New service: AWS Fraud Detector

AWS Fraud Detector is one of the new kids on the block within Amazons machine learning portfolio. The service has been announced this week, during Andy Jassys keynote at re:Invent 2019 in Las Vegas. This is another intersting services which rounds off the security and AI portfolio AWS offers to their customers.

Less fraud means more revenue.

This relatively simple formula makes it obvious, that a proven and easy consumable fraud protection service will be of interest for various types of customers, i.e. financial services, retail, etc.. Simplifying fraud detection means also simplifying fraud prevention.
According to Andy Jassy this fully managed service is the result of “doing fraud detection for over 20 years” in their consumer business.

Key feature – in comparison to using Sagemaker itself – of this service is, that Amazon Fraud Detector will build the machine learning model for you, based on sent transactional data, like email addresses, IPs and/or phone numbers. The results of the model are then exposed via API.

Source: Amazon, Keynote Andy Jassy, re:Invent 2019

This eliminates the need to build a machine learning model on your own, for a “somewhat” standard problem.

Getting started

According to Amazon Website, you only need to take the following five steps to get started.

Step 1: Upload your historical fraud datasets to Amazon S3
Step 2: Select from pre-built fraud detection model templates
Step 3: The model template uses your historical data as input to build a custom model. The model template inspects and enriches data, performs feature engineering, selects algorithms, trains and tunes your model, and hosts the model
Step 4: Create rules to either accept, review or collect more information based on model predictions
Step 5: Call the Amazon Fraud Detector API from your online application to receive real-time fraud predictions and take action based on your configured detection rules. For example, an e-commerce application can send an email and IP address and receive a fraud score as well as the output from your rule (e.g., review)

The current limit is the availability of this service. The AWS Fraud Detector service is now available as a preview, only. Nonetheless, this is the Amazon standard procedure to roll out new services globally.
On the AWS Fraud Detector website, you can apply for this preview.

Currently, supported use cases are

• Online identity fraud
• Payment fraud for online orders
• New account fraud, within an account sign-up process
• Account takeover (when bad actors use stolen credentials to log in to a legitimate customer’s account)
• Promotion code abuse
• Seller performance evaluations in online marketplaces

The digital production platform security puzzle.

We at Alice&Bob.Company believe, that security by design must be an inherent characteristic of a product and a modern software building process.

According to the current standard, lots of different security ingredient are needed to mitigate security threats coming from different attack vectors.
It is a kind of security puzzle, that needs to be solved in a constantly changing world of cloud, container and microservices.

We at Alice&Bob.Company believe, this managed service will simplify fraud detection for a lot of customers. This will save money and lead to a higher level of security within digital production platforms.

Do you need help in implementing fraud detector or other security related AWS services? Please let us know and contact us!