Guide to Fraud Monitoring and Fraud Alerts

Running in real-time to help you stop fraudsters in their tracks, fraud monitoring is important, and associated alerts can help keep you informed – and your defenses strong. 

We’ve prepared this guide as a rundown of the basics of fraud monitoring and fraud alerts, both in banking and other sectors. 

What Is Fraud Monitoring?

Generally speaking, the term “fraud monitoring” refers to the real-time surveillance of operations in order to detect possible instances of fraud events and stop them.

Fraud alerts are what is generated by the system when a fraud event has been detected, to let the person who oversees it know.

In practical terms, a fraud alert is generated and sent in order to provide information about fraud-related activity taking place in the background. For example, that a user has been blocked from signing up because they were deemed too suspicious.

They can also alert fraud analysts that there are cases awaiting manual review. For instance, that a shopper trying to check out received a medium risk score and the case should be investigated by a human.

In this way, one could think of fraud monitoring and fraud alerts as similar to a firewall, because the system is being monitored for instances of fraud and alerts are sent out when one is found and blocked.

For most modern fraud monitoring and prevention solutions, fraud alerts are customizable to the company’s needs and requirements, thus allowing for minimal disruption while important information still reaches the team members it needs to.

How Do Fraud Monitoring Tools Work?

Fraud monitoring tools are end-to-end software deployed wherever customers interact with your product or service. They run under the hood 24/7, observing and assessing behavior and analyzing data, with a focus on specific touchpoints – such as sign-up and payments.  

They are usually called through APIs from the backend and often have some kind of frontend component, most likely for device fingerprinting.

For instance, for an online shop, this works by having the platform monitor how each shopper behaves as well as all the information we can gather about them or they have provided about themselves. When someone signs up for a new account, when they log in, and when they enter their payment card details at checkout are all points at which to scrutinize them and their intentions.

Gathering User Data 

Sources of this type of information include:

• IP analysis
• device fingerprinting
• browser fingerprinting
• digital footprinting and social profiling 
• behavior analysis and velocity checks
• biometrics 

The data is combined into detailed reports that can be manually reviewed by humans or, more frequently, fed into rulesets that define what happens next.

Triggering Alerts and Actions

Rulesets in fraud monitoring can be as simple or as complex as we desire. On one end of a spectrum, they could define something along the lines of:

If someone with the email fraudster@itsasc.am attempts a payment, block them and generate an alert.

Such simple considerations about aspects to block will comprise a blacklist, letting anyone not on it through. 

But blacklists, though handy as a feature, are rigid, time-consuming and don’t make sense on a larger scale. 

To catch and block fraudsters of a certain type, as well as send out alerts about their activity to analysts, we need rulesets.

Rulesets are much more complicated than the above example, while the best fraud monitoring software platforms allow for changing and fine-tuning them, often even offering sandbox environments to test them out. 

A real-life rule we have seen customers use at SEON is:

If more than 4 accounts have logged in from the same IP address within 10 minutes, block the IP for 1 hour and generate an alert.

Rulesets will define what action to take, including sending out alerts, while this practice is further enhanced with the introduction of risk ratings.

A company will have hundreds of such rules. They are not mutually exclusive either: A specific interaction can trigger several rules, each increasing the risk score more, pushing the event onto a higher level of risk. 

As a result, an alert will be sent and/or manual intervention from a fraud analyst might be required.

How Does Risk-Based Monitoring Support Fraud Prevention?

Fraud prevention is the stated goal, with risk-based fraud monitoring being the means of getting there.

Risk ratings are key to a sophisticated fraud monitoring strategy. They enable us to take into account hundreds of individual data points that reveal a customer’s intentions and combine them into a number that summarizes how much of a threat they are considered to be. Are they likely to be a fraudster or not?

Once all the information from the fraud analysis we described above is amalgamated, each factor is taken into account to provide a weighted risk score, and certain alerts or other actions will be tied to this score. 

Normally, this means automatically blocking users with a high risk rating, letting through users with a low risk score, and pushing medium-risk users to manual review, and/or asking them for additional verification steps. 

Platforms with custom rules allow us to change these at will, with each client choosing exactly how they want to act in each case.

Why Are Fraud Monitoring and Alerts Important?

In simple terms, without real-time fraud monitoring tools and the alerts they generate, we wouldn’t be able to catch and stop fraud as it happens. And fraudsters continue to become bolder and more sophisticated in their methods.

Fraud and scam trends reveal that fraudsters are no longer solely targeting big companies with a lot to lose. Fraud has become a real threat to organizations of all sizes and types, worldwide. During the pandemic, analysts have noted an increase of 46% in fraud globally, which led to a surge in fraud attacks for three-quarters of merchants. 

Meanwhile, spend on fraud management has grown 5x in just three years to 2022. In the UK, 1 in 2 businesses are victims of fraud, while Americans have lost up to $1.8 billion to individual instances of fraud, according to the FBI.

Overall, fraud in its various guises costs the global economy over $5.127 trillion each year according to estimates by Crowe. 

What Is Account Fraud Monitoring in Banking?

Banks use this term to refer to the continuous and close monitoring of transactions and online/in-app banking sessions. 

