Blog / Fraud analytics, Machine learning

How we select the right business data for feature engineering

Every business has a lot of data, but not all of it is relevant for fraud. Here's how we select specific data "features" to analyze and get an indication of fraud.

Share this article:

How we select the right business data for feature engineering

First, what is a feature and how is it engineered?

At a basic level, a feature is an individual measurable property or characteristic, such as the cost of a transaction. Feature engineering is the process of extracting these meaningful characteristics to use as learning material for the algorithm.

Building features

We look for features to capture certain aspects that help us predict fraud. We group the types of features into the below categories.

Icons delete receipt

Traditional features

These are the typical aspects that predict fraud, for example orders, transactions, cards, location, email. These features generally cover the data you would expect to find on your receipt and are customer-centric.

Icons customer insights manager

Behavioral features

We derive behavioral features from the customer session - these are features are based on describing the customer actions eg. velocity of orders, time spent on the page, length of time between adding a new card and making an order. One purpose of extracting these features is to capture other subversive technology use eg. if a fraudster is using a script to scrape a webpage vs normal browsing activity.

Icons geography

Real-time features

Real-time features are based on the up to date, real-world incidences of fraud. These features are all based on categorical data - give the real-time rate of fraud by category eg. country / ASN card digits / email domain etc. An example feature could be the fraud rate in certain regions/countries.

One purpose of these features is to help merchants to expand into new markets where they have no existing data. We monitor the real-time traffic to help our merchants seamlessly move into new markets, without seeing any adverse effects from the machine learning models eg. bias.

Icons customer

Individual customer features

These features tell us about the similarity with the specific customer’s typical past behavior. This could be their typical spend, their regular billing address, home IP address etc.

Icons mouse

Session tracking features

These features are a little more involved than the behavioral features. These features cover the data we get from Javascript eg. whether the customer is pasting a card number into the checkout, cookies, if they are using a password vault etc. One purpose of these features is to capture genuine customer behavior eg. taking time to change the size of a piece of clothing.

Icons house

Entity features

We divide features into customer-centric and entity-centric. Entities are things like devices, addresses, locations, domains and emails. An example feature is the number of orders shipped to a certain address. One purpose of these features is to alert us to a fraud goods drop-off point.

Icons network

Network-derived features

As well as customer-centric and entity-centric features, we also look for network level features. These features focus on network topology (network shape) as a means of enhancing our customer data. An example is account sharing between a family in the same house vs. account takeover where networks of hundreds of accounts use the same few devices.

To learn more about how we perform feature engineering and structure our machine learning models at Ravelin, download the guide here.

Screen Shot 2019 08 13 at 16 12 52

Jessica Allen, Head of Content

Share this article:

Related content

Blog / Policy abuse

Friendly fraud trends: Brazen consumer attitudes to fraud revealed in Ravelin’s Consumer Fraud Survey

Surveying 6278 consumers to track abusive and fraudulent behavior against merchants, Ravelin’s recent report on friendly fraud and abuse showed that online shoppers are becoming more and more brazen.

1669287463716 2023 12 07 164059 ybjd

Nikoleta Dimitriou, Senior Content Writer

Blog / Press release

RavCon 2024 is just around the corner...

Just a few days to go for Ravelin's annual fraud and payments conference, exploring how leading online merchants work towards achieving secure growth.

1669287463716 2023 12 07 164059 ybjd

Nikoleta Dimitriou, Senior Content Writer

Blog / Fraud trends

FaaS: What is it and why is Fraud-as-a-Service trending?

What happens when fraudsters use social media to advertise their very particular set of skills? Fraud-as-a-service is on the rise, with 56% of companies hit – as high has 67% in some countries.

Lola

Lola Omo-Ikerodah, Content Writer

Don't miss a thing!
Stay up to date on fraud & payments

Subscribe to our newsletter to get the latest fraud & payments updates sent direct to your inbox.

Subscribe