“It’s A Responsibility For Us All” Derek Dempsey On The Fraud Industry: Part One

our consultant managing the role
Posting date: 2/26/2019 9:31 AM


Derek is a Director of Fraud Analytics for leading fraud analytics software provider, FICO. With a background in Philosophy, he is passionate about the application of advanced analytics in furthering the Fraud industry. I recently met with him to discuss the latest Fraud trends, tools and challenges for the industry.


Fraud is an ever changing landscape. What trends do you anticipate for the next 12 months and beyond? 

It is ever-changing indeed. As other routes are shut down, we will see new Fraud attacks that reflect the changing payments landscape and the continuing shift to digital, mobile and the introduction of new players due to PSD2.

For example, we’ve seen a significant shift in card Fraud following the introduction of chip and pin towards card not present or ID Theft and Application Fraud. We’re also seeing Fraudsters using AI to mount ever-more sophisticated attacks. 

From a Fraud Detection perspective, this has led to a convergence of Fraud teams towards a more holistic financial crime approach, as well as increasing use of AI techniques alongside requirements for greater explainability. 

What are the biggest risk areas for businesses to be aware of? 

I’d say one of the main areas is the risk of data breach through hacking and internal leaking. 

In terms of cyberattacks, companies may feel that they can address this fairly readily. However, they need to be vigilant as hackers have some very sophisticated techniques at their disposal. FICO have recently introduced some of our AI fraud techniques into the cybersecurity domain to combat this.  

However, internal leaking probably causes bigger issues. This is more often due to social engineering than a malicious internal leak but these types of breach are difficult to detect. You need an additional level of control to detect unusual, but permitted, activity and this is challenging.  

Financial Service organisations also need to be aware of risk areas associated with new products and services. The proliferation of mobile payments and new account and payment service providers in the new PSD2 ecosystem marks another shift in payment services and this will bring in many new players. However, new products tend to be targeted by professional fraudsters.  So while we all like the greater ease and convenience, anti-Fraud measures need to keep on top of this. 

For aspiring Fraud-fighters, what skills do you think are key to being successful in the industry? 

It varies really. I got into this because I’d previously been a mathematics lecturer and then did a Master’s in AI and Cognitive Science. Fraud was, and remains, one of the best areas to apply these skills and techniques. Certainly it helps to have a Mathematical or Statistical background, but ultimately a problem-solving mindset is what really matters. 

The modern-day Data Scientist needs to be equipped with a range of technical skills to be effective, so it is useful to understand Big Data technologies such as Hadoop and Spark and how to interact with cloud-based services. Python and R have become the key analytical programming languages. Visualisation is also important so its useful to have skills in this as well. 

Soft skills are probably not the most important when it comes to Fraud Analytics but communication skills are essential - you need to work in teams and be able to ask questions and provide answers to others. Primarily, you need the ability to interrogate your Data, understand what it actually represents, understand its source and its reliability. And you need to do all this whilst keeping in mind your business objectives.

It's well known that Fraudsters are sharing their approaches, so why is the industry not? 

There are examples of sharing in industry. In the UK we have CIFAS which is one of the leading organisations for Data sharing and this provides a great service to its affiliated businesses. We have the IFB and other organisations that are based on sharing Data. The introduction of cloud-based technologies should encourage companies to share more and FICO have invested heavily in a cloud-based strategy. The next generation of FICO's flagship Falcon fraud product, Falcon X, is a flexible cloud-based, platform solution. 

However, a lot of information is currently held by the commercial sector which limits how much sharing can be done. There are many companies who provide specialised Data on email addresses, devices, IPs but all of this is under a commercial umbrella and companies do need to protect assets that they have built up over many years of research.  But most businesses do support sharing activity and see that that it’s to their benefit and there is definitely a willingness there. 

Personally, I would like to see more sharing in terms of guidance, education and awareness to customers. This is a responsibility for all of us in the sector and we need to be more proactive than just leaving information sitting on a website. Companies should be under greater pressure to provide this awareness training and, if they do, I would predict a significant reduction in certain types of fraud. 