Depending on the systems installed, this normally also extends to bank accounts themselves, including all moves to change associated address information, beneficiaries, issue new cards, etc.

Though fraud monitoring is of concern to all banks, neobanks and challenger banks in particular are facing a key dilemma: In order to provide convenience and ease of use over traditional banks’ rigidity, should they sacrifice protection from fraud? 

Fortunately, that’s a false dilemma. Though there is always a certain level of friction introduced in banking-related activities to comply with local AML legislation, this is for all banks in that region and does not put anyone at a disadvantage. 

From there, neobanks can introduce transaction monitoring solutions that work under the hood where possible, without the customer’s knowledge, and use dynamic friction to only interrupt the customer’s journey when deemed suspicious, from KYC verification to online card transactions and beyond.

SEON’s fraud monitoring solutions make use of dynamic friction to minimize false positives, churn and disruptions to the customer journey.

What’s the Role of Machine Learning in Fraud Monitoring?

A type of artificial intelligence, machine learning can boost fraud monitoring at different touchpoints of the process, including ruleset generation and real-time monitoring, as well as response to risk ratings.

At ruleset generation, machine learning modules can analyze historical data associated with a company or its sector in general in order to generate a number of rule suggestions that will serve its individual needs, addressing the schemes more likely to affect it.

For example, at SEON, we use whitebox machine learning to generate suggestions from historical fraud events. Because whitebox is transparent, it also gives us a full explanation of why each rule was suggested, thus allowing for adjustments and human input.

At the real-time fraud monitoring stage, machine learning uses historical data to train the algorithm to respond. It’s constantly improving and progressing, so it will also identify and thwart suspicious new activity that is not identical to previous fraud events but shares certain patterns.

In general terms, blackbox and whitebox machine learning can both be utilized at this stage, though blackbox has more advantage in detecting suspicious new trends vs whitebox’s potential for accuracy. 

SEON uses blackbox machine learning to apply neural network logic for predictive scoring, string similarity and other technologies, in order to catch new, sophisticated attacks.

In terms of the response to risk ratings, machine learning models can monitor which of the cases sent to manual review ended up being approved and which were rejected, as well as other potential issues: blacklisted events that were false positives, and so on. As a result, accuracy always improves with time.

In terms of fraud alerts sent to fraud analysts and other administrators, machine learning can, if desired, be used to limit unnecessary or non-urgent alerts as time goes by, by studying the rate of human engagement with each, for example.

Fraud detection with machine learning has found important use in fraud monitoring – and has even more further potential.

Yet it also has some limitations. Because the algorithm will learn and adapt based on historical and real-time data, it will not be as effective at first. A workaround for this is using third-party systems with pre-trained algorithms.  

Top Features of a Fraud Monitoring and Alert Solution

Fraud monitoring and alert platforms should be flexible to adapt to the customer’s needs, scalable to plan for the future and constantly in development to respond to the ever-changing fraud landscape.

Organizations that employ fraud monitoring solutions want convenience, so this process should be made as easy as possible, with try-before-you-buy solutions, free support, quick deployment, and transparency in processes (and pricing models).

Some key features to look for in your fraud monitoring software include:

• real-time monitoring
• email and phone data enrichment
• machine learning
• custom rules
• behavior tracking
• risk-based authentication
• fraud scoring
• manual queries
• graph visualization 
• sandboxing capacity
• reporting and alerts

We’ll look at examples of how these are used below, while you can browse the individual topics on SEON’s website for further information.

The SEON Approach to Fraud Monitoring

At SEON, our goal is to fight fraud. 

But in order to do so, we seek to empower decision makers and fraud analysts to adjust and fine-tune the level of fraud detection automation to their comfort level and to their industry and the threat landscape that surrounds it.

For challenger banks and neobanks, this means more flexibility and less customer churn, allowing them to better serve customers who seek to be free from the cumbersome processes associated with traditional banks. 

In fact, SEON’s dynamic friction approach can help any business that wants to keep the customer journey pleasant and effortless, no matter the sector because it ensures legitimate customers are approved with minimal disruption. Only suspicious individuals will be asked for additional verification.

SEON’s holistic fraud prevention platform provides real-time monitoring of 100+ individual data points gathered via advanced methods including digital footprint analysis, device fingerprinting, behavior analysis and more. 

They are then combined using the data enrichment module into easy-to-read profiles complete with risk scores.

These risk scores give a quick assessment of the risk presented by each user and/or action, ready for human decisioning and/or automatic actions based on customer-specific rulesets.

At SEON, risk rulesets can be selected and set in a number of ways, to provide for maximum flexibility: 

• generated using whitebox machine learning from historical data
• adopted from industry presets made to respond to each sector’s most common pain points
• custom rules created manually, from scratch by humans
• combinations of the above

It should be noted that the above rules can be changed or expanded at any stage of the process from the user-friendly dashboard.

Frequently Asked Questions for Fraud Monitoring

Sources

• The Paypers: Global fraud trends, COVID-19, and the importance of collaboration
• Reed Business School: 1 in 2 UK businesses are victims of fraud
• ABC Action News: Largest fraud in the country cost Americans $1.8 billion in 2020, FBI says