How to Spot Hidden Customer Connections Through AI

How to Spot Hidden Customer Connections Through AI

Author avatar

by Florian Tanant

Our recent webinar on online gambling included a poll: what is the key issue operators face when dealing with fraud? The main answer was finding hidden connections between customers. 

However, the point is just as relevant in the world of e-commerce and financial services. Most companies face increasing competition these days, which is why promotional discounts and bonuses are an important feature to lure new users and customers. It’s also a feature that’s constantly abused by single users parading as multiple ones.

The challenge? Flagging and reviewing suspicious cases fast, and without heavy processes. Luckily, this is exactly what a good AI-powered fraud prevention tool should let you do.

Single Data Points As Triggers

In fraud prevention, the more data points you have, the more accurate your decision can be. In fact, having numerous data points is usually enough to screen risky accounts before looking at connections with other users.

But sometimes, a single data point can be enough to blacklist users, provided the fraud team is active and on the lookout for obvious triggers. 

For instance, a browser hash/ID can be blacklisted based on historical data. As it generates an ID using data from the browser, operating system, device, and network, this is something that doesn’t require excessive calculations, yet can be highly effective in preventing the same users from logging in under fake IDs as seen in synthetic identity fraud & scams.

Rules and blacklists, however, are nothing new, nor the most scalable screening tools, especially based on single data points.

Enriching Data to Get the Full Picture

A more efficient way to gain valuable insights from small numbers of data points is to run them through a data enrichment system. 

Quite simply, it’s a process that takes raw data and improves its value – specifically by linking it to other sources. 

In practice, it means even something as disposable and easy to create as an email address can point you towards fraudsters. Using email profiling, we can quickly spot connections if, for instance:

  • Multiple email addresses are from the same disposable domain
  • They have been created within the same time frame
  • They have the same registered profiles online

With IP address enrichment, the connections are even more obvious if:

  • Multiple IPs all come from the same datacenter
  • They connect through the same open ports

AI-Powered Rules

“A good AI-powered system can decide which single data points are related to other risky transactions based on your feedback, a process known as the creation of heuristic rules”

Using rules and data enrichment, a good AI-powered system can also decide which single data points are related to other risky transactions based on your feedback, a process known as the creation of heuristic rules. 

It’s tremendously difficult and time-consuming for humans to investigate each of them, which is why we usually validate them on a confusion matrix to avoid false positives. AI-powered systems can automatically find these data points themselves.

Once the confirmed fraudulent transactions are marked  – either manually by analysts or automatically by an API – the system can then generate complex rules as suggestions too. These are considered complex because they involve multiple parameters, and create a decision tree where each branch is a rule and each node is a parameter. The leaf is a score that aids your decision-making process.

Behavior Profiling Through Velocity Rules

Velocity rules are another great way to find connections by comparing specific data points during a set timeframe. For instance, a system that leverages velocity rules could look at how many users have used the same IP address before completing a transaction within 30 seconds, 1 minute or 1 day. 

The challenge with velocity rules is finding the right combinations. Because comparing numerous data sets results in enormous amounts of possibilities, the system should help you filter unnecessary combinations.

Possible elements of a velocity rule that add a fraud score reflecting the risk
Elements that can make up a velocity rule

In fact, the number of combinations is virtually infinite. Time can be broken down into infinite frames, and something as benign as an online transaction can generate hundreds of extra parameters (local language, device name, installed plugins, battery level, and loads more just in the context of device fingerprinting).

Automatic filtering can therefore be done in two ways: first, the system can come with a set of industry-specific combinations that have been tried and tested in your vertical. Second, AI can also suggest the right combinations to improve your accuracy.

Using AI to Filter out the Noise

If we take IP and users as comparison points, it’s easy to see how quickly the number of rules to analyze can get out of hand. No human could possibly compare the most efficient combinations manually, which is why AI is a must-have in spotting customer connections.

In fact, a good system utilizing AI will fine-tune the already existing rules continuously to prevent as many false positives as possible. It will also come up with new combinations and values to prevent further fraudulent cases by itself.

While AI systems can deliver astonishing results for establishing connections between customers based on few data points, it also needs to be trained. The rules should be delivered via a white-box model, whereby fraud managers still get to oversee the suggestions.

It is possible that suggested rules could reveal accidental or irrelevant correlation, and a few extreme transactions could easily skew the results. Combining AI and human intelligence will not only reduce fraud rates and reveal more connections between suspicious users, but it will also make you feel more in control of how you protect your online business.

You might also be interested in reading about

Learn more about:

Data Enrichment | Browser Fingerprinting | Device Fingerprinting | Fraud Detection API 

Share article

Speak with a fraud fighter.

Click here

Author avatar
Florian Tanant

Communication Specialist | Florian helps tech startups and global leaders organise their thoughts, find their voices, and connect with customers worldwide.

Sign up for our newsletter

The top stories of the month delivered straight to your inbox