The Implications of the Amazon Fraud Detector

Over the past 4 years, I have been exclusively operating on AWS as my cloud computing platform. AWS offers so many products, what I have used is a small portion. However, what never has stopped impressing me is each of these products I use is constantly getting improved. AWS also has established a mature eco-system, new offerings are taking advantage of the platform as a whole to greatly reduce customer's learning curves.

Sweet Spot of Amazon Fraud Detector

Today, at AWS Summit USA and Canada, I have learned about Amazon Fraud Detector. As a fraud prevention professional who has 1) evaluated various fraud solution vendors and 2) attempted to build a generic fraud solution offering to serve others, a product from AWS excites me, because:

Many businesses not only have built their main customer-facing products on AWS, but their Data Warehouse as well. A fraud product requires essentially data warehouse to build fraud models and rules, and runtime to serve the solution. These businesses already have both on AWS, it's much easier to naturally use Fraud Detector than investing on integration and transporting data to a 3rd party fraud vendor.

For existing AWS customers, they already have invested in learning AWS and how to best utilize all the products and infrastructure. For example, Fraud Detector will use IAM for access control; will likely use CloudWatch for operational logs; will hopefully run the detector in Lambda. So customers' existing tooling and investment will be retained, thus, lower cost to adopt.

When we worked with fraud vendors, we compared vendors with in-house fraud solutions for pros and cons. The biggest selling point, in my mind, from a vendor was so-called "network effect". The in-house solution might be technologically more advanced, but we only got to see fraud patterns we had seen; vendors, on the other hand, would work with multiple clients, and had access to much broader fraud patterns and data sets. Amazon Fraud Detector claims that they will augment the customer training features with insight gained from Amazon.com fraud fighting. If this is true, it's going to be a huge lift compared to in-house efforts.

Random Thoughts

Fraud Templates

The preview has demonstrated a model template "Online Fraud Insights", which predicts if an activity is fraudulent by requiring email address, event time and IP address of the activity. "Account Takeover" and "Transaction Fraud" templates are planned.

While I understand the benefit of templates (to understand the semantics of features so AWS can augment and transform), there may be 2 challenges:

In real business, although those 3 may be common fraud use cases, there are many other fraud vectors, some of them may be specific to the business itself.

For any particular fraud vector, the useful features can vary greatly business by business. In addition to email, time and IP, for example, browser user agent might be predictive, too.

I hope to see Fraud Detector figure out how to support the much needed flexibility on top of templates.

Model Performance Analysis

I love how Fraud Detector includes AUC, Score distribution and Confusion matrix for users to choose the right score thresholds (possibly more metrics in the hidden Advanced metrics). It's straightforward to slide the score and see the dynamic true positive and false positive rates, to optimize for the best score cutoffs.

Expressions in Rules

When writing decision rules, the available variables include those supplied in the training data set (email, time, IP), plus the model score. What would be exciting is to offer the augmented and transformed variables, which AWS has added insight to, to rule writing as well.

Amazon Fraud Detector Preview is available in us-east-1. I've applied for access, and will review more once I get my hands on it.