Emil Eifrem of Neo Technology explains how graph databases are providing an innovative method for uncovering fraud rings and other complex scams, revealing patterns that were previously difficult to detect
Recently in the US, a man was jailed for scamming credit companies out of $200 million, working with conspirators to create thousands of fake identities and addresses to gather up tens of thousands of cards and running up huge debts which were never repaid.
The ring also set up false companies to purchase credit card terminals to process the charges. Information was then reported to credit bureaus to rack up even greater credit limits on the credit cards. The gang also worked with legitimate businesses, creating bogus transactions on the fraudulent cards, with the proceeds being split between them.
This was a clever and complicated fraud scheme with an elaborate network of false identities that took the investigating authorities some time to unravel.
Uncovering such an elaborate crime is difficult and speed in detecting suspicious behaviour is of the essence. But sourcing the answer is as simple as looking at data relationships and doesn’t always necessitate pulling together new data. It is pivotal to look at the existing data in a new way, using powerful graph databases that can map out underlying connections and patterns that previously may have gone untouched.
Unlike other ways of looking at data, graph databases have been developed to exploit relationships in data. They have the power to uncover patterns difficult to detect using traditional representations such as tables.
There are a number of types of fraud – first-party, insurance, and e-commerce fraud, for instance. What they are all tied by is layers of deceit that can only be exposed through connected analysis. In each of these fraud types, graph databases provide a way to support existing methods of fraud detection, making subterfuge more difficult.
Putting a Stop to Bust Outs
First-party fraud is when criminals apply for credit cards, loans, overdrafts and unsecured banking credit lines, build up huge debts, but have no intention of paying the money back. It is a huge problem for banks and financial institutions. It is thought that around 20% of unsecured bad debt at leading US and European banks is down to first-party fraud.
First party fraud is very difficult to detect as the fraudsters are very good at disguising themselves as legitimate customers. It is only when they clear the accounts of all the funds, known as a “bust out” and disappear, that banks find out they are actually criminals.
Another factor is the large number of relationships between the people in the fraud ring. Whilst the size of the fraud ring makes it extremely detrimental, it also makes them especially susceptible to graph-based methods of detecting fraudulent activity.
This is because a first-party fraud ring involves two or more people sharing a subset of legitimate contact information, teaming them to make up a number of synthetic identities. With these fake IDs they can go on to open bank accounts, apply for credit cards etc.
The accounts are run efficiently, so that banks do not suspect anything untoward and in time up the credit limits. But at a given time, the ring maximizes all its credit lines, “busts out” and goes off the radar. Collection processes follow, but by then the fraudsters have bolted.
Unearthing rings with traditional relational database requires modeling the data as a set of tables and columns, then working out complex joins and self-joins. Such queries are complex to build and expensive to run, and scaling them in a way that supports real-time access is difficult. There is also a degradation in performance the larger the fraud ring gets.
The power of the graph
Graph databases, however, have shown themselves to be a powerful tool against such challenges. Used with new data languages like Cypher, which provides a simple semantic for detecting rings in the graph and navigating connections in real time, they can be a compelling way to hone in on connections between fraudsters and their fraudulent activities.
In addition, running appropriate entity link analysis queries using a graph database, backed up by running checks linked to the right kinds of customer and account lifecycle ‘events’ can help banks identify possible fraud rings during or even before they have carried out a fraudulent activity.
In a 24/7 connected world, the timeline for detecting fraud has become narrower. Traditional technologies, whilst having their place, are not designed to detect sophisticated fraud rings. Graph databases provide a unique ability to unmask a variety of fraud patterns and banks, financial institutions and businesses are fast realizing their potential in the fight against crime.
The author is co-founder and CEO of Neo Technology, the company behind Neo4j, the world’s leading graph database (http://neo4j.com/)