Row of piggy banks
Photo: OsakaWayne Studios via Getty Images

How AmEx tackled banking fraud

Protocol Enterprise

Hello and welcome to Protocol Enterprise! Today: how clever data planning — and a few tweaks — allowed AmEx to repurpose its credit card fraud detection for banking, the possible end of the SaaS bear market, and this week in enterprise tech moves.

Shaded fraud

When credit card giant American Express began offering bank accounts for the first time last year, it had a foundation of fraud detection to bring to an entirely new product arena. That meant in some cases, the company could port over AI and machine-learning models used to spot phony identities or dodgy transactions for its credit card products to its consumer and business checking accounts.

But it’s been a process, and now, AmEx plans to invest in bringing additional AI techniques used to protect against credit card fraud to its banking products.

  • “We have models which run to detect whether it's you or whether somebody else is logging into your account. Very straightforwardly, we transferred it to the banking product,” said Abhinav Jain, vice president for Global Fraud Decision Science at AmEx, who is responsible for the company’s fraud detection models.
  • “We had at least the technical side of the model ready to prevent this kind of fraud happening for a customer.”
  • The fraud models are designed to recognize odd behavior or suspicious patterns of activity that are not typical of a particular customer.
  • After kicking off a business checking account product in October followed by a consumer-aimed checking account in February, AmEx’s models already are picking up on an emerging trend.

The AmEx fraud detection models react and optimize automatically by adjusting how they weigh certain data points in the decision-making process, for instance.

  • “In the places we’re seeing more fraud, they will be more aggressive,” said Jain, explaining that the models self-calibrate by attributing higher probability of fraud to certain data elements that are reflective of other recent fraud.
  • They might weigh more heavily particular geographic regions, currencies or types of products associated with attempted transactions, Jain said.
  • Of course, without proper tuning, automated fraud detection systems can be overly sensitive, halting legitimate transactions and annoying customers in the process.
  • Sometimes the company puts transactions on hold, then sends a text or email alert to the customer asking whether they’ve made the purchase or taken the action in question.

Financial services companies are increasingly reliant on real-time data and data processing to run fraud detection models.

  • Not only do they need sophisticated machine learning to keep up with evolving fraud approaches, but they need speedy data processing on the back end to ingest fresh data inputs into fraud models and ensure those models recognize and react to quickly morphing fraud patterns.
  • “Within milliseconds, we should be able to link that IP address, that email address, to the fraud database. If a second attempt comes from similar entities, we should be able to stop it,” Jain said.
  • Because AmEx has fewer “silos and fences” separating the data and technology systems behind its product lines than other financial services companies, it has been able to more readily transfer machine-learning models for use across products than other companies have, said Ana Palaghita, vice president and head of Banking Fraud and Deposit Risk at AmEx, who worked in various roles at Capital One since 2007 before joining AmEx in 2021.

AmEx is still in the process of porting fraud models used on its credit card side over to its banking side, Jain said. Up next: incorporating time series data for neural networks used to detect identity fraud or online account takeovers.

  • “We are investing heavily into those types of algorithms, and we've had really good success in the initial launches that we’ve had, and we want to expand that more and more to different types of fraud — and even start leveraging it much more,” Jain said.
— Kate Kaye (email | twitter)

A MESSAGE FROM VERSAPAY

A resounding 96% of respondents claimed that there is work to do in digitizing their AR departments, yet 60% agreed that their AR departments haven’t been prioritized as much as other departments for digitization. At a time when the importance of securing cash flow is higher than ever, many businesses are not putting enough focus on it.

Learn more

Enterprise moves

Over the past week, Zoom added a new C-suite member; Microsoft lost senior talent in sales and engineering; and Sumo Logic poached talent from Cisco and Oracle. Here’s what else happened with the people of enterprise tech.

Matthew Saxon is Zoom’s new chief people officer. Saxon was previously VP of People Operations for Meta.

Teresa Carlson re-joined Microsoft as a corporate vice president. Carlson was formerly public sector chief at AWS, chief growth officer at Splunk and a VP at Microsoft.

Leendert van Doorn is now SVP of Technology at Qualcomm. Van Doorn was previously at Microsoft where he drove Azure’s ARM server strategy and was at AMD prior to that.

Rodney Clark joined Johnson Controls as VP and chief commercial officer. Clark formerly oversaw Microsoft’s partner network and worked at the company for more than two decades.

Zakir Ahmed joined Sumo Logic as managing director of APAC. Ahmed formerly held leadership roles at Oracle NetSuite and the Canada, Asia Pacific and New Zealand regions of Salesforce.

Steve Doyle also joined Sumo Logic as SVP of Global Sales Strategy and Operations. Doyle was previously at Cisco for 16 years, where he led sales and strategy initiatives.

Saeed Raja is now a VP at ScaleFlux. Raja joins the company from Micron Technology, where he was senior director of Product Management for emerging memory products.

— Aisha Counts (email | twitter)

Around the enterprise

Attack detection firm Cybereason confirmed layoffs affecting 100 employees, or about 10% of its staff, citing its inability to go public in the near term as the driver for its layoffs.

Okta beat Wall Street expectations for its last quarter and raised its guidance, shrugging off any fallout from its security incident earlier this year.

UiPath also reported earnings above expectations along with an increase in guidance, in what financial watchers thought might be the end of the plunge in SaaS stocks so far this year.

Google Cloud expanded an existing partnership with HPE to re-sell HPE GreenLake to Google customers looking for an on-premises hybrid cloud management tool.

A MESSAGE FROM VERSAPAY

A resounding 96% of respondents claimed that there is work to do in digitizing their AR departments, yet 60% agreed that their AR departments haven’t been prioritized as much as other departments for digitization. At a time when the importance of securing cash flow is higher than ever, many businesses are not putting enough focus on it.

Learn more

Thanks for reading — see you tomorrow!

Recent Issues

The SEC vs. CISA