pairs are connected by K08 line segments. The

627 views • 17 slides
Innovative Fraud Monitoring Identifying and combatting fraud in real time January 2014

Innovative Fraud Monitoring Identifying and combatting fraud in real time January 2014

Innovative Fraud Monitoring Identifying and combatting fraud in real time January 2014 Technology and Shrinking Margins Easier to commit fraud more incentive to do it International Call Termination Originating Wholesalers Service

365 views • 14 slides
Assessing and Managing Fraud Risk Dave Cotton, CPA, CFE, CGFM Cotton &amp; Company, LLP

Assessing and Managing Fraud Risk Dave Cotton, CPA, CFE, CGFM Cotton &amp; Company, LLP

2/19/16 19 February 2016 Assessing and Managing Fraud Risk Dave Cotton, CPA, CFE, CGFM Cotton &amp; Company, LLP Alexandria, Virginia dcotton@cottoncpa.com Plan for This Session Fraud Happens ACFE Fraud Statistics Anti-Fraud

695 views • 57 slides

More recommend