There were a string of high profile Data breaches in the news last year such as Facebook and Carphone Warehouse. Do you think businesses are doing enough to protect customers?

I don't think so. Obviously this something we take this very seriously and, for us, most of the Data we use is anonymised so we already minimise the risk. I know that banks are investing very heavily in this and being proactive as, more than anything, there’s a huge reputational risk to a large-scale Data breach. Other sectors probably need to do more however and all sectors can improve.

Hopefully GDPR will make a big difference within the EU. There are large fines for failing to take adequate measures. Other countries are adopting similar legislation and we’re seeing non-EU businesses embrace the same guidelines as well, so hopefully that will help. 

If you could change one thing in the industry, what would it be? 

I think increasing awareness and education would make a big difference. One company I worked with mounted a big customer campaign and it made a huge impact in driving down Fraud. I think this is an underrated area. I'm aware that the FCA and other industry bodies such as IFB do produce materials but I think much more could be done.

It perhaps goes without saying that I also think that increased usage, and better usage, of Data and Advanced Analytics is crucially important to reducing levels of fraud.

Derek spoke to Senior Consultant, Rosalind Madge. Get in touch with Rosalind or take a look at our latest job opportunities here.

Related blog & news

With over 10 years experience working solely in the Data & Analytics sector our consultants are able to offer detailed insights into the industry.

Visit our Blogs & News portal or check out the related posts below.

“If It’s Difficult To Find, That’s Where Your Threat Will Be”: Hunted’s Ben & Danni On Cybersecurity

