Amex is using its credit fraud AI detection for banking, but it's a process

When credit card giant AmEx began offering bank accounts for the first time last year, it had a foundation of fraud detection AI models to spot phony identities or dodgy banking transactions.

AmEx app on phone

AmEx's fraud models are designed to recognize odd behavior or activity that is not typical of a particular customer.

Photo: AmEx

When credit card giant American Express began offering bank accounts for the first time last year, it had a foundation of fraud detection to bring to an entirely new product arena. That meant in some cases, the company could port over AI and machine-learning models used to spot phony identities or dodgy transactions for its credit card products to its consumer and business checking accounts. But it’s been a process, and now, AmEx plans to invest in bringing additional AI techniques used to protect against credit card fraud to its banking products.

“We have models which run to detect whether it's you or whether somebody else is logging into your account. Very straightforwardly, we transferred it to the banking product,” said Abhinav Jain, vice president for Global Fraud Decision Science at AmEx, who is responsible for the company’s fraud detection models. “We had at least the technical side of the model ready to prevent this kind of fraud happening for a customer.”

The fraud models are designed to recognize odd behavior or suspicious patterns of activity that are not typical of a particular customer. After kicking off a business checking account product in October followed by a consumer-aimed checking account in February, AmEx’s models already are picking up on an emerging trend.

“Fraudsters show up very quickly once you launch a new financial product. And one of the patterns that we have seen starting to emerge very quickly is fraudsters attempting to take over a customer's profile and apply to open a checking account in their name – so, identity theft,” said Ana Palaghita, vice president and head of Banking Fraud and Deposit Risk at AmEx.

“This has been a typical pattern that I've seen just in the month and a half to two months that we've been in-market,” said Palaghita, who leads the company’s fraud strategy team and works closely with Jain’s data science and ML modeling group.

Business checking accounts are attracting their own distinct fraud patterns, Palaghita said. “On the business side, we've seen different patterns. We've seen more of the synthetic identity where fraudsters are attempting to open accounts with businesses that are either not real or they're just a front in an attempt to deposit fake checks and extract money that way.”

Some companies are using machine- and deep-learning models to detect fraudulent behavior by entities sanctioned by the U.S. Treasury Department in relation to the war in Ukraine. AmEx sources said they would not address the war in Ukraine or sanctioned entities in more general terms.

False positives and speedy data

The AmEx fraud detection models react and optimize automatically by adjusting how they weigh certain data points in the decision-making process, for instance.

“In the places we’re seeing more fraud, they will be more aggressive,” said Jain, explaining that the models self-calibrate by attributing higher probability of fraud to certain data elements that are reflective of other recent fraud. They might weigh more heavily particular geographic regions, currencies or types of products associated with attempted transactions, Jain said.

Fraudsters show up very quickly once you launch a new financial product.

Of course, without proper tuning, automated fraud detection systems can be overly sensitive, halting legitimate transactions and annoying customers in the process. However, if a transaction sets off a fraud alert, AmEx doesn’t necessarily stop the transaction right away. Sometimes the company puts transactions on hold, then sends a text or email alert to the customer asking whether they’ve made the purchase or taken the action in question. That information gets fed back into the fraud model to optimize it.

“As soon as we identify this was a false positive, that information also feeds back in real time to the model,” Jain said.

Indeed, financial services companies increasingly are reliant on real-time data and data processing to run fraud detection models. Not only do they need sophisticated machine learning to keep up with evolving fraud approaches, but they need speedy data processing on the back end to ingest fresh data inputs into fraud models and ensure those models recognize and react to quickly-morphing fraud patterns.

“Within milliseconds, we should be able to link that IP address, that email address, to the fraud database. If a second attempt comes from similar entities, we should be able to stop it,” Jain said.

A new crop of database startups is emerging to help financial institutions and other enterprises grab real-time data and make use of it immediately to update machine-learning models for things like ecommerce recommendations and dynamic pricing.

Because AmEx has fewer “silos and fences” separating the data and technology systems behind its product lines than other financial services companies, it has been able to more readily transfer machine-learning models for use across products than other companies have, said Palaghita, who worked in various roles at Capital One since 2007 before joining AmEx in 2021.

That capability “is not necessarily something that every financial institution can do so quickly and seamlessly,” she said.

AmEx is still in the process of porting fraud models used on its credit card side over to its banking side, Jain said. Up next: incorporating time series data for neural networks used to detect identity fraud or online account takeovers. “Getting the time series view helps the model further drill down into exactly what is fraud and what is not,” Jain said. “There are neural network algorithms that help us do that.”

In data used for more standard modeling, each transactional data point used to train a model is assessed individually as good or bad. Models that incorporate time series data consider history and context by viewing not only the current transaction, but a customer’s previous 10 or 20 transactions. For example, if a customer’s last few recent transactions happened at a mall, but soon after a transaction is attempted in a faraway location, a model looking at time series data would be able to detect it as fraudulent.

