According to Ernst and Young, $8.2 billion a year is lost to the marketing, advertising, and media industries through fraudulent impressions, infringed content, and malvertising.
The combination of fake news, trolls, bots and money laundering is skewing the value of information and could be hurting your business.
By using graph technology and the data you already have on hand, you can discover fraud through detectable patterns and stop their actions.
We collaborated with Sungpack Hong, Director of Research and Advanced Development at Oracle Labs to demonstrate five examples of real problems and how graph technology and data are being used to combat them.
But first, a refresher on graph technology.
What Is Graph Technology?
With a graph technology, the basic premise is that you store, manage and query data in the form of a graph. Your entities become vertices (as illustrated by the red dots). Your relationships become edges (as represented by the red lines).
By analyzing these fine-grained relationships, you can use graph analysis to detect anomalies with queries and algorithms. We’ll talk about these anomalies later in the article.
The major benefit of graph databases is that they’re naturally indexed by relationships, which provides faster access to data (as compared with a relational database). You can also add data without doing a lot of modeling in advance. These features make graph technology particularly useful for anomaly detection—which is mainly what we’ll be covering in this article for our fraud detection use cases.
How to Find Anomalies with Graph Technology
If you take a look at Gartner’s 5 Layers of Fraud Protection, you can see that they break the analysis to discover fraud into two categories:
- Discrete data analysis where you evaluate individual users, actions, and accounts
- Connected analysis where relationships and integrated behaviors facilitate the fraud
It’s this second category based on connections, patterns, and behaviors that can really benefit from graph modeling and analysis.
Through connected analysis and graph technology, you would:
- Combine and correlate enterprise information
- Model the results as a connected graph
- Apply link and social network analysis for discovery
Now we’ll discuss examples of ways companies can apply this to solve real business problems.
Fraud Detection Use Case #1: Finding Bot Accounts in Social Networks
In the world of social media, marketers want to see what they can discover from trends. For example:
- If I’m selling this specific brand of shoes, how popular will they be? What are the trends in shoes?
- If I compare this brand with a competing brand, how do the results mirror actual public opinion?
- On social media, are people saying positive or negative things about me? About my competitors?
Of course, all of this information can be incredibly valuable. At the same time, it can mean nothing if it’s all inaccurate and skewed by how much other companies are willing to pay for bots.
In this case, we worked with Oracle Marketing Cloud to ensure the information they’re delivering to advertisers is as accurate as possible. We sought to find the fake bot accounts that are distorting popularity.
As an example, there are bots that retweet certain target accounts to make them look more popular.
To determine which accounts are “real,” we created a graph between accounts with retweet counts as the edge weights to see how many times these accounts are retweeting their neighboring accounts. We found that the unnaturally popularized accounts exhibit different characteristics from naturally popular accounts.
Here is the pattern for a naturally popular account:
And here is the pattern for an unnaturally popular account:
When these accounts are all analyzed, there are certain accounts that have obviously unnatural deviation. And by using graphs and relationships, we can find even more bots by:
- Finding accounts with a high retweet count
- Inspecting how other accounts are retweeting them
- Finding the accounts that also get retweets from only these bots
Fraud Detection Use Case #2: Identifying Sock Puppets in Social Media
In this case, we used graph technology to identify sockpuppet accounts (online identity used for purposes of deception or in this case, different accounts posting the same set of messages) that were working to make certain topics or keywords look more important by making it seem as though they’re trending.
To discover the bots, we had to augment the graph from Use Case #1. Here we:
- Added edges between the authors with the same messages
- Counted the number of repeated messaged and filtered to discount accidental unison
- Applied heuristics to avoid n2 edge generation per same message
Because we found that the messages were always the same, we were able to take that and create subgraphs using those edges and apply a connected components algorithm.
As a result of all of the analysis that we ran on a small sampling, we discovered that what we thought were the most popular brands actually weren’t—our original list had been distorted by bots.
See the image below – the “new” most popular brands barely even appear on the “old” most popular brands list. But they are a much truer reflection of what’s actually popular. This is the information you need.