Ben Owen and Danni Brooke are the Co-Directors for the EMEA Practice at Fortalice Solutions, a leading global cyber security and intelligence operations company.  They travel globally to assist clients with their cyber security requirements, bespoke training needs, intelligence and investigations both online and physical and counter fraud training/consultation. They deliver and manage a portfolio of pro-active intelligence solutions to keep people, nations and businesses safe from threats and head up the EMEA operations.  Ben and Danni also feature on the hit Channel 4 show, Hunted and Celebrity Hunted which has been airing for over four years with another series set to be filmed this summer. I caught up with them recently to discuss the latest Fraud, tools and challenges for the Cybersecurity industry. Cybersecurity is an ever-changing landscape. What trends do you anticipate for the next 12 months and beyond? It is always difficult to pin down what the next real trend is going to be in the Cybersecurity space as adversaries are becoming ever more sophisticated.  What was once a very difficult process for skilled individuals is becoming more readily available to novices with advances in software, particularly those shared on the Dark Web. What is an inevitable threat trend in the next 12-months and beyond is the exponential rise in the Internet of Things (IoT).  With a world where everything is hooked up to the web, it is apparent that tech companies selling these devices are under immense pressure to get products to market. The need for speed could mean that some security principles and best practices may be overlooked.   As the UK encountered during the Mirai Botnet attack of 2016, a network of electronic devices acting in concert can cripple the internet or, worst case, become a weapon that could cause actual physical damage as well as cyber damage, power stations, hospital networks to name but a few.   How have Data & Analytics impacted the detection, and prevention, of cyber-crime? A company will have to protect themselves against an enormous amount of cyber threats every second.  A cyber-criminal will only need one successful attempt. Data & Analytics are proving successful in the fight against cyber-crime and their proactive and holistic approach is at keeping people and businesses safe.  Of course, it is Data that is being stolen, but very often Data can come to the rescue.  It helps in a number of ways, e.g. identifying anomalies in employee and contractor computer usage and patterns, detecting irregularities in networks, identifies irregularities in device behaviour (a huge advantage with the rise of the IoT). What one must remember, however, is the people behind the Data.  You can’t simply collect Data and assume you will be able to detect and respond with the right actions.  You need the people with the right analytical skills to sift through the Data, find the right signals and then react to the threat with an appropriate and timely response.   What tools and technologies do you think will become increasingly important in the fraud and cyber-crime landscape? Here at Fortalice we are investing a lot of time into coverage of the Dark Web.  We live in a rapidly changing digital landscape. Criminals, fraudsters, and others are now operating with more sophistication and anonymity. Where do they go to exchange fraudulent details and ideas about current victims? What medium do they use to discuss organisational targets or new ways of defrauding companies? The answer is the Dark Web.  Traditionally, companies fight fraud from the inside out. We want to change this landscape by accessing the entirety of the Dark Web, its pages, shady storefronts, and treasure troves of Data, and drawing on monitoring toolsets to give our clients a 360-degree resource for identifying adversarial communications and movements. It’s all about Internet coverage.  Wherever it is difficult to find – that’s where your threat will be.   A final point to this question is one of sharing tools and techniques.  A collaborative approach is always a good way of making sure the wider audience benefits.  We always work with our clients and offer other services and support outside of our remit to make sure they’re fully protected from a cyber and physical space.   What are the biggest security threats for businesses? Security is fundamentally broken because the design of many security solutions does not design for the human psyche.  Security solutions are bolted on, clunky, and hard to use but because security teams prioritise defending against easier cyber threats, they often don’t focus on the hardware side. The biggest risk to companies and individuals is always defined by the Data that is most important to you or to the business.  For individuals, this might be privacy or identity. For businesses, this could be customer Data, intellectual property, and the company’s money in the bank. The reality is that business executives can’t outspend the (cybersecurity) issue and they must be prepared. Cybersecurity no longer exists in a vacuum and it must be elevated to the conversations held in the boardroom and with senior leadership as well as entire divisions, departments, and organisations. For someone trying to get into security analytics, what skills do you think are key to being successful in the industry? The detail is in the name of the role.  A huge ability to interpret large amounts of technical Data is key to the role, as well as being able to assimilate what it means and how to action it.  Risk management is also key to this role.  Very often you will identify potential risks and you will have to triage those priorities on your own as co-workers won’t have the technical expertise to assist.  You will need to be able to communicate successfully to all levels of a workforce and last but by no means least – a good sense of humour!  When you think you have gotten to understand a new threat or vulnerability a new one will replace it within seconds.  Time to put the kettle on, smile, and get back to work with your analytical prowess.   Within fraud, it's well known that criminals are sharing their approaches, is this mirrored in cyber-security and if so, how is the industry combating this? Criminal collaboration is huge on the web.  First of all, there is no talent shortage for fraud rings or cybercriminals. There are no requirements for fancy university degrees or certifications and the crime ring pays for performance.  They don’t care what you look like, how you dress, or if you clock in during normal work hours. They care about getting the job done - hacking into and stealing information from others. Together they are sadly stronger and more effective.  On Dark Web forums, you will see fraudsters sharing and selling their ‘IP’ knowing that others will also contribute. That way they are all winners.  In the private world ideas equal money. That is of course not a bad thing for business, but it is bad for collaboration. Businesses generally don’t like to share ideas with one another because it has taken them lots of time and expense to get to their product or solution. As cliché as this comment sounds - we have to change this landscape for the greater good.  There are lots of smart government initiatives for national defences in cyber security and fighting high-end cyber-crime but seldom does this have a positive impact locally with smaller businesses.  There is a huge amount of information out there for individuals and advice, but we need to bridge the gap still between criminal collaboration and that of the good guys. If you could change one thing in the industry, what would it be? The mind set of security professionals that humans are the weakest link. We’re not! Humans are at risk because technology is by design, open.  I’d also change the mind set of those not in the Cyber Security industry.  All too often the severity of what is being reported is not taken seriously, nor are budgets set aside for cyber security issues.  That said, it is improving but there is a long way to go.  Ben and Danni spoke to Senior Consultant, Rosalind Madge. Get in touch with Rosalind or take a look at our latest job opportunities here.

