Cases of card companies breaching their customers’ personal information are on the rise. The damage reached $10 billion in 2013, which was about 0.05% of all credit card charges combined, according to the statistics on global card fraud cases. The number of incidents related to the card transactions is increasing at an annual rate of 17%.
Therefore, the Korea Financial Supervisory Service advised PG (Payment Gateway) companies, as well as card companies, to build Fraud Detection Systems (hereafter FDS), and FDS has become a necessary part of all the Korean payment systems. Today, let’s learn about what FDS is, and how it can help the payment systems to be safer by using the big data technology.
Types and Causes of Card Payment Incidents
Before talking about FDS in detail, I would like to show you several types of card payment problems. A normal card payment is made through a verification and authorization process. When scammers pass the verification system using a card owner’s breached data, we consider this as a card payment incident.
There are various paths through which verification data is breached, such as card loss, card theft, skimming, and pharming. Once this verification data is breached, the verification system cannot stop the card from making payments unless the owner reports the incident. This is the reason why card companies developed the FDS to prevent such incidents.
Payment FDS Preventing Fraudulent Payments
How can the payment FDS stop these incidents? Payment FDS calculates the chances of a payment having been made under abnormal circumstances using the payment information. The result of the calculation process is then sent to the authorization and operation systems. If the payment is considered to have been made through an undesired incident, it asks for an extra authorization step or requests their monitoring staff to check if the person making the purchase is really the card owner or not.
The performance of the payment FDS is generally evaluated based on its discrimination capacity and processing speed. Discrimination capacity means the ability to pick out incidents from the normal payments, and the sensitivity and precision are used as an index. Sensitivity shows the ratio of the incidents that FDS detected among the entire number of payment incidents, and precision stands for the proportion of real incidents among all cases the FDS detected as possible payment incidents. When these two indexes are higher, the payment FDS is considered to have a good discrimination capacity. The processing speed is based on the number of payments it can handle per second, and the speed has to be higher than a certain number set for the system standard.
Big Data Analytics for Smarter FDS
The algorithm categorizing the FDS payment incidents is generally developed in the form of mode or rule derived from data analytics. Rule finds the transaction to be incidental only when the payment fits the certain conditions, and regard as normal vice versa. Model, on the other hand, calculates the chance of payment problems to show the risk of the transaction among continuous value. Rule and model both have pros and cons, but recently, model has been especially advancing the FDS to improve its performance.
The proportion of incidents among all credit card transactions is less than 0.001%. Detecting problematic transactions precisely, therefore, is as hard as finding a needle in a haystack. This is why FDS even tends to recognize the normal transactions as having issues.
It is important to minimize the misrecognition, since the monitoring cost may be wasted. Recently, big data analytics is being applied to the model method to optimize the sensitivity and precision of FDS. Generally, the following procedures are included to develop a model.
In order to detect problems, it is crucial to learn about their patterns and causes. This phase is designed to analyze the pattern of previous issues and vulnerabilities in the payment process for the incident scenarios. Incident scenario is the key factor of the model’s performance, enough to be considered as the general frame of the model itself.
Incident scenarios are developed into a model with data. Hence, collecting the data related to the incident scenarios and processing is necessary. The data is processed into a form used for data analysis, and this includes changing both its format and unit.
Factors, the variables used to enter the model, are one of the most important parts for the model’s performance. However, having a large number of factors isn’t always good. Lots of factors may cause slow learning and calculation speed, as well as over fitting, lower detective performance caused by too much learning. A procedure that extracts only necessary factors for the data analysis, therefore, is required.
Model is an algorithm categorizing normal and abnormal authorizations using the extracted factors, and is developed through the machine learning. Machine learning is an algorithm through which a machine can learn a pattern of data, and the payment FDS uses the Supervised machine learning. The machine learning algorithm generally applied for the payment FDS are the decision tree, logic regression, and neural network. They sometimes optimize the model by mixing various algorithms through an ensemble-model.
The developed model evaluates and verifies the model’s performance using the verification data set. Its discrimination capacity is evaluated through indexes like sensitivity, precision, and K-S factor. This procedure may be repeated when the result turns out to be much lower than expected during the development, since this may mean there is an issue such as over fitting. The stability of the model can be judged and frequently checked with an index such as PSI (Population Stability Index).
Faster FDS with Big Data Technology
Payment FDS requires a system that can process a large amount of payment information in real-time. This is why the big data system has been recently applied to the FDS to process payment data. FDS consists of the real-time processing system and a profiling data system.
The real-time processing system receives the payment information from the authorization system, and detects whether a payment has been made in error or without the owner’s consent, then transmits it to the operation system. The data profiling system, on the other hand, analyzes statistics to provide profile data used for the real-processing system.
The real-time processing system consists of the Queuing system, the stream processing system, and the rule/model engine. The Queuing system transmits and receives the data from the external system including the authorization system, and uses technologies like Kafka and RabbitMQ. The stream processing system decomposes data and processes calculations generally using Storm and Spark. The rule/model engine is an algorithm which detects problems and uses Drools and Siddhi.
The data profiling system generates the database which is needed for the rule/model engine’s calculation by adopting a statistics and analytics system. Because it creates statistics and analyses the data from diverse sources, it has to be able to handle a massive amount of data. It commonly uses the existing statistics/analytics tool such as R, SAS, or other solutions that support distributed processing like SRA.
Safer and Convenient Payments with LG CNS
We have now learned about payment FDS. With the emergence of easy payments, FDS is becoming a key factor for payment systems with its high demand for better performance. LG CNS, providing an easy pay service called KakaoPay, is now developing a faster and smarter payment FDS by using the big data technology.
As the existing FDS could not support the real-time processing, LG CNS applied Event Pro and SRA (Smart R Analytics) from their big-data solution suite to make this possible and enhance performance at the same time. Event Pro enables FDS to process data in real-time by having the payment data and calculating according to the system’s rule/model, while SRA is being used for data profiling as a massive data analysis solution.
Today, we learned about the mechanism of the payment FDS and the big data application case for more convenient and safer payments. Korea’s KakaoPay will continue to provide a safe and easy payment system through payment FDS.
Written by Dongyoon Wi, section chief at LG CNS Big Data Analytics Consulting Team