Many security companies can lock your front door, but DataVisor co-founder and CEO Yinglian Xie said focusing on every area of the house is a much more effective strategy for fighting fraud. DataVisor combines applied machine learning capabilities, investigative workflows and an intelligence network of more than four billion accounts to provide real-time fraud signals, insights, and protection.
Xie has long worked with machine learning. As society became increasingly digitized, she saw attackers change tactics. That left companies vulnerable.
How AI evolved to fight fraud
Artificial intelligence and machine learning were needed. Xie saw that combined with cloud-native technology, envisioning the mix embedded into platforms to proactively fight fraud.
She said artificial intelligence has become a more useful contributor to the fraud fight. Early versions were data-driven and were trained on historical data. Humans analyzed attacks, determined how they veered from normal and defined a rule set. Such an approach is suboptimal, based on experience, and error-prone.
A reactive strategy is ineffective when faced with new attack vectors. With no history, they’re stuck. Considering that some fraud goes unreported, databases are incomplete.
“That’s where we want to apply AI,” Xie said.
Those models are based on supervised machine learning. Models based on unsupervised machine learning address the shortcomings of labelling data types. These models identify natural groupings. Xie said it’s a powerful way to detect unknown fraud types.
Generative AI will further boost the fraud fight – on both sides
Today, generative AI is even more powerful. It turns human knowledge into models much faster through its data-processing ability. The next step is for generative AI models to deliver explainability of their results.
Xie said generative AI helps address the competing forces of friction and user experience. If the technology is good but comes with friction, no one will use it. The same goes if it’s bad but quick.
A big problem is that fraudsters have access to generative AI, too. It allows them to conduct campaigns beyond the authorization stage, which many companies focus on. Verification techniques based on credentials, passwords, secret questions and basic face recognition are rendered less effective. Voices and images can be synthesized from readily available online data.
Effective strategies must adopt more holistic approaches. They assume faces and voices can be mimicked at the entry point, so they look for abnormalities in your network activity. Are there changes in where and when you log in? Have there been changes in your travel behavior?
Multiply that by millions or billions of users. You can spot emerging fraud trends in near real-time.
How DataVisor protects the entire house
Xie said DataVisor secures the front door, but it focuses equally on every room in the house. There must be a constant level of protection throughout the user experience.
With that focus, there is constant activity monitoring. Attackers leave clues that differentiate their activity from the user’s when compared broadly.
“I can install the lock at the door, but you have to look at the sensors around the house,” Xie said. “Where do they call from? When do they transact? How much do they transact for, and what’s the network origin? They can’t avoid that; they have to have those things.”
There’s no silver bullet
Xie believes passkeys and verified digital identities have their places. They make for more powerful locks on the front doors. An ecosystem of approaches protects the rest of the house, too. DataVisor works with a series of partners to augment its services.
“There’s no silver bullet,” Xie admitted. “We have to have all these together while raising the bar for the attackers.”
And there’s one factor no system in the world can protect people from – themselves. Phishing scams and the like trick victims before the technology gets a chance.
“Attackers don’t need to break the lock,” Xie said. “They can break people.”
Are there opportunities via open data measures and encryption techniques to safely access larger data pools to improve security measures? There are, but there’s easier progress to be had.
“I don’t think we lack data,” Xie said. “Everybody has a lot of data, right? Some low-hanging fruit is that everybody has a lot to mine out of their data before they even come to share. That’s where I think we can still do low-hanging fruit while waiting for the encryption privacy.”
Also read:
2023 was a big year for DataVisor. In December, they announced an integration with Twilio that provides customers with enhanced fraud protection through end-user authentication and verification capabilities. That came weeks after NYMBUS chose DataVisor to provide digital banking fraud monitoring.
Over the summer, DataVisor shook hands with Q6 Cyber, a cyber and fraud threat intelligence firm, to centralize relevant threat intelligence data in a single platform. DataVisor marked a new partnership with DCI in May to better protect the latter’s customers from fraud.