Fighting Digital Payment Fraudsters in Real-time: A Winning Framework (Part 2)

A customer walks into a bank, asks a question at the information desk, and then leaves. Later that day an operations manager notices an unmarked USB device left on the counter. He doesn’t remember who might have left it, so he plugs it into his computer to see if he can potentially spot the owner. As the USB loads, the malware shuts down the entire system, while the hackers get the bank’s customers’ account details.

If a few years ago such a story was one of the winning scenarios for fraudsters preying on people’s curious natures, COVID-19 changed a lot of things. With the increase of digital payments and online purchases, cyber criminals have had to come up with different ways to get what they want. Now they can send a text message in the same stream as banking messages, make a large number of small purchases with a stolen card, or do the same online without a physical card using compromised account holder information.

For financial institutions and retailers, guaranteeing the safety of every payment transaction involves staying ahead of the volume and variety of digital payment fraud and cybersecurity attacks that have become prevalent with the pandemic. The most common of them are card-present and card-not-present fraud, man-in-the-middle, account takeovers, and automated botnet attacks.

In the previous blog post of this series, we spoke about the first 4 out of eight components of a top payment fraud detection solution: unlimited access to real-time payment transaction data, real-time event monitoring, link analysis and end-to-end transaction profiling, and rules-based policy and alerts engine. Today, we’ll look into the next 4 tools that will help FIs prevent fraud by detecting it early and taking preventative action in real-time.

1. Supervised and unsupervised machine learning

Supervised and unsupervised machine learning (ML) are at the core of advanced fraud management offerings such as risk scoring, new fraud pattern detection, and predictive modeling.

In supervised machine learning, data from both valid and fraudulent transactions is used to recognize fraud, based on historically confirmed fraud cases. Supervised machine learning models help decrease the amount of transaction anomalies mistakenly detected and reduce customer frustration due to false positives.

In unsupervised machine learning, the models learn dynamically, surveying transactions to identify new suspicious patterns. These models are ideally customized to look at anomalies on a per-customer or per-device basis, and enable the detection of previously unknown, emerging fraud. The systems can then develop more effective strategies for responding to potentially fraudulent acts.

Over the past year, self-learning algorithms have become a lot easier to configure and they are often built on flexible algorithms such as Isolation Forest and Gradient Boosting.

In 2020, credit card fraud was the most common type of identity theft, according to a 2020 Federal Trade Commission report. Let’s take a fraud scenario, where five transactions of greater than $1000 are made on the same payment card number, also referred to as the Primary Account Number (PAN), in a 60 minute period. This is the case when a fraudster is using a stolen card to charge a number of high-value transactions in a short period of time. Machine learning solutions can be used together with risk scoring to create a unique ML model for each card and trigger an alert based on a risk score that is unique for every PAN, instead of an absolute value. Since the purchase pattern of each customer is unique, the model will be able to spot real fraud instead of flagging a genuine transaction.

| See how INETCO uses supervised and unsupervised machine learning for securing payment transactions and improving customer service.

2. Behavioral analysis

Dynamic analytics, combined with machine learning and rules-based alerts, can greatly speed-up fraud detection and response times. A user’s actions sometimes may be a better indicator of new fraud schemes and attacks that are not yet exposed. Behavioral analysis makes it easier and cheaper for FIs and retail companies to prevent losses and secure payments.

The data worth considering includes user interface browsing, account log-in behavior, physical biometrics, device interaction data, mobile fingerprint data, and geolocation behavior. Non-monetary data of interest may include a change of address, a request for a duplicate card or a recent password reset.

Over the years, we have seen fraud patterns increase significantly in numbers and complexity. To ensure the safety of payments, behavioral profiles must be updated with each transaction. A robust payment fraud prevention solution is able to provide an insight into the evolving transaction patterns in real-time that is critical for effective fraud detection.

3. Case management and automated workflows

Case management and automated workflows are used to speed up the triage and close of digital payment fraud cases more efficiently. They help create a one-stop view into the incident summary, incident details, and fraud category displays.

Established the right way, case management and efficient workflows will help notify the right teams to immediately investigate flagged transactions and create an audit trail of every suspicious transaction investigation.

example fraud case management task screenshot
Here’s an example of what happens when an alert triggers a task in INETCO’s fraud case management system.  The moment a real-time fraud alert is triggered in INETCO Insight a case is automatically opened in INETCO’s fraud case management system. At this point, a fraud analyst can claim that task and start working on it. The analyst can also see the reason for the alert, allowing full transparency. In this case, we can see that this was triggered because the card risk score is high. The high risk is mainly because the withdrawal amount and the distances between the usage points of this card, or velocity, are higher than normal.

inetco insight fraud management workflow
You can utilize highly flexible case management workflows to create an efficient process for tracking, evaluating and prioritizing flagged payment transactions.

| Check out how Bankalararası Kart Merkezi — Interbank Card Center (BKM) validates and clears close to 10 million transactions per day while guaranteeing the best customer experience possible.

4. Open APIs and fraud orchestration

Open APIs and fraud orchestration capabilities help avoid alert overload and optimize fraud management operations through the coordination of decisions from a single platform or hub.

According to a report released by the Aite Group, 36% of financial institutions surveyed said they had already implemented hubs, up 11% on the previous year.

Hubs offer numerous benefits, including agility in the face of evolving threats and keeping operational costs down.

Deloitte Digital reports, that “Open Banking & PSD2 are both a catalyst and accelerator in this shift towards open services where maintaining flexibility and adaptability will be critical.”


When it comes to the state of digital transformation today, nothing is static, especially in the post-pandemic era. The ongoing challenge for FIs and retailers is to provide the best possible customer experience while keeping payments secure.

To keep up with the constantly evolving cyber threats and massive digitization, you need a winning strategy and tools for fraud detection and prevention. By using our 8-component fraud-fighting framework you’ll be on your way to minimizing financial losses, reputational harm and reducing customer friction.

| See how INETCO Insight can help your team detect and block suspicious card-present and card-not-present fraud behavior – in a more accurate and cost-effective way.

Fighting Digital Payment Fraudsters in Real-time: A Winning Framework (Part 1) – INETCO