Abstract: A method, an electronic device, and a computer program product for processing data is disclosed. The method includes training a classification model based on a plurality of reference documents describing different objects, the trained classification model respectively associating the plurality of reference documents with the described objects. The method further includes determining from the individual words identification information that can identify the objects based on contributions of individual words in the reference documents to the association. Identification information that can identify objects in documents describing the objects may be determined, so that an identification information data set is automatically generated for training a machine learning model that is used to determine the identification information.

Abstract: This document presents multi-layered, self-calibrating analytics for detecting fraud in transaction data without substantial historical data. One or more variables from a set of variables are provided to each of a plurality of self-calibrating models that are implemented by one or more data processors, each of the one or more variables being generated from real-time production data related to the transaction data. The one or more variables are processed according to each of the plurality of self-calibrating models implemented by the one or more data processors to produce a self-calibrating model output for each of the plurality of self-calibrating models. The self-calibrating model output from each of the plurality of self-calibrating models is combined in an output model implemented by one or more data processors. Finally, a fraud score output for the real-time production data is generated from the self-calibrating model output.

Abstract: Devices and methods for securing electronic transactions in a computing network are configured to receive a transaction, access transaction contextual data for the transaction, and apply one or more authentication decision rules to the transaction contextual data to determine initial authentication assessment information for the transaction. Further, aspects are configured to convert the initial authentication assessment information into a condensed authentication assessment indicator having an assessment value selected from a plurality of assessment values based on an assessment value definition, and transmit the condensed authentication assessment indicator. Also, aspects receive a transaction authentication decision based in part on the condensed authentication assessment indicator, and process or deny processing of the transaction based on the transaction authentication decision.

Abstract: Different automatic tasks are facilitated via outlier detection in datasets using a Weighted Histogram-based Outlier Scoring (W-HBOS). An initial set of features is extracted from a processed dataset. The initial set of features is further filtered by applying robust statistics for size reduction. A second round of automatic feature selection is implemented based on maximum-entropy estimation so that a selected set of features that can give maximum possible information from different dimensions towards detecting anomalies are selected. The selected set of features are transformed to generate principal components that are provided to the W-HBOS-based model for outlier detection. A subset of outliers in one of the directions can be selected and reason codes are identified using back transformation for the execution of a desired automatic task.

Abstract: Risk scores are generated by systems that use features or inputs from the current transactions, some summary statistics like velocity and some statistics calculated in batch mode which traverse hierarchical classification levels of entities, including classified attribute levels of known transactions, to identify neighborhoods of related entities and related transactions. Corresponding records of transaction information are extracted from or are otherwise generated from neighborhoods of the related transactions associated with the defined neighborhoods of entities/transactions.

Abstract: A predictive analytics system and method in the setting of multi-class classification are disclosed, for identifying systematic changes in an evaluation dataset processed by a fraud-detection model by examining the time series histories of an ensemble of entities such as accounts. The ensemble of entities is examined and processed both individually and in aggregate, via a set of features determined previously using a distinct training dataset. The specific set of features in question may be calculated from the entity's time series history, and may or may not be used by the model to perform the classification. Certain properties of the detected changes are measured and used to improve the efficacy of the predictive model.

Abstract: A predictive analytics system and method in the setting of multi-class classification are disclosed, for identifying systematic changes in an evaluation dataset processed by a fraud-detection model by examining the time series histories of an ensemble of entities such as accounts. The ensemble of entities is examined and processed both individually and in aggregate, via a set of features determined previously using a distinct training dataset. The specific set of features in question may be calculated from the entity's time series history, and may or may not be used by the model to perform the classification. Certain properties of the detected changes are measured and used to improve the efficacy of the predictive model.

Abstract: A method for detecting fraud and non-fraud pattern changes can be based on transaction pathway transversal analysis. A decision tree can be built based on a training dataset from a reference dataset. Pathway transversal information can be recorded along each pathway for the reference dataset. A first mean and a first variance of a class probability can be calculated of all samples over each pathway. A pathway distribution for a new transaction dataset under investigation and a second mean and a second variance of all samples of the new transaction dataset can be obtained. The second mean and the second variance can represent a fraud probability. The deviation metrics between one or more feature statistics of a feature along each pathway for the reference dataset and the new dataset can be determined on a local level. Feature contributors to pattern changes can be determined by analyzing the deviation metrics.

Abstract: This document presents multi-layered, self-calibrating analytics for detecting fraud in transaction data without substantial historical data. One or more variables from a set of variables are provided to each of a plurality of self-calibrating models that are implemented by one or more data processors, each of the one or more variables being generated from real-time production data related to the transaction data. The one or more variables are processed according to each of the plurality of self-calibrating models implemented by the one or more data processors to produce a self-calibrating model output for each of the plurality of self-calibrating models. The self-calibrating model output from each of the plurality of self-calibrating models is combined in an output model implemented by one or more data processors. Finally, a fraud score output for the real-time production data is generated from the self-calibrating model output.

Abstract: Different fraud risk models can be developed and applied for a consortium of e-commerce merchants. With this multi-phase modeling strategy, a consortium member can get its optimal model performance at different data phases from an early phase where the consortium member does not have any historical data, to a more mature phase where the consortium member has a short time period of matured data, to a fully mature phase where the consortium member has a long-time period of matured data. On the other hand, the matured consortium data is not affected by the immature data from new members. Thus, the model performance for long-time existing members is not affected by new members at immature phases.

