Executive interviews Cyber Crime & Forensic Device & IoT Identity & Access

Data vs Deception: SAS Global Director Reveals AI’s Crucial Role in Fraud Prevention

Mohammad Al Amin Mohd Jahaya April 30, 2024

3 minutes read

The first fraud and scam cases can be traced back as far as 300 BC, involving two Greek merchants. In those simpler times, the methods were straightforward, and perpetrators were often swiftly apprehended and brought to justice. However, as the world evolved and became more technologically advanced, so too did the tactics employed by those seeking to deceive and scam others.

The recent rapid advancement of technologies has dramatically transformed the fraud and scam landscape. Today’s schemes have become highly sophisticated, leveraging social engineering to manipulate their targets into transferring huge sums of money or coercing them into sharing account credentials. The latter tactic often results in Account Takeover (ATO) scenarios. However, by leveraging diverse data sources, these increasingly sophisticated frauds and scams can be combated more effectively.

In our recent review interview with Ian Holmes, SAS Global Director for Enterprise Fraud Solutions, at their Media Hospitality event held in St Regis, Kuala Lumpur, Ian elaborated further on the aforementioned emerging fraud and scam trends as well as the pivotal role data plays in fraud and scam prevention.

Ian highlighted the transformative impact of digital payment adoption in the financial landscape, stating that it has changed the way transactions are conducted and processed, becoming much faster and more convenient. Nonetheless, these changes also introduce new sets of challenges and variables, including malware and spoofing, which financial institutions need to tackle in order to maintain the security and privacy of their clientele.

However, according to Ian, for financial institutions, particularly banks, to effectively prevent frauds and scams, they need to be able to profile the “behaviours” of a device. For instance, banks can leverage the geolocation data of a device to enhance their fraud and scam prevention measures. This enables banks to cross-reference a user’s reported location with their typical financial activity, thereby identifying any anomalies that could signal fraudulent behaviours. He also added that banks should not only look for good or suspicious device activities but also detect mistakes.

This suggests that banks should scrutinise not only signs of potential fraud or suspicious behaviours but also inadvertent errors that may happen during financial transactions. This would enable banks to exercise greater vigilance for both intentional and unintentional discrepancies, bolstering their fraud detection capabilities and minimising the risk of financial loss and fraudulent activities.

While on the subject of leveraging multiple data sources, Ian delves into the application of Artificial Intelligence (AI) and Machine Learning (ML) for identifying and thwarting fraud. He also asserted that the application of AI and ML would not only help banks and other financial institutions to swiftly sort through huge volumes of data and make fast and accurate decisions but also enable faster detection of threats and suspicious activities. However, it still necessitates human supervision to ensure that both AI and ML are utilised ethically and to prevent any bias. Moreover, human involvement is crucial in directing both AI and ML towards accurate insights, leveraging historical fraud data to mitigate future fraud and scam attempts.

However, in the context of social engineering frauds and scams, wherein threat actors exploit and manipulate their targets’ emotions and mental faculties, Ian suggests the burden of prevention or legal action doesn’t solely fall on the shoulders of banks or financial institutions but also on the victims as well. This means a collective effort involving both financial institutions and society to combat the pervasive threat of social engineering frauds and scams.

Ian added, however, that financial institutions such as banks certainly should bear the brunt of the responsibility since they possess the most knowledge regarding various types of frauds and scams. He suggests that financial institutions such as banks or governmental bodies should proactively educate society about common scam techniques to raise their awareness. This would allow society to recognise and resist fraud and scam attempts.

He also encourages victims of social engineering scams and frauds to step forward, report, and share their incidents. This proactive approach not only serves to alert authorities and financial institutions to emerging threats but also fosters a collective effort to combat fraud and enhance cybersecurity measures.

Once again, before wrapping up the interview, Ian underscores the imperative for a collaborative effort to effectively combat cases of fraud and scams. This call for cooperation extends beyond individual entities or sectors, emphasising the necessity for coordinated action across various stakeholders, including financial institutions, law enforcement agencies, regulatory bodies, cybersecurity experts, and the general public.