By Elton Alisson 

Agência FAPESP – Attempted identity fraud occurs every 15.4 seconds in Brazil. Identity theft or identity fraud is a crime in which someone wrongfully obtains and uses another person's data in a way that involves fraud or deception for economic gain. According to a survey by Serasa Experian, this type of fraud typically takes the form of purchases made on the internet either using a stolen identity or by employing credit with no intent to pay.

To help businesses reduce the risk of fraud and mitigate the resulting losses, researchers at the Center for Research in Mathematical Sciences Applied to Industry (CeMEAI), one of the Research, Innovation and Dissemination Centers (RIDCs) supported by FAPESP, are developing statistical models to detect and prevent fraudulent financial transactions.

Some of the statistical models are already being used by banks, insurance companies and e-commerce retailers.

“Fraud is a highly volatile phenomenon that happens very quickly. If you as a financial institution or other business don’t have a system to detect it efficiently, fraudsters can hack into your database, steal what they want in a few seconds and get out again without being noticed,” said Francisco Louzada Neto, CeMEAI’s head of technology transfer, in an interview given to Agência FAPESP.

“The statistical models we develop are designed to track everything customers do from the moment they enter a company’s database and to detect anything suspicious, or any transactions with a high probability of being fraudulent,” he explained. Louzada is a professor at the University of São Paulo’s Mathematics & Computer Science Institute (ICMC-USP) in São Carlos, São Paulo State, where CeMEAI is based.

The method developed by the researchers combines different statistical models that correlate several variables, such as age, gender, marital status and location, as well as the type and amount of the transaction, among other types of information, in order to predict the likelihood of fraud. 

The models’ predictive capacity is based on the correlations among these variables, which they use to infer the possibility of fraud in a given transaction.

“We analyzed the usual statistical models and proposed new ones with an enhanced capacity to detect fraud, combining them with the aim of increasing the models’ success rates in making predictions,” Louzada said.

The method developed by the researchers predicts the possibility of fraud using historical data on normal and fraudulent transactions as well as information about customers held in corporate databases.

Based on all this information, the statistical method compares the profile of a new customer who has just accessed the company’s website and the transaction he or she is performing with historical fraud data. In this way, the probability of fraud in the current transaction can be calculated.

“It’s hard to say whether a particular transaction is or isn’t fraudulent, so the method we’ve developed provides a probability score,” Louzada said.

In addition to objective information derived from customer details and transactions, the method can also incorporate information resulting from the subjective perceptions of the company’s own transaction analysts. “If the organization has its own specialists who analyze transactions in some way, it’s possible to deploy their subjective perceptions on certain types of fraud in tandem with the method we’ve developed,” he explained.

After being finalized on demand, tested and evaluated, the statistical method is implemented in the client company’s system for online use in calculating probabilities or classifying transactions as fraudulent.

Adaptable method

Initially, the statistical method was designed to predict credit card fraud, but it has recently been adapted for use in predicting fraudulent authorization of medical consultations, procedures and refunds by health insurance plans.

According to Louzada, however, one of its main applications today is in analyzing transactions performed on e-commerce websites.

“Banks and other financial institutions have plenty of experience and expertise in fraud prevention, including large teams of statisticians who work with models for predicting fraud in credit operations,” he said. “Retailers who sell over the internet via e-commerce, however, still require assistance in this area and are far more vulnerable to fraud.”

Over 1.5 million fraud attempts have been reported in Brazil so far this year, according to Serasa Experian.

The most affected sector besides banking and retail is telecommunications, followed by general services such as construction, real estate and insurance.