After one month, we revisited the identified bot accounts just to see what had happened to them. We discovered:
- 89% were suspended
- 2.2% were deleted
- 8.8% were still serving as bots
Fraud Detection Use Case #3: Circular Payment
A common pattern in financial crimes, a circular money transfer essentially involves a criminal sending money to himself or herself—but hides it as a valid transfer between “normal” accounts. These “normal” accounts are actually fake accounts. They typically share certain information because they are generated from stolen identities (email addresses, addresses, etc.), and it’s this related information that makes graph analysis such a good fit to discover them.
For this use case, you can use graph representation by creating a graph from transitions between entities as well as entities that share some information, including the email addresses, passwords, addresses, and more. Once we create a graph out of it, all we have to do is write a simple query and run it to find all customers with accounts that have similar information, and of course who is sending money to each other.
Fraud Detection Use Case #4: VAT Fraud Detection
Because Europe has so many borders with different rules about who pays tax to which country when products are crossing borders, VAT (Value Added Tax) fraud detection can get very complicated.
In most cases, the importer should pay the VAT and if the products are exported to other countries, the exporter should receive a refund. But when there are other companies in between, deliberately obfuscating the process, it can get very complicated. The importing company delays paying the tax for weeks and months. The companies in the middle are paper companies. Eventually, the importing company vanishes and that company doesn’t pay VAT but is still able to get payment from the exporting company.
This can be very difficult to decipher—but not with graph analysis. You can easily create a graph by transactions; who are the resellers and who is creating the companies?
In this real-life analysis, Oracle Practice Manager Wojciech Wcislo looked at the flow and how the flow works to identify suspicious companies. He then used an algorithm in Oracle Spatial and Graph to identify the middle man.
The graph view of VAT fraud detection:
A more complex view:
In that case, you would:
- Identify importers and exporters via simple query
- Aggregate of VAT invoice items as edge weights
- Run Fattest Path Algorithm
And you will discover common “Middle Man” nodes where the flows are aggregated
Fraud Detection Use Case #5: Money Laundering and Financial Fraud
Conceptually, money laundering is pretty simple. Dirty money is passed around to blend it with legitimate funds and then turned into hard assets. This was the kind of process discovered in the Panama Papers analysis.
These tax evasion schemes often rely on false resellers and brokers who are able to apply for tax refunds to avoid payment.
But graphs and graph databases provide relationship models. They let you apply pattern recognition, classification, statistical analysis, and machine learning to these models, which enables more efficient analysis at scale against massive amounts of data.
In this use case, we’ll look more specifically at Case Correlation. In this case, whenever there are transactions that regulations dictate are suspicious, those transactions get a closer look from human investigators. The goal here is to avoid inspecting each individual activity separately but rather, group these suspicious activities together through pre-known connections.
To find these correlations through a graph-based approach, we implemented this flow through general graph machines, using pattern matching query (path finding) and connected component graph algorithm (with filters).
Through this method, this company didn’t have to create their own custom case correlation engine because they could use graph technology, which has improved flexibility. This flexibility is important because different countries have different rules.
In today’s world, the scammers are getting ever more inventive. But the technology is too. Graph technology is an excellent way to discover the truth in data, and it is a tool that’s rapidly becoming more popular. If you’d like to learn more, you can find white papers, software downloads, documentation and more on Oracle’s Big Data Spatial and Graph pages.
And if you’re ready to get started with exploring your data now, we offer a free guided trial that enables you to build and experiment with your own data lake.
The open-source collaborative effort dedicated to advancing blockchain technology has announced that a new bug bounty program is now open. The program is based off of a private bug bounty the organization has been running for the last six months with HackerOne. HackerOne will continue to lead the public bounty.
Currently, the bounty will solely be focused on Hyperledger Fabric, but the team has plans to add Sawtooth and other projects in the future.
