FRUAD DETECTION

This is the fraud :

Recently, the Vice President of Fraud at your firm, BuddyPay, has been in contact with a major retailer and they have been discussing recent increases in potential return fraud. Return fraud for BuddyPay is a situation where a BuddyPay client (who is also a user of the BuddyPay service) purchases an item online from a retailer, pays for the product with BuddyPay, then within 7 to 10 days of the purchase, files a claim with BuddyPay that the item was not delivered or received.

In order to prevent this fraud BuddyPay typically requires the client to first file a complaint with the online retailer from whom they purchased the product. The client must provide proof to BuddyPay via a screenshot or claim code of the claim having been filed with the online retailer. BuddyPay will then typically refund the amount of the purchase to the client.

In the last two months, the Vice President has been noticing a significant increase in returns resulting refunds for a large online retailer, Walget. The VP has since organized a series of meetings with Walget to determine if they have had an increase in shipping problems, complaints from customers who did not receive their products with 7-10 days, or an increasing volume of claims for packages not delivered or received. Walget says they have had increases in each of those categories.

As a result, Walget and BuddyPay have decided to form an analytics team comprised of data scientists from Walget and BuddyPay to investigate ways to detect or prevent the fraud using analytics. You are the manager of this team. What techniques can you employ to detect and/or prevent this fraud? You have access to all the BuddyPay and Walget client and transaction records.

Write a paper with additional graphics and code of detecting or preventing this fraud.

The paper should contain, at a minimum:

(1) a strategy with supporting detail of WHERE you will detect or prevent the fraud within the Fraud Kill Chain. Ideally, prevention should take place prior to actual exfiltration of funds. Detection may occur at any step within the Fraud Kill Chain.

Reconnaissance

Targeting

Social Engineering/Surveillance

Exploitation

Exfiltration

(2) a description of HOW your analytics or machine learning algorithm will detect or prevent the fraud within the step (or steps). Your description should include:

A plain-English description (i.e. non-technical) of how the analytics or machine learning algorithm works.

A summary of the data (aka features) you deem necessary to execute the analytics or machine learning package.

A technical description of the analytics or machine learning algorithm and how it works. (This can be as technical as you deem necessary and include the supporting math).

If using supervised learning, a summary of how you will train your algorithm to ensure it works properly.

A summary of how often your analytics or algorithm will run (i.e. real-time 24-7 or daily, weekly, monthly batch)

(3) A summary of WHAT happens when your analytics or algorithm prevents or detects the fraud. Does it stop the fraud from occurring automatically? Does it alert a person who must then manually intervene?

(4) An analysis of WHO your prevention and detection protects (e.g. which targeted victims) AND the vectors of attack it detects or prevents.

(5) An analysis of WHY your analytics or machine learning algorithm might fail to detect or prevent the fraud..... Consider what might break or drift in your model and what tools/methods you can use to monitor for breaks or drift.