Abstract: A computer system computes a score for a received data exchange and, in accordance with a neural network and input variables determined by received current exchange and history data, the computed score indicates a condition suitable for a denial. A set of attribution scores are computed using an Alternating Decision Tree model in response to a computed score that is greater than a predetermined score threshold value for the denial. The computed score is provided to an assessment unit and, if the computed score indicates a condition suitable for the denial and if attribution scores are computed, then a predetermined number of input variable categories from a rank-ordered list of input variable categories is also provided to the assessment unit of the computer system.

Abstract: A computer system computes a score for a received data exchange and, in accordance with a neural network and input variables determined by received current exchange and history data, the computed score indicates a condition suitable for a denial. A set of attribution scores are computed using an Alternating Decision Tree model in response to a computed score that is greater than a predetermined score threshold value for the denial. The computed score is provided to an assessment unit and, if the computed score indicates a condition suitable for the denial and if attribution scores are computed, then a predetermined number of input variable categories from a rank-ordered list of input variable categories is also provided to the assessment unit of the computer system.

Abstract: Systems and methods are provided for identifying and detecting unauthorized user activity and for decreasing the rate of false-positives. The disclosed systems and techniques may involve analysis of users' past activity data so that individual classifications and authorization decisions with respect to requested user activity are based on activity data associated with a user's use of multiple services.

Abstract: Systems and methods are provided for identifying and detecting unauthorized user activity and for decreasing the rate of false-positives. The disclosed systems and techniques may involve analysis of users' past activity data so that individual classifications and authorization decisions with respect to requested user activity are based on activity data associated with a user's use of multiple services.

Abstract: A fraud score for a transaction in connection with an account is computed from retrieved data to indicate a probability of the account being in a compromised condition. A travel score is computed, wherein the computed travel score indicates a likelihood that a user of the account is traveling from a user home location at the time of the received transaction. A self-similarity score may be computed if the computed fraud score is above a predetermined threshold to indicate similarity of the received transaction to other transactions of the account in the set of prior transactions. A suggested action is determined, based on a fraud decisioning operation (and optionally the self-similarity score) and a travel decisioning operation using the fraud score and travel score, respectively.

Abstract: This disclosure describes methods, systems, and computer-program products for determining classification rules to use within a fraud detection system The classification rules are determined by accessing distributional data representing a distribution of historical transactional events over a multivariate observational sample space defined with respect to multiple transactional variables. Each of the transactional events is represented by data with respect to each of the variables, and the distributional data is organized with respect to multi-dimensional subspaces of the sample space. A classification rule that references at least one of the subspaces is accessed, and the rule is modified using local optimization applied using the distributional data. A pending transaction is classified based on the modified classification rule and the transactional data.

Abstract: This disclosure describes methods, systems, and computer-program products for determining classification rules to use within a fraud detection system The classification rules are determined by accessing distributional data representing a distribution of historical transactional events over a multivariate observational sample space defined with respect to multiple transactional variables. Each of the transactional events is represented by data with respect to each of the variables, and the distributional data is organized with respect to multi-dimensional subspaces of the sample space. A classification rule that references at least one of the subspaces is accessed, and the rule is modified using local optimization applied using the distributional data. A pending transaction is classified based on the modified classification rule and the transactional data.

Abstract: Methods, systems, computer-readable media, and apparatuses for detecting unauthorized activity are disclosed. Detecting unauthorized activity is done by accessing first data that represents activity involving a first service provided to a customer, accessing second data that represents activity involving a second service provided to a customer. The activity involving the second service and the activity involving the first service both include authorized customer activity, and the activity associated with the second service further includes unauthorized activity. The first data is filtered using a filtering criteria and a portion of the first data is selected to be retained. The second data and the retained portion of the first data are analyzed, and the analysis includes classifying the activity associated with the second service in a way that distinguishes the unauthorized activity from the authorized activity associated with the second service.

Abstract: Transaction data is processed by first determining transactions in a database that are associated with a respective event that indicates a classification of interest and that share at least one common point of purchase (CPP) identifier across two or more of the determined transactions associated with the classification of interest. A set of the transactions in the database are determined, based on the CPP identifiers for transactions from as time period prior to a start time of the event and accounts associated with the event. Times of occurrence for the transactions in the set are determined, based on the CPP, and a score is generated for the received transaction for any transactions associated with at least one of the respective events and sharing at least one common CPP.

Abstract: Systems and methods are provided for operation upon data processing devices are provided for operating with a fraud detection system. As an example, a system and method can be configured for receiving, throughout a current day in real-time or near real-time, financial transaction data representative of financial transactions initiated by different entities. At multiple times throughout the day, a summarization of the financial transaction data (which has been received within a time period within the current day) is generated. The generated summarization is used to determine whether fraud has occurred with respect to a financial transaction contained in the received authorization data or with respect to a subsequently occurring financial transaction.

Abstract: Systems and methods are provided for scoring transaction data representative of transactions of disparate types transaction data describing a transaction that has occurred is received. The transaction data is stored in a plurality of segments, where a segment is formatted according to a template, where the template is selected based on an attribute of the transaction, and where the attribute is a customer attribute, an activity attribute, or a channel attribute. Transaction data associated with a segment is aggregated based on a particular attribute. The aggregate transaction data is provided to a predictive model to generate a fraud score. New transaction data is received describing a new transaction, wherein the new transaction includes the particular attribute. A real-time score is provided indicating a likelihood of fraud for the new transaction, wherein the score is based at least in part on the fraud score generated using the aggregate transaction data.

Abstract: Systems and methods for storing transaction data associated with transactions of disparate types are provided. Transaction data is received describing a transaction that has occurred, the transaction being performed by an customer of a particular customer type and the transaction being performed using a channel of a particular channel type. Transaction data about the customer is stored in an customer segment according to one of a plurality of customer templates, the one of the plurality of customer templates being selected according to the customer type. Transaction data about the channel is stored in a channel segment according to one of a plurality of channel templates, the one of the plurality of channel templates being selected according to the channel type. Data from the customer segment, the activity segment, and the channel segment for the transaction is extracted and scored by a predictive model.

Abstract: Systems and methods are provided for providing real-time scoring of received transaction data. Transaction data describing a particular transaction that has occurred is received. The transaction data is stored in an enterprise database, where the enterprise database is configured to store transactions of disparate types, where the transaction data is stored using a plurality of segments, where a segment is formatted according to a template, and where the template is selected based on an attribute of the transaction, wherein the attribute is a customer attribute, an activity attribute, or a channel attribute. A transaction type of the particular transaction is determined. One or more models are selected from a pool of models based on the transaction type, wherein the one or more models are configured based on a plurality of records from the enterprise database, and a score of the received transaction data is generated based on the transaction data.