“Security is always an ongoing process of improvement. Thanks to the commitment and professionalism and general good cheer of the Hyperledger community, we have made great strides in the last year. Now with our public bug bounty, we hope to further make good on the open source promise and to deserve the trust our users have in us,” Dave Huseby, Hyperledger Security Maven, wrote in a post.
Facebook reveals GDPR efforts
Coming off the heels of the Cambridge Analytica fallout, Facebook is introducing new privacy experiences for its users. The company says this is part of its effort to comply with the upcoming EU’s General Data Protection Regulation that goes into effect next month.
As part of its new experiences, Facebook will ask users about ads based on data from partners, information in their profile, and face recognition technology. The company will also ask people to agree to its updated terms of service and data policy as well as introduce new tools to access, delete and download information.
“We’re not asking for new rights to collect, use or share your data on Facebook, and we continue to commit that we do not sell information about you to advertisers or other partners. While the substance of our data policy is the same globally, people in the EU will see specific details relevant only to people who live there, like how to contact our Data Protection Officer under GDPR. We want to be clear that there is nothing different about the controls and protections we offer around the world,” the team wrote.
Safe Browsing comes to Android WebView
In an effort to protect users from phishing, malware attacks and other threats, Google has announced Google Play Protect is bringing Safe Browsing to WebView by default. This will go into effect this month with the release of WebView 66.
“Developers of Android apps using WebView no longer have to make any changes to benefit from this protection. Safe Browsing in WebView has been available since Android 8.0 (API level 26), using the same underlying technology as Chrome on Android. When Safe Browsing is triggered, the app will present a warning and receive a network error. Apps built for API level 27 and above can customize this behavior with new APIs for Safe Browsing,” Nate Fischer, software engineer for Google, wrote in a post.
Blazor 0.2.0 released
Microsoft’s experimental web UI framework Blazor is getting a number of new improvements and features in its latest release. Blazor 0.2.0 features the ability to build reusable component libraries, improved syntax for event handling and data binding, the ability to build on save in Visual Studio, conditional attributes and HttpClient improvements.
Since the company launched Blazor a few weeks ago, it says developers have started to use the tool to build real world web apps, integrate it with Raspberry Pi, and perform debugging services.
More information is available here.
This is one of the most important topics for the Martial Citizen today. Recognizing the ability to twist and malign information to fit a certain agenda is the new norm in “News”. Please, Stay truly Informed and Don’t be Fooled!
“What happens when anyone can make it appear as if anything has happened, regardless of whether or not it did?” technologist Aviv Ovadya warns.
In mid-2016, Aviv Ovadya realized there was something fundamentally wrong with the internet — so wrong that he abandoned his work and sounded an alarm. A few weeks before the 2016 election, he presented his concerns to technologists in San Francisco’s Bay Area and warned of an impending crisis of misinformation in a presentation he titled “Infocalypse.”
The web and the information ecosystem that had developed around it was wildly unhealthy, Ovadya argued. The incentives that governed its biggest platforms were calibrated to reward information that was often misleading and polarizing, or both. Platforms like Facebook, Twitter, and Google prioritized clicks, shares, ads, and money over quality of information, and Ovadya couldn’t shake the feeling that it was all building toward something bad — a kind of critical threshold of addictive and toxic misinformation. The presentation was largely ignored by employees from the Big Tech platforms — including a few from Facebook who would later go on to drive the company’s News-Feed integrity effort.
Read the Remainder at Buzz Feed News
India needs to be relevant in the new world, where Artificial Intelligence (AI) is going to play a central role.
There has been a lot of discussion around how Google, WhatsApp (Facebook), and Amazon are aggressively entering the Indian tech landscape. Is what they are doing ‘capital dumping’, where they pour money into their India operations and in the process wipe out homegrown startups that simply don’t have that kind of capital?
And, what about our data?
Data is the new oil, and are we simply allowing them to plunder our precious resource – in this case data around the user behaviour of our own citizens – and run away with it? Didn’t China create its fabled tech ecosystem by blocking western tech imperialism? We have been an open society so far, should we re-evaluate that?