Abstract: A system is described herein for managing digital transactions over a network with incomplete information. The system includes a data collection component and a transaction control component that may employ a prospective control model that is trained with fully matured data as well as partially matured data regarding past digital transactions. The transaction control component is configured to estimate an inauthentic rate of inauthentic digital transactions being wrongly approved for a current time period. A set of future reference values may be determined based on the estimated inauthentic rate. The set of future reference values relate to a predicted future decision made for the digital transaction. A set of current values may be determined based on the set of future reference values. Based on the set of current values, the transaction control component may determine whether the digital transaction should be rejected as inauthentic or approved as authentic.

Abstract: Risk scores are generated by systems that use features or inputs from the current transactions, some summary statistics like velocity and some statistics calculated in batch mode which traverse hierarchical classification levels of entities, including classified attribute levels of known transactions, to identify neighborhoods of related entities and related transactions. Corresponding records of transaction information are extracted from or are otherwise generated from neighborhoods of the related transactions associated with the defined neighborhoods of entities/transactions.

Abstract: This document presents multi-layered, self-calibrating analytics for detecting fraud in transaction data without substantial historical data. One or more variables from a set of variables are provided to each of a plurality of self-calibrating models that are implemented by one or more data processors, each of the one or more variables being generated from real-time production data related to the transaction data. The one or more variables are processed according to each of the plurality of self-calibrating models implemented by the one or more data processors to produce a self-calibrating model output for each of the plurality of self-calibrating models. The self-calibrating model output from each of the plurality of self-calibrating models is combined in an output model implemented by one or more data processors. Finally, a fraud score output for the real-time production data is generated from the self-calibrating model output.

Abstract: Devices and methods for securing electronic transactions in a computing network are configured to receive a transaction, access transaction contextual data for the transaction, and apply one or more authentication decision rules to the transaction contextual data to determine initial authentication assessment information for the transaction. Further, aspects are configured to convert the initial authentication assessment information into a condensed authentication assessment indicator having an assessment value selected from a plurality of assessment values based on an assessment value definition, and transmit the condensed authentication assessment indicator. Also, aspects receive a transaction authentication decision based in part on the condensed authentication assessment indicator, and process or deny processing of the transaction based on the transaction authentication decision.

Abstract: A device in a data processing system for training machine learning models receives a transaction and forwards it to at least one of a plurality of integrated control action models that use outputs of one model as inputs to other models. The models are machine learning models jointly trained for taking each control action of a plurality of control actions on the transaction to maximize an objective function based on probabilities of the control actions matching corresponding target control actions. The machine learning models include a risk model that outputs risk prediction information for a first control action that indicates whether or not to initiate processing of the transaction. The device further receives the risk prediction information from the risk model, and executes at least the first control action based on the risk prediction information.

Abstract: Embodiments disclosed herein are related to computing systems and methods for determining a risk score for a plurality of data transactions. In the embodiments, a first risk score module may receive data transactions. The first risk score module may then determine a first risk score for each of the data transactions. A second risk score module that is different from the first risk score module may receive each of the first risk scores determined by the first risk score module as an input. The second risk score module may determine a second risk score based in part on the input first risk scores for each of the data transactions. The second risk scores may specify if each of the data transactions is to be approved or rejected by the computing system.

Abstract: A device in a data processing system for training machine learning models receives a transaction and forwards it to at least one of a plurality of integrated control action models that use outputs of one model as inputs to other models. The models are machine learning models jointly trained for taking each control action of a plurality of control actions on the transaction to maximize an objective function based on probabilities of the control actions matching corresponding target control actions. The machine learning models include a risk model that outputs risk prediction information for a first control action that indicates whether or not to initiate processing of the transaction. The device further receives the risk prediction information from the risk model, and executes at least the first control action based on the risk prediction information.

Abstract: The current subject matter describes a method and system of detecting frauds or anomalous behavior. The procedures include extracting characteristics from a dataset to generate words and documents, executing a topic model to obtain the respective probabilities of appearance of a document in each latent archetype, dividing the dataset into a plurality of subsets based upon the archetypes. The formed subsets are further utilized to estimate the quantiles and calculate scores using a self-calibrating outlier model. The score of each new transaction is determined based on a single archetype or based on the sum of weighted scores determined from all the archetypes and associated statistics. Such methods are superior to a simple self-calibration outlier model without an LDA archetype.

Abstract: Embodiments disclosed herein are related determining a risk score for one or more data transactions. Current data transactions that are associated with one or more current attributes are received. Stored data transactions associated with stored attributes are accessed. A plurality of the stored attributes are selected. A first sliding window and a second sliding window are selected. A duration of the second sliding window is longer than a duration of the first sliding window and encompasses the duration of first sliding window. Risk information for those stored data transactions that are associated with the plurality of attributes is determined. The risk information is determined during the duration of both the first and second sliding windows and is indicative of a level fraud that is occurring. The determined risk information and the current attributes are used to generate a risk score for the current data transactions. The current data transactions are approved or rejected based on the risk score.

Abstract: Methods, systems, and computer program products are provided for tracking user actions made via a user account, and to accurately detect fraudulent transactions made therewith. Information associated with the user actions such as, for example, device ID, device IP address, and device IP location, is captured and stored. Stored information is used to create features. The features are assembled into an n-dimensional vector, and a measure similarity between that vector and a previously created n-dimensional vector can be computed. The measure of similarity may be used to assess the probability that the present transaction is fraudulent. Alternatively, one or more n-dimensional vectors, and/or the computed measure of similarity may be used as input to a machine learning model. The output of machine learning model also may be used to assess the probability that the present transaction is fraudulent.