There is no shortage of material on the role of machine learning in fraud detection. We ourselves have written a comprehensive primer that I recommend anyone read and share. There are a number of published and well regarded academic papers on the subject going back quite a few years as the amount of data in credit card transactions has made it a fertile soil in which random forests may thrive.
However, there is far less written about the growing role of graph networks in fraud detection. Yet it is something that our clients use every day. In fact, for the fraud analyst, it is most likely the part of the Ravelin product set they use most in their day-to-day working life. So what is it, what’s it used for and why do they get so much value from it?
What is a graph network?
A graph network maps out all the connections between nodes in a database. For most Ravelin customers this means mapping all the users, phone numbers, chargebacks, promo codes, email addresses, payments cards or instruments, and devices.
Why those particular nodes? It is because they have been selected as relevant to the detection of fraud in a network.
Much of this will sound familiar to anyone who has tried link analysis. Link analysis is the practice of trying to map out connections between pieces of data and then trying to determine the relevance of that link. In some crime movies we will often see the obsessive detective tying pieces of string between ‘nodes’ in a crime case (the crazy wall). This is analog link analysis.
In the digital world it is possible in almost any relational database to search one parameter and see what is connected to it. There are three fundamental problems with this approach (and with string for that matter.)
Building links across multiple parameters is hard and it takes time. Not so much for the computer to process but to pull the data together in a way that is formattable and useful when pulling from a number of systems.
3. A-priori problem
You have to know what you are looking for in the first place in order to find it, therefore you will only find fraud you are aware of.
Ravelin Connect uses a technology that allows for a network to be created instantly for every user in the customer database.
That is worth expanding on; every single user with the click of a mouse will have their entire network of connections displayed for investigation. This is at the core of why analysts love it. No longer does there need to be certainty around someone’s likelihood to be a fraudster for it to be worth investigating their network. Any user can be investigated instantly. Including of course good users whose bona fides can be confirmed quickly.
This article is part of a short series on our graph network database at Ravelin. Subscribe to our blog below to keep updated with our latest content.