sb-as logo
Story image

AWS launches fully-managed fraud detection service

31 Jul 2020

Amazon Web Services (AWS) has launched a fully-managed fraud detection services that it believes can identify potential fraud activity in ‘milliseconds’.

The Amazon Fraud Detector uses machine learning and 20 years of fraud detection expertise to spot activities that could indicate potentially fraudulent online activities, such as identity and payment fraud.

AWS states that businesses lose billions of dollars to online fraud every year, however businesses respond by investing in cumbersome fraud management solutions that often rely on hand-coded rules and are difficult to keep up to date.

According to the company, Amazon Fraud Detector takes a different approach – businesses can choose a pre-built machine learning model template, upload historical event data, and create decision logic to assign outcomes to predictions. For example, if the machine model predicts a potential fraud activity, it can trigger an investigation.

Historical event data can include transactions, account registrations, loyalty points redemptions, etc. Customers upload this to Amazon Simple Storage Service (Amazon S3), where it is encrypted in transit and at rest and used to customise the model’s training. 

Customers only need to provide any two attributes associated with an event such as logins or new account creation, and can optionally add other data, such as billing addresses or phone numbers. 

Based upon the type of fraud customers want to predict, Amazon Fraud Detector will pre-process the data, select an algorithm, and train a model. The 20-year historical data from AWS can improve the accuracy of the trained model even if the number of fraudulent examples provided by a customer to Amazon Fraud Detector is low. 

Amazon Fraud Detector trains and deploys a model to a fully managed, private Application Programming Interface (API) endpoint. 

Customers can send new activity, such as signups or new purchases, to the API and receive a fraud risk response, which includes a precise fraud risk score.

Based on the report, a customer’s application can determine the right course of action (e.g. accept a purchase, or pass it to a human for review). 

“Customers of all sizes and across all industries have told us they spend a lot of time and effort trying to decrease the amount of fraud occurring on their websites and applications,” says AWS vice president of Amazon Machine Learning, Swami Sivasubramanian.

The company says it has made ‘significant investments’ over the past 20 years to combat fraudulent activity using sophisticated machine learning techniques that minimise customer friction, all while staying one step ahead of bad actors.

While Amazon stresses that no experience in machine learning is required to deploy Amazon Fraud Detector, developers with machine learning knowledge can customise the tool with a combination of machine learning models from the tool itself and Amazon SageMaker.

“We’re excited to bring customers Amazon Fraud Detector so they can automatically detect potential fraud, save time and money, and improve customer experiences—with no machine learning experience required,” concludes Sivasubramanian.

Amazon Fraud Detector is available today in Asia Pacific (Singapore), Asia Pacific (Sydney), US East (North Virginia), US East (Ohio), US West (Oregon), and EU (Ireland), with availability in additional regions in the coming months.

Story image
Forescout and Arista Networks embark on new Zero Trust security partnership venture
Forescout and Arista Networks have come together to deliver Zero Trust security and greater device visibility and enforcement across heterogeneous networks.More
Story image
Machine identities increasingly exploited, new research finds
Venafi, the provider of machine identity management, finds that malware attacks using machine identities doubled from 2018 to 2019, including high-profile campaigns such as: TrickBot, Skidmap, Kerberods and CryptoSink.More
Story image
80% of security breaches involve exposure of customer data - IBM
The new report from IBM indicates that 80% of surveyed organisations reported having exposed customers’ personally identifiable information (PII) as a result of a breach.More
Story image
OkCupid website and app found to have significant security flaws
The popular online dating service has been found to have several vulnerabilities which, if exploited, could put the private data of users in danger of being stolen.More
Story image
Just 6,000 accounts responsible for over 100,000 email attacks - report
Barracuda has today released a report detailing how 6,170 malicious accounts that use Gmail, AOL, and other email services were responsible for more than 100,000 business email compromise (BEC) attacks on nearly 6,600 organisations. More
Download image
Is your head in the sand? Only 60% of firms believe an email could trigger a cyber attack
Where would the world be without the humble email? It's an important tool - and a weapon.More