These are fair questions and the answers to them are not that obvious. The right way to approach this conundrum is to ask ourselves, what is it that we hope to achieve? What is our objective?
The objective is simple. India needs to be relevant in the new world, where Artificial Intelligence (AI) is going to play a central role. This will not only be in core technology, but everywhere technology is used. Which means, in practically every aspect of our lives.
From home security cameras, to how your smartphone interprets your voice to healthcare diagnosis, to cyber warfare and security, AI will be everywhere before you know it.
Not being a player in AI means being irrelevant in technology
China recognises this, and has set itself the goal of becoming a world leader in AI and add $150 billion to its economy by 2030. And it’s well on its way to achieve the same.
It also turns out, that in order to build AI systems, one needs data. Lots of it. And in the next coming decades, the country which will be generating mountains of data is India. As smartphone penetration tears through the roof, India will likely have twice as many smartphones as US by 2020. But where is this data captured?
Therein lies the catch. All of this data is whizzing its way, outside India, to the data centres and AI/ML models of Google, Facebook (which owns WhatsApp) and Amazon. Where it is being accessed and crunched by top-notch engineering talent in their AI research teams and research labs.
In addition to US, Google has opened AI research labs in Toronto, Montreal, Paris, London and Beijing. Notice, India is not in that list.
These AI labs are breeding grounds for talent and they are the seeds from which sprout new ideas, entrepreneurs, and the next big innovations in the tech economy.
In order to achieve the objective of being an AI powerhouse, India needs to have world-class AI labs. The companies in the best position to open such centres of excellence are Google, Facebook, and Amazon themselves. So, just barring them from operating in the country accomplishes little.
Under normal circumstances, with a fully unencumbered flow of data, these giants will gather their data in India, and harness the power of data wherever their top talent teams are. This is to be expected from normal, shareholder value maximising, public companies.
We need to enact practical policies that will result in Google and Co. investing in creating AI research labs in India. Let’s look at what some of those policies can be:
- Data generated in India should remain geographically in India: This means Indian data will need to be hosted in data centres residing in India and cannot be freely transferred outside.
- Data manipulation is done within India: This will require engineering talent to be resident in India that develops core technologies on top of the data repository.
- Derived intelligence can be shared: This will enable the learning from the data to be shared globally and included in the next-gen products. This is a necessary incentive for companies to invest in research within India as it will make the global products better.
- Drive government spending to spur AI research: This can be in the form of sponsored research in colleges and as contracts to private companies.
From an enforcement point of view, the government should rely less on policing but more on honourable conduct of companies to follow the law around data. Just like tax compliance, these can be periodically audited but the expectation is everyone follows the law.
Providing restrictions on entry or doing business in India for any of these companies is counter-productive. The big valley giants have spent billions in developing their infrastructure, people and processes. When they enter India, their best practices enter with them too.
Consider Amazon in ecommerce. We cannot underestimate the massive impact entry of Amazon has made to the SMB ecosystem in India. By introducing competition, it has made all existing players more aggressive in their offerings and by bringing its years of experience and best practices to India, Amazon is making the entire SMB supply chain more transparent, trustworthy, and productive. This ultimately benefits everyone in the ecosystem.
Not only does it increase revenues for an SMB, but it also encourages more honest and hardworking people to join the marketplace and start selling online, ultimately driving employment.
Yes, Flipkart has also had a positive impact on the SMBs, but there is no denying that the scale and scope of ecommerce has greatly increased with Amazon entering the fray. You don’t hear of bricks being shipped instead of phones anymore, and that makes for a more professional SMB.
Similarly, Uber and Ola together have transformed urban transport, yet the pace of innovation would have been a lot slower, investment a lot lesser, and total employment smaller, had we restricted the entry of Uber.
India’s objective should be to be a key player in the world of AI, that is built on the foundation of a data-rich economy. And invite the best and brightest in the world to invest in it. Making prudent policies that are fair, non-discriminatory and practical, around how data generated inside India is used, are central to that effort. The time to act is now.
