Upload
kaden
View
90
Download
1
Tags:
Embed Size (px)
DESCRIPTION
Predicting Fraud Rather than Detecting It. Ryan Wilk [email protected] (385) 242- 5561 NuData Security. Disclaimer. - PowerPoint PPT Presentation
Citation preview
Ryan WilkOctober, 2014 – The Confluence of Many Challenges October, 2014 – The Confluence of Many Challenges
Predicting Fraud Rather than Detecting ItRyan Wilk
[email protected](385) 242-5561
NuData Security
1
Ryan WilkOctober, 2014 – The Confluence of Many Challenges October, 2014 – The Confluence of Many Challenges
DisclaimerThe views and opinions expressed during this conference are those of the speakers and do not necessarily reflect the views and opinions held by the Information Systems Security Association (ISSA), the Silicon Valley ISSA, the San Francisco ISSA or the San Francisco Bay Area InfraGard Members Alliance (IMA). Neither ISSA, InfraGard, nor any of its chapters warrants the accuracy, timeliness or completeness of the information presented. Nothing in this conference should be construed as professional or legal advice or as creating a professional-customer or attorney-client relationship. If professional, legal, or other expert assistance is required, the services of a competent professional should be sought.
2
Ryan WilkOctober, 2014 – The Confluence of Many Challenges October, 2014 – The Confluence of Many Challenges
Predicting Fraud Rather than Detecting It
The Challenges I Faced Building an In-House system.
3
Ryan WilkOctober, 2014 – The Confluence of Many Challenges October, 2014 – The Confluence of Many Challenges
IntroductionRyan Wilk Director, Customer Success at
NuData Security
4
Managed StubHub’s Transactional eCommerce Trust & Safety Group
Founded the Universal Parks & Resorts eCommerce Fraud & Risk Department
Previous
Ryan WilkOctober, 2014 – The Confluence of Many Challenges October, 2014 – The Confluence of Many Challenges
Predicting Rather than Detecting
1. Rethinking Risk2. Creating a Monster3. Success (and Railings)4. How Risk in the Market is Changing
5
Ryan WilkOctober, 2014 – The Confluence of Many Challenges
Rethinking Risk
6
Ryan WilkOctober, 2014 – The Confluence of Many Challenges October, 2014 – The Confluence of Many Challenges
Learning the Ecosystem
What is StubHubStubHub’s Unique RiskWhat do you do when fraud occurs
7
Ryan WilkOctober, 2014 – The Confluence of Many Challenges October, 2014 – The Confluence of Many Challenges
When fraud occurs: Cancel the ticket? The seller has lost a ticket The buyer has lost a ticket StubHub loses twice
8
StubHub Process
Ryan WilkOctober, 2014 – The Confluence of Many Challenges October, 2014 – The Confluence of Many Challenges
The ATO ProblemContaining the issueNumber 1 project at StubHubFull development team dedicatedSolved in four months
9
Ryan WilkOctober, 2014 – The Confluence of Many Challenges
Creating a Monster
10
Ryan WilkOctober, 2014 – The Confluence of Many Challenges October, 2014 – The Confluence of Many Challenges
Assessing ATO
The account isn’t fraudulentThe current user is fraudulentThe ideal system knows the
intention of the userRecognising the good user
11
Ryan WilkOctober, 2014 – The Confluence of Many Challenges October, 2014 – The Confluence of Many Challenges
Optimizing In House ToolsAddress Verification Service (AVS) Credit Card Verification Code (CVV2, CVC)Device fingerprintingRules engines
12
Ryan WilkOctober, 2014 – The Confluence of Many Challenges October, 2014 – The Confluence of Many Challenges
‘The Monster’ We used a piecemealed group of vendor tools to record
things such as:Device IDIP Address – GeolocationPersonally Identifiable InformationVelocity
Paired or grouped indicatorsRecorded data at key events
13
Ryan WilkOctober, 2014 – The Confluence of Many Challenges October, 2014 – The Confluence of Many Challenges
Key EventsLoginAdd-to CartChange Address
+ 44 other event flowsData around 47 events generates a LOT of data.
14
Ryan WilkOctober, 2014 – The Confluence of Many Challenges
Measuring SuccessHow did we do?
15
Ryan WilkOctober, 2014 – The Confluence of Many Challenges October, 2014 – The Confluence of Many Challenges
Measuring SuccessChannels:
Mobile / DesktopPayment method
ChargebacksFraud ratesFalse positives
By the rules engineBy fraud analysts
16
Ryan WilkOctober, 2014 – The Confluence of Many Challenges October, 2014 – The Confluence of Many Challenges
Our Results
OPEX OptimizationReview Time ReductionQueue Volume ReductionReduced Customer Insult
17
Ryan WilkOctober, 2014 – The Confluence of Many Challenges October, 2014 – The Confluence of Many Challenges
Retrospect47 flows was excessiveThe rules used were most
effective when looking for the good user, not the bad
Expensive solutionThere are quicker ways that
provide more ROI in a shorter time
18
Ryan WilkOctober, 2014 – The Confluence of Many Challenges
Changes in the Industry
19
Ryan WilkOctober, 2014 – The Confluence of Many Challenges October, 2014 – The Confluence of Many Challenges
How the fraud prevention market is changingPrediction is beating detectionSeeking good users who are now behaving differently
more effective than seeking bad general traitsBehavior is being used as an uplift to passwordsVendor solutions are more entwined – its easierDiscreet vendors, they are more tightly integrated
20
Ryan WilkOctober, 2014 – The Confluence of Many Challenges 21
Disclaimer
The views and opinions expressed during this conference are those of the speakers and do not necessarily reflect the views and opinions held by the Information Systems Security Association (ISSA), the Silicon Valley ISSA, the San Francisco ISSA or the San Francisco Bay Area InfraGard Members Alliance (IMA). Neither ISSA, InfraGard, nor any of its chapters warrants the accuracy, timeliness or completeness of the information presented. Nothing in this conference should be construed as professional or legal advice or as creating a professional-customer or attorney-client relationship. If professional, legal, or other expert assistance is required, the services of a competent professional should be sought.
Thank you
Ryan [email protected]
(385) 242-5561NuData Security