Neo Technology’s Emil Eifrem argues that organized criminals are the ideal target for graph database fraud countermeasures
A convicted criminal named Tahir Lodhi was head of one of the largest credit card fraud schemes ever charged by the US Department of Justice. In January this year he pleaded guilty to conspiracy to commit bank fraud, admitting he’d worked with co-conspirators to create thousands of fake identities to gather up tens of thousands of credit cards.
The case shows how Lodi and his confederates fabricated more than 7,000 false identities to obtain tens of thousands of credit cards, running up $200 million in charges. The gang set up 1,800 fake “drop addresses” – ranging from post office boxes to street addresses – to maintain its web of deception. These addresses were also used to obtain credit card terminals that helped run up further charges on the illegitimately-obtained cards.
In addition, several jewelry stores were in on the scam, using multiple credit card processing accounts to process large numbers of transactions, splitting the proceeds between the gang members.
Avoiding the issues of too many false positives
How did this ring operate undetected for such a long time – especially as it was using very common fraud tactics? The fact is they’re common because they work. As is the norm, the thieves initially used the credit cards, paying bills before due date, boosting their creditworthiness. Then, after some time, they max out their credit limits, absconding with a pile of improperly obtained (and now impossible to collect) debt.
A very common pattern, but not an easy one to detect using traditional database methods. The standard tools for tackling fraud utilized by US banks, such as monitoring for deviation from normal purchasing patterns, involve working with discreet data points, rather than examining the bigger network of relationships.
The problem: discreet data may pinpoint sole operators, but it can’t easily find shared characteristics that typify fraud rings. In addition, such methods often turn up too many false positives, which can be detrimental to customer relationships who tire of one-too-many calls in stores blocking their card use.
Traditional database approaches are on the back foot here as they’re hobbled by the fact they can only really model data as a set of tables and columns, carrying out complex joins and self-joins when the dataset becomes more inter-related. Such queries are technically difficult to construct and expensive to run. There’s also the problem of performance faltering as the total dataset grows in size.
And the connections involved in fraud rings are always very, very large (the Tahir Lodhi case involved 18,000, you will recall). Such huge numbers make it very difficult to spot a sophisticated ring as opposed to a few individual cases of fraud. Plus if fraud rings are operating cross-borders or even continents, as is often the case, they are even more challenging to track.
Spotting the connections to head off your exposure
Fraud detection has always been a tactic of financial service players, but continuously changing techniques used by sophisticated fraud rings are making the job ever more difficult. IT analyst leader Gartner has gone so far as to warn, “Don’t consider legacy fraud detection technology adequate if the vendor fails to keep up with criminal trends. Replace or complement the technology with solutions from vendors that continue to innovate, which is a necessity when combating rapidly evolving criminal behavior.”
This is where the power of something called graph databases is starting to help. Graph databases have been developed to work with data at scale, by manipulating the patterns within it. Graph databases, utilized together with modern data query languages like Cypher, provide a highly functional semantic for detecting fraud rings and navigating the data connections in-memory – even in real time. This makes detection of the connections between credit criminal and their activities far more open to detection.
That’s because unlike most other ways of looking at data, graph databases are designed to exploit relationships in data, which means they can uncover patterns difficult to detect using traditional representations such as tables. As a result, another trend spotter, Forrester, says over a quarter of enterprises will be using such databases by 2017, by the way.
Graph databases were initially developed in-house by the big social web giants back at the end of the 1990s: Google, for instance, using graphs, exploited the connections in every Web document to rank search results, hence the “Google algorithm.” Now these technologies that it took these Web giants so much effort to construct are available to the wider market, including banks and credit card operators.
Augment, and win
The fight against fraud is ongoing and growing as more financial transactions go online. As fraud operations become more global and sophisticated, anyone tasked to counter fraud needs to use the best technology available to track relationships in data. And the conclusion’s inescapable: legacy systems (traditional relational database management systems) do not have the capabilities to detect fraud in real time. The only way forward is to augment current fraud infrastructures with the rich, super-connected analysis provided by graph databases.
The author is co-founder and CEO of Neo Technology, the company behind Neo4j, the world’s leading graph database (http://neo4j.com/)