The scammers and thieves who continually target the travel industry and cause billions of dollars every year in fraud have met a powerful new foe—machine-learning algorithms that are catching up to their best moves.
The $8.2-trillion travel-and-hospitality business is especially vulnerable to multiple forms of fraud. Thieves with stolen credit cards can buy tickets online or with mobile devices. Because these tickets are intangible and perishable, blocking the fakes is a race against time.
In 2018, travel and tourism was the third-most targeted industry by cybercriminals, after finance and retail, an IntSights study found. Airline and travel scams account for nearly half of all fraudulent transactions, Experian reports.
“In the travel space, fraud is easier because you can always be hiding behind a computer without having to deal with physical goods,” says Barj Duhra, ServiceNow platform owner for Virgin Trains.
Virgin Trains is a UK-based train operator that provides long-distance passenger rail service between six of the country’s biggest cities: London, Birmingham, Manchester, Liverpool, Glasgow, and Edinburgh. Facing an epidemic of ticket-refund fraud, the company began using fraud-detection software designed by ServiceNow and U.K.-based fraud-technology firm UP3. So far, Virgin Trains has slashed response time for refund requests and reduced the number of false positives—transactions wrongly flagged as fraudulent.
The new system helps managers decide whether to stop a claim, investigate it further, or proceed with claim processing, according to Duhra. “It has also freed up our fraud-compliance team to investigate many more cases.
Many industries are turning to machine learning to tackle fraud, which racked up an estimated $4 trillion in financial losses globally in 2018, according to the Association of Certified Fraud Examiners. In the insurance sector, machine learning is helping insurers determine if scammers are staging multiple car accidents; in healthcare, they can tell if a “doctor shopper” is getting opioids from numerous physicians; in retail, they can see if a hacker is phishing for data from online retail accounts.
Reducing false positives
Virgin Trains is a joint venture between the Virgin Group and the Stagecoach Group. It’s the biggest rail operator in the U.K, with 39 million passenger journeys a year. Virgin Trains riders file roughly 450,000 customer service claims a year, roughly 80% of which are requests for refunds due to delayed or canceled service.
Many of those claims are fraudulent. In a common scam, a thief will use a stolen credit card or other financial information to buy tickets and try to return them for a refund. Between 10% and 30% of the compensation Virgin Trains pays on complaints goes to fraudulent claims, analysts have found.
Virgin Trains can now weigh claims by assessing and scoring hundreds of data points about customer behavior
Virgin’s earlier fraud-detection software did not have the ability to scan transactions for typical red flags, such as unusually high numbers of refund requests from a single traveler. Analysts had to extract data and piece information together manually to determine fraud. Scammers’ tactics, meanwhile, were constantly changing.
False positives were another problem with the older tools. They would flag roughly 10% of legitimate transactions as fraudulent. In those cases, customers had to wait for weeks or months for their refunds.
With its new ML-driven fraud module, Virgin Trains can now weigh claims by assessing and scoring hundreds of data points about customer behavior, such as payment method, IP and home address, case history and more.
The system also detects “impossible journeys,” where a customer claimed to be on two different trains at the same time. It can also uncover linkages between payment types, email accounts and other data to bust sophisticated fraud rings. The information is displayed on a dashboard that provides a visualization of customer relationships.
“It shows not just one individual, but other people who may be linked,” Duhra says. “We call it a data explosion—it brings it all together with just one click.”
Faster refunds to frazzled customers
Because Virgin Trains is mandated by the U.K. government, it is required to respond to 95% of customer complaints within 20 business days. In the past, managers struggled to meet the deadline, but the new software has helped the company meet compliance goals consistently.
At the same time, the system has made its claims-processing workflow more efficient, slashing the time Virgin Train’s fraud team spends to reach complex case management decisions by 95%, down to 20 minutes on average.
The more data fed into the system, the smarter it becomes and the faster it can identify fraudsters, Duhra says. Individuals, organizations and domains tagged for fraud are added to the company’s “red list” and all future transactions associated with them are halted. This enables the company to move from detection to prevention. Customers who set off a fraud alert but are deemed false positives get placed on a “green list.”
The timely resolution of false positives might seem like a small improvement, but it’s one that can have a huge effect on a company’s long-term relationship with a customer.
“False positives cost six times more than fraud,” says Rodrigo Camacho, chief commercial officer of fraud-detection AI provider Nethone, citing industry studies. “When you have a false positive, you lose the entire lifetime value of that client.”
“Legitimate customers are making transactions all the time and want them to move very quickly,” he adds. “So you need to make your fraud prevention solution move just as quickly.”
Machine learning can also do a much better job at spotting false positives than other fraud-detection tools. “It takes our ability to understand data to a much higher level because of the computing power available to understand nuance,” says Don Fancher, U.S. national and global leader for Deloitte Forensic. “It creates a more efficient process because you’re not having to chase down all these false positives.”
Fraud ML gets smarter, as do scammers
Scam artists are constantly devising new ways to circumvent fraud detection. For example, mobile phone “spoofing,” or taking over access to the victim’s device, has soared in the last two years, according to the 2019 Forter Fraud Attack Index. Spoofing allows fraudsters to intercept text alerts and access codes, one of the most common forms of account authentication.
“A fraudster looks different all the time, so it’s going to look one way one month,” Camacho says. “The next month the technique changes, and now your algorithm is no longer properly set up.”
Thanks to the “learning” part, machine learning is ideally suited to keep up with evolving threats. But business leaders can’t become complacent and allow the models to grow out of their data.
“Once it’s running across systems there can be a perception that everything’s fine, but you can’t allow that,” Fancher says. “You’ve got to continually update your models.”
Virgin Trains seeks to improve its fraud-detection module by training it continually on growing volumes of data. Its algorithms now have 14 months of fraud data, almost 750,000 cases, to analyze. The company is also meeting with other train operators to share their experiences with fraud.
The goal isn’t simply to deter fraud and save money. Ultimately it’s about protecting the Virgin Trains brand and getting more legitimate customers on trains.