Using social network data in fraud prevention

Linking to a post I put up on Signifyd‘s blog:

Some of the most common questions we get asked are around social data. How do you use social data in fraud prevention? What’s the right way to leverage social network analysis in fraud investigations and real time decisions? We’ve had to deal with this issue with many of our customers, and found a few major obstacles and some very interesting use cases.

To be able to use social data, you first have to gather and understand it. In Signifyd‘s system, one of the first steps we take for each automated decision is “enrichment”, using a large number of online data sources to augment the consumer’s profile and understand the information we get from you to make the best decision.

The first challenge is getting the data. For many smaller retailers, using social data means using their personal (and sometimes fake) Facebook profile to look at a consumer’s profile and learn more about them, maybe run a few Google searches. Doing so at scale, however, is impossible. We went through dozens of online sources and integrated them through public and private APIs to allow collection of public information into a central repository. Doing that allows Signifyd to gather a lot of small pieces into a concrete mosaic of social data, since not every source will yield results at any given time.

When dealing with social data, one of the most important concerns regards consumers’ privacy. When you use a fake profile to friend a consumer you don’t only harm their privacy but also violate Facebook’s terms of service. Being able to use social sources without violating privacy – collecting publicly available information only, while respecting proper use, and only using it for highly targeted use cases – is what allows us to use social data but make consumers, and the businesses that use Signifyd to inspect those consumers, safe.

Once you cross that off, you’re faced with integrating the data. Social data is that it’s highly fragmented; inferring relationships between different pieces – the consumer’s work place, whether their kid is using their details or whether the provided phone number is indeed theirs – is a complex inference task. It requires normalization of provided data into one common form, fuzzy comparison algorithms and other tricks.

Once you have it, how can social data be used for fraud prevention? At Signifyd, we see it being handy for two main uses:

  1. Identity validation: when you accept payments online, stolen credit cards are common. Many times the fraudster doesn’t have all of the card holder’s details, and they augment what they have with invented details. Emails, phone numbers and occasionally names and parts of the billing address are invented. Using social data, different details can be tied to multiple people or be identified as invalid – using, for example, complex white-pages searches. As a result, identity validation becomes a simpler task.Some of this can be used by your team very easily: using a consumer’s social fingerprints, you can establish whether they’ve had any meaningful activity online and how far back that activity has occurred. Profiles that haven’t existed for more than a few weeks or months are often times connected to fake or stolen identities.
  2. Friendly fraud prevention: friendly fraud, or abuse, often happens when a relative or co-worker uses one’s identity to make a purchase. These cases are more subtle in both detection and handling since the offender is often highly informed – knowing passwords, personal details, and having access to personal devices. By using social data on provided details and behaviors, you can infer that there are actually two different people involved in a certain purchase.One of the basic and common scenarios is when, using the provided email address, you learn that the alleged shopper is grossly underage. That immediately raises the suspicion of a kid using a parent’s details. Tying an email address to a work place, and through it to the IP the consumer has connected from, can allow you to better validate their identity and make sure that their information is not used by a family member.

Social data is complicated to use since it’s unstructured and often lacking. Building a strong portfolio of data sources, integrating them effectively and using the data to make fraud detection decisions is one of the important pillars of Signifyd‘s solutions. Try us out!

 

Leave a Reply