(Disclaimer: The views and opinions expressed in this article are those of the author and do not necessarily reflect the views of YourStory.)
The online campaign to influence the 2016 U.S. presidential election is a prelude to a dark future where data will become weaponized by hostile states, unless regulators and consumers push back, says the author of a new book on how to fix the crisis of trust in Silicon Valley.
“There will be major international crises and probably wars built around data,” Andrew Keen says. “There will be a hot data war at some point in the future.”
An internet entrepreneur turned cultural commentator, Mr. Keen was considered a heretic in 2007 when he wrote The Cult of the Amateur, which skewered the unbridled optimism fuelling the early days of Web 2.0 – the shift from static websites to platforms focused on user-generated content.
Story continues below advertisement
Far from democratizing the web, Mr. Keen warned a decade ago that sites such as Facebook and YouTube were undermining traditional media outlets, cannibalizing revenues from professional content creators, and allowing anonymous trolls to post content unconstrained by professional standards that could manipulate public opinion and “reinvent” the truth.
Now as tech giants including Facebook, Twitter and PayPal confront revelations contained in U.S. special counsel Robert Mueller’s indictment that they were the platforms of choice for Russian agents using stolen data to interfere in the U.S. presidential election, those early warnings have become the consensus opinion.
Today there is so much agreement about the harmful effects of technology that Mr. Keen says he’s wants to stop writing about what’s wrong with the internet and start focusing on how to fix it.
The heart of the issue, he argues in his latest book How to Fix the Future, lies in today’s big data economy, where tech companies give away their products for free in exchange for consumer information that advertisers use to create highly targeted messages. It’s a business model built on mass surveillance, with personal data becoming the economy’s most valuable commodity.
And as that data become ever-more important to state-to-state relations, Mr. Keen says we’re only one major hacking event away from a digital world war.
“We still haven’t had an Exxon Valdez or a Chernobyl on data,” he said in an interview days before a U.S. federal grand jury indicted three Russian companies and 13 of their online operatives for a wide-ranging and well-funded online campaign to sow political discord during the 2016 election in support of Donald Trump. “I think there will be some major hacking event in the not-too-distant future which may involve a foreign power that will wake people up to this.”
Yet such a dystopian a future is far from inevitable, he says. The internet’s early optimism, the belief that technology would save the world, was misguided. But so is today’s digital determinism, which says that humans are powerless against algorithms, smart machines and cyberwarfare campaigns of hostile foreign governments.
Story continues below advertisement
Story continues below advertisement
To fix the future, Mr. Keen argues, we should look to the past. The social and economic upheaval caused by Industrial Revolution was tamed through a combination of labour strikes, government regulations that improved working conditions, the advent of a social safety net and the adoption of public schools. Mr. Keen believes the most damaging effects of today’s digital revolution can be similarly managed through a combination of regulation, innovation, consumer and worker demands and education.
History lessons are particularly crucial for Silicon Valley’s forward-looking tech titans. Mr. Keen points to the U.S. automotive industry, whose global dominance was undermined by safety and reliability issues until it eventually lost ground to innovative companies in Europe and Asia.
“It’s very important for Silicon Valley to wake up and recognize that there’s no guarantee that they’ll be dominant in 10 or 20 years,” he said.
In Mr. Keen’s vision of the war for the future, the villains are China and Russia, which are using online platforms to create surveillance states that undermine trust between citizens and their government.
The heroes are countries such as Estonia, which is creating a digital ID system for its citizens – one that alerts them each time a government agency accesses their data. The country also launched an “e-residency” program that gives foreign entrepreneurs access to the country’s financial institutions. In the Estonian model, he says, building online trust means replacing anonymity and privacy with a system of open and transparent state surveillance.
Regulation will become increasingly important to reining in big tech, he says. But the U.S., with its chaotic political system and laws that shield social media companies from liability for content posted on their platforms, is ill-equipped to lead the push for reform.