“We are investing heavily into those types of algorithms, and we've had really good success in the initial launches that we’ve had, and we want to expand that more and more to different types of fraud — and even start leveraging it much more,” Jain said

Every day, millions of us press the “order” button on our favorite coffee mobile application. When we arrive at the coffee shop, we expect that our chosen brew will be on the counter a few minutes later. It’s a personalized, seamless experience that we have all come to expect. What we don’t know is what’s happening behind the scenes. The mobile application is sourcing data from a database that stores information about each customer and what their favorite coffee drinks are. It is also leveraging event-streaming data in real time to ensure the ingredients for your personal coffee are in supply at your local store.

Applications like this power our daily lives, and if they can’t access massive amounts of data stored in a database as well as streaming data “in motion” instantaneously, you, and millions of customers, won’t have the in-the-moment experiences we all expect.

Keep Reading Show less
Jennifer Goforth Gregory
Jennifer Goforth Gregory has worked in the B2B technology industry for over 20 years. As a freelance writer she writes for top technology brands, including IBM, HPE, Adobe, AT&T, Verizon, Epson, Oracle, Intel and Square. She specializes in a wide range of technology, such as AI, IoT, cloud, cybersecurity, and CX. Jennifer also wrote a bestselling book The Freelance Content Marketing Writer to help other writers launch a high earning freelance business.

How the internet got privatized and how the government could fix it

Author Ben Tarnoff discusses municipal broadband, Web3 and why closing the “digital divide” isn’t enough.

The Biden administration’s Internet for All initiative, which kicked off in May, will roll out grant programs to expand and improve broadband infrastructure, teach digital skills and improve internet access for “everyone in America by the end of the decade.”

Decisions about who is eligible for these grants will be made based on the Federal Communications Commission’s broken, outdated and incorrect broadband maps — maps the FCC plans to update only after funding has been allocated. Inaccurate broadband maps are just one of many barriers to getting everyone in the country successfully online. Internet service providers that use government funds to connect rural and low-income areas have historically provided those regions with slow speeds and poor service, forcing community residents to find reliable internet outside of their homes.

Keep Reading Show less
Aditi Mukund
Aditi Mukund is Protocol’s Data Analyst. Prior to joining Protocol, she was an analyst at The Daily Beast and NPR where she wrangled data into actionable insights for editorial, audience, commerce, subscription, and product teams. She holds a B.S in Cognitive Science, Human Computer Interaction from The University of California, San Diego.

How I decided to exit my startup’s original business

Bluevine got its start in factoring invoices for small businesses. CEO Eyal Lifshitz explains why it dropped that business in favor of “end-to-end banking.”

"[I]t was a realization that we can't be successful at both at the same time: You've got to choose."

Photo: Bluevine

Click banner image for more How I decided series

Bluevine got its start in fintech by offering a modern version of invoice factoring, the centuries-old practice where businesses sell off their accounts receivable for up-front cash. It’s raised $767 million in venture capital since its founding in 2013 by serving small businesses. But along the way, it realized it was better to focus on the checking accounts and lines of credit it provided customers than its original product. It now manages some $500 million in checking-account deposits.

Keep Reading Show less
Ryan Deffenbaugh
Ryan Deffenbaugh is a reporter at Protocol focused on fintech. Before joining Protocol, he reported on New York's technology industry for Crain's New York Business. He is based in New York and can be reached at rdeffenbaugh@protocol.com.

The Roe decision could change how advertisers use location data

Over the years, the digital ad industry has been resistant to restricting use of location data. But that may be changing.

Over the years, the digital ad industry has been resistant to restrictions on the use of location data. But that may be changing.

Illustration: Christopher T. Fong/Protocol

When the Supreme Court overturned Roe v. Wade on Friday, the likelihood for location data to be used against people suddenly shifted from a mostly hypothetical scenario to a realistic threat. Although location data has a variety of purposes — from helping municipalities assess how people move around cities to giving reliable driving directions — it’s the voracious appetite of digital advertisers for location information that has fueled the creation and growth of a sector selling data showing who visited specific points on the map, when, what places they came from and where they went afterwards.

Over the years, the digital ad industry has been resistant to restrictions on the use of location data. But that may be changing. The overturning of Roe not only puts the wide availability of location data for advertising in the spotlight, it could serve as a turning point compelling the digital ad industry to take action to limit data associated with sensitive places before the government does.

Keep Reading Show less
Kate Kaye

Kate Kaye is an award-winning multimedia reporter digging deep and telling print, digital and audio stories. She covers AI and data for Protocol. Her reporting on AI and tech ethics issues has been published in OneZero, Fast Company, MIT Technology Review, CityLab, Ad Age and Digiday and heard on NPR. Kate is the creator of RedTailMedia.org and is the author of "Campaign '08: A Turning Point for Digital Media," a book about how the 2008 presidential campaigns used digital media and data.

Latest Stories