1 / 21

Predicting Fraud Rather than Detecting It

Predicting Fraud Rather than Detecting It. Ryan Wilk ryan.wilk@nudatasecurity.com (385) 242- 5561 NuData Security. Disclaimer.

kaden
Download Presentation

Predicting Fraud Rather than Detecting It

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Predicting Fraud Rather than Detecting It Ryan Wilk ryan.wilk@nudatasecurity.com (385) 242-5561 NuData Security

  2. Disclaimer The views and opinions expressed during this conference are those of the speakers and do not necessarily reflect the views and opinions held by the Information Systems Security Association (ISSA), the Silicon Valley ISSA, the San Francisco ISSA or the San Francisco Bay Area InfraGard Members Alliance (IMA).  Neither ISSA, InfraGard, nor any of its chapters warrants the accuracy, timeliness or completeness of the information presented.  Nothing in this conference should be construed as professional or legal advice or as creating a professional-customer or attorney-client relationship.  If professional, legal, or other expert assistance is required, the services of a competent professional should be sought.

  3. Predicting Fraud Rather than Detecting It The Challenges I Faced Building an In-House system.

  4. Introduction • Ryan Wilk • Director, Customer SuccessatNuData Security Previous • Managed StubHub’s Transactional eCommerce Trust &Safety Group • Founded the Universal Parks & Resorts eCommerce Fraud & Risk Department

  5. Predicting Rather than Detecting • Rethinking Risk • Creating a Monster • Success (and Railings) • How Risk in the Market is Changing

  6. Rethinking Risk

  7. Learning the Ecosystem • What is StubHub • StubHub’s Unique Risk • What do you do when fraud occurs

  8. StubHub Process • When fraud occurs: • Cancel the ticket? • The seller has lost a ticket • The buyer has lost a ticket • StubHub loses twice

  9. The ATO Problem • Containing the issue • Number 1 project atStubHub • Full development team dedicated • Solved in four months

  10. Creating a Monster

  11. Assessing ATO • The account isn’t fraudulent • The current user is fraudulent • The ideal system knows the intention of the user • Recognising the good user

  12. Optimizing In House Tools • Address Verification Service (AVS) • Credit Card Verification Code (CVV2, CVC) • Device fingerprinting • Rules engines

  13. ‘The Monster’ • We used a piecemealed group of vendor tools to record things such as: • Device ID • IP Address – Geolocation • Personally Identifiable Information • Velocity • Paired or grouped indicators • Recorded data at key events

  14. Key Events • Login • Add-to Cart • Change Address • + 44 other event flows • Data around 47 events generates a LOT of data.

  15. Measuring Success How did we do?

  16. Measuring Success • Channels: • Mobile / Desktop • Payment method • Chargebacks • Fraud rates • False positives • By the rules engine • By fraud analysts

  17. Our Results • OPEX Optimization • Review Time Reduction • Queue Volume Reduction • Reduced Customer Insult

  18. Retrospect • 47 flows was excessive • The rules used were most effective when looking for the good user, not the bad • Expensive solution • There are quicker ways that provide more ROI in a shorter time

  19. Changes in the Industry

  20. How the fraud prevention market is changing • Prediction is beating detection • Seeking good users who are now behaving differently more effective than seeking bad general traits • Behavior is being used as an uplift to passwords • Vendor solutions are more entwined – its easier • Discreet vendors, they are more tightly integrated

  21. Thank you Ryan Wilk Ryan.wilk@nudatasecurity.com (385) 242-5561 NuData Security Disclaimer The views and opinions expressed during this conference are those of the speakers and do not necessarily reflect the views and opinions held by the Information Systems Security Association (ISSA), the Silicon Valley ISSA, the San Francisco ISSA or the San Francisco Bay Area InfraGard Members Alliance (IMA).  Neither ISSA, InfraGard, nor any of its chapters warrants the accuracy, timeliness or completeness of the information presented.  Nothing in this conference should be construed as professional or legal advice or as creating a professional-customer or attorney-client relationship.  If professional, legal, or other expert assistance is required, the services of a competent professional should be sought.

More Related