Story continues below advertisement
Canadian regulators have likewise taken a largely hands-off approach to social media companies, though earlier this month Bank of Canada deputy governor Carolyn Wilkins called for tougher regulation of tech firms, given their growing power and control over vast troves of personal data.
“Access to and control of user data could make some firms virtually unassailable,” she said.
Facebook also launched a “Canadian Election Integrity” project last year to head off concerns over how its platform could be used to undermine the 2019 Canadian federal election.
But Mr. Keen expects European regulators to carry the fight, particularly European Commissioner for Competition Margrethe Vestager. “She’s the only one willing to take on Apple and force them to pay their taxes,” he says. “She’s the only one who is really looking critically [at] Google.”
Just as the U.S. government’s antitrust case against Microsoft in the 1990s loosened the company’s stranglehold on desktop computing and paved the way for startups such as Google and Facebook, Mr. Keen believes the multibillion-dollar fines Ms. Vestager has slapped on Silicon Valley giants are intended to foster innovation by preventing the big tech companies from using their global dominance to squash smaller competitors.
The most significant reforms will come this May, when the European Union launches the General Data Protection Regulation. The aggressive internet-privacy reforms will, among other things, give users the “right to be forgotten” by allowing consumers to delete the personal data that private companies hold about them.
While critics, including Mr. Keen, say the rules unintentionally favour companies large enough to afford to comply, he still sees the regulations as a good start. “The important thing is that they are beginning to pass some laws around data and the protection of consumer data,” he said.
Mr. Keen won’t predict how long it will be before Silicon Valley is forced to make meaningful changes to adapt to consumer and government pressure. But just as technology changes quickly, so can society’s attitude toward it. Or as one venture capitalist in the book describes the process of social and economic disruption: “it’s nothing, nothing, nothing – and then something dramatic.”
UN Secretary-General António Guterres on Monday called for the creation of a regulatory body charged with fighting electronic warfare campaigns that target civilians
While speaking at his alma mater, the University of Lisbon, the UN chief said a global set of rules that would help protect civilians from disinformation campaigns – many of which have revolutionized the way interested parties weaponise information through the use of the internet and social media networks.
State-sponsored computer hackers, including “Fancy Bear” and “Cozy Bear” – both controlled by Russia’s intelligence services, have disrupted multinational firms and public services, as well as political campaigns, and most recently the opening ceremonies of the ongoing Pyeongchang Winter Olympic Games.
“Episodes of cyber warfare between states already exist. What is worse is that there is no regulatory scheme for that type of warfare. It is not clear how the Geneva Convention or international humanitarian law applies in these cases,” Guterres said while speaking at the University of Lisbon. “I am absolutely convinced that unlike the great battles of the past, which opened with a barrage of artillery or aerial bombardment, the next major war will begin with a massive cyber attack to destroy military capacity and to paralyse basic infrastructure, including electric networks.”
Cyber-warfare has moved to the forefront of military planning over the last decade. Russia’s GRU military intelligence unit successfully tested its ability to disrupt public services in Estonia and Georgia more than a decade ago, Western military planners have scrambled to counter the advances that Moscow has made in developing advanced cyber-warfare strategies.
NATO is in the process of cyberwar principles that will act as a strategic framework for guiding the alliance’s force reaction in the event of a crippling cyber attack to its command structure or the deployment of cyberweapons against one of the alliance allies. NATO command hopes to have a broad plan in place by 2019, but questions remain as the US administration under Donald Trump had continued with its lukewarm embrace of the 68-year-old North Atlantic Alliance.
During his speech in Lisbon, Gutteres offered to use the UN as a platform for scientists, programmers, and government representatives to develop rules that would help minimise the amount of access certain agents of war would have when trying to make contact with unwitting civilians.
Guterres said he believed it possible for leading computer specialists and like-minded lawmakers to created a set of rules that would “guarantee the more humane character” of a conflict involving information technology and help preserve cyberspace as “an instrument in the service of good”, but warned that time was not on their side as technological advances far outpace the traditional methods of working out universally accepted rules that include the Geneva Conventions of 1864-1949.