Top Considerations For Campaign Analysts

The phrase Campaign Analyst means many things to many people. A quick Google search alone turns up a variety of titles and job descriptions, united by one common thread; creating merit through customer value, metrics, and consumer insight.  As a rule, Campaign Analysts have become more and more important in every forward-thinking business over the past few years, particularly in B2B marketing departments. But what are the big trends we should expect to see over the next year or so? Recapping the role    Campaign Analysts are the go-to resource for everyone from staff to stakeholders, acting as advisor in regard to digital campaigns segmentation and analytical needs, and utilising their comprehensive knowledge and understanding of customer Data. They are often the bridge across departmental teams and help provide a big picture scope, while also diving into the details of customer and marketing insights to achieve actionable results. As an overview, they:     Develop guidelines and build Database procedures to evaluate individual, multi-and omnichannel testing methodologies. Mine Data and reach out to customer segments for query Data.Identify areas of improvement for campaign organisation.Provide critical support to campaigns, from conception to implementation, with the ability to translate marketing plans into production-ready endeavours. Is it time for a Data Health Check?  Though Data & Analytics have played a big role in retail over the last few years, Marketing departments have often lagged a bit behind. However, they’re beginning to catch up. In 2018, a Dun & Bradstreet survey showed over 60 percent of B2B companies thought Data quality was extremely important. In 2019, the same rings true.  But, as things develop even further, here are a few things to consider in your Marketing Data ecosystems:  Updating your company’s customer Data health – Eliminate duplicate records, make sure customer information is accurate and up-to-date, and make sure your segmentations still make sense. Have decision makers for targeted campaigns changed or moved on? Are email addresses and phone numbers still valid? Keeping your customer Data up-to-date ensures you’re not analysing invalid Data.  Creating a more focused Data-Driven approach with Marketing ROI – Assess and evaluate spending and revenue with a lens on Marketing channel variety. What’s working? What isn’t? Where can you cut costs while increasing market-generated revenue?Micro-segmenting your targeting efforts – Go deeper in your targeted Marketing efforts. Narrow your Data parameters. The more layers you add, the more targeted you can focus your messaging, and the more likely you are to reach the best audience for your business.Utilising video Marketing – Much like boosting your resume with video, the same can be said for targeted Marketing campaigns. As a Campaign Analyst, you’ll need to work with departments across the business to create a unified Content Marketing Strategy and video remains a crucial format according to a LinkedIn study. And on that note… Pressing play on video The bland days of corporate speak, restrictive tone, and limited colour in video Marketing are a thing of the past. Video is now a crucial Marketing and engagement tool, providing the opportunity to engage with customers in almost real-time.   With this, customers feel heard and can help transform a product as well as gain trust in the business itself. From GDPR to fake news to Data breaches, it’s highly important for businesses to provide transparency in their interactions and video helps them do that.  By being transparent and acknowledging mistakes, business can both gain consumer trust and improve upon their mistakes.. In addition, customer’s no longer feel like voices in a canyon; they are part of the business and therefore more invested in the company’s success.  Additionally, this can expand your reach, allowing you discover what a broader range of customers think. If we want a recommendation for a good restaurant, a doctor, or some other place or service, we turn first to our friends. And in the era of social media, our friends are everywhere. What better way to reach out to your target audience than by video with authentic customer reviews and testimonials?  A well-developed strategy leads to happy customers and their goodwill is, ultimately, free Marketing.  If you’re looking for your next Campaign Analyst opportunity, we may have a role for you. Check out our latest roles or get in touch with one of our specialist consultants. 

RELATED Jobs

Salary

680000kr - 780000kr per annum + BENEFITS

Location

Stockholm

Description

Are you an experience regulatory expert looking for the next challenge? This opportunity offers you the chance to work with the best!

Salary

£70000 - £80000 per annum + Additional Benefits

Location

Edinburgh

Description

Your opportunity to join one of the largest retail banks in the UK, collaborating with your colleagues to define the way in Model Risk Management!

Salary

£35000 - £50000 per annum + competitive benefits package

Location

London

Description

One of the fastest growing boutique Credit Risk Consultants are on the lookout for Modelling talent!

Salary

£35000 - £50000 per annum + Competitive Benefits

Location

London

Description

Join a Predictive Modelling team focusing on Credit Risk Analytics including IRB Models and Scorecards (SAS, SQL)

recently viewed jobs