Episode 16: Bridging Silos - A Holistic Approach to Modern Fraud Detection Artwork

Fraud Technology Podcast

Join us on the Fraud Technology Podcast as we delve into the rapidly escalating world of fraud, where the stakes are high and the pace is relentless. In an era where financial institutions find themselves in a perpetual game of catch-up with ingenious fraudsters, we stand firm in the belief that united efforts are the key to victory. Our mission is simple yet bold: to foster a collaborative community that stands up against fraud's onslaught. Tune in as we engage with the sharpest minds in the field, seeking insights, strategies, and stories from the very best in the business. Together, we unveil the strategies, innovations, and resilience that pave the way to effective fraud prevention. Welcome to the Fraud Technology Podcast, where we forge a powerful alliance against the forces of fraud.

All Episodes

Fraud Technology Podcast

Episode 16: Bridging Silos - A Holistic Approach to Modern Fraud Detection

August 30, 2024 • Ravi Madavaram • Season 1 • Episode 16

In this podcast, our guest Long Jiang explores the enduring nature of fraud, noting that scams, while seemingly modern, have been around since ancient times, like the biblical tale of Jacob. They discuss how fraud has evolved with technology, making it easier to perpetrate and harder to control with current fragmented measures. The speaker highlights the challenge of managing fraud across various bank departments, each with distinct objectives and goals, creating a siloed approach. They emphasize the importance of bridging these silos to create a cohesive, holistic fraud prevention strategy. By integrating the goals and insights of different stakeholders, such as operations, fraud control, and customer service teams, the speaker aims to optimize fraud management and improve overall effectiveness

Ravi Madavaram: 0:00

Hi, welcome back listeners. This is Ravi from Fraud Technology Podcast. And today we have with us Long Jiang and he has almost a decade of experience. And if you follow his career trajectory, he has been growing like leaves and bonds in whatever he has been doing. So I would love to know what is the secret and how he is progressing so fast in his career. We'd love to know more. And for that, welcome Long Jiang. We'd love to know a little bit about you and the listeners also would love to know more about you. Thanks for

Long Jiang: 0:23

having me. So again, my name is Long Jiang. I have been in the front size for. A decade. So this is, so be my 10th year. I started off as a fraud analyst. I dropped off my resume at TD bank and I was really eager to learn about fraud. And it's no surprise, actually, I want to be a FBI agent, but during that time, right out of the college, this was as close to fighting bad guys as I could have. I think what really molded me is really in the past couple of years or so, just to kind of really adapt and then change. I don't understand what the overall vision is for, for the team and for the mantra. So what are we kind of chanting about and then what is the goal and how do you want to grow the team? So, and aside from those, I have great mentors and my girlfriend has been super supportive of, of my career growth all this time.

Ravi Madavaram: 1:12

Hmm. Wow. It's curious to know that you wanted to be an FAA agent fraud, also catching bad actors. Is there any context personally of why you wanted to go in such a type of a profession where catching bad actors is what appeals to you? I

Long Jiang: 1:26

think this really started from childhood. And when I was in high school, this was back in what, 2000 and 2004, 2006. And I was the victim of several eBay types of schemes and fraud, right? So I made a purchase for iPod touch at the time. And then it was something like really, it looked nothing like it popped up. I wasn't able to dispute it. So the customer experience was really poor from, from that perspective, but then followed through, I had a family member that were victimized through elder abuse. So a lot of those really kind of molded me into who I am and really want to be proactive and then trying to see. How do we stop fraud? How do we stop people from being victims of fraud? And how do we combat, uh, whether it's our family, friends or the overall.

Ravi Madavaram: 2:12

Yeah. What's interesting to me is I always thought this type of fraud, or maybe from the parts of the world that I have lived in, this type of scams are more recent, I would say, like 10 years or 15 years. What I'm, what I find interesting about you is even as early as 2004 and five, you were having this type of, was this as privileged or is this like now getting more attention? I

Long Jiang: 2:32

think it's definitely gaining a lot more traction just because of how easy it is to conduct fraud. And a lot of the controls that we currently have in place today is, isn't really designed to be all that inclusive of the whole entire holistic. Cause we're really tackling pocket of fraud. And that really makes it very challenging from a beginning to end process to capturing a VV type of thing. I mean, someone mentioned this to me, maybe a couple of years back. They said, Oh, the earliest scam with dates back in the Bible and the Genesis, right, where I think a Jacob, well, ended up trying to kind of. Defraud his dad to give birth rights and then pretending to be his brother and yada, yada. And so, and I think that was really interesting as far as how scams and fraud has been conducted. It really hasn't changed. I mean, yeah, we're 2000 years into the future, but it's still the same thing, right?

Ravi Madavaram: 3:28

Interesting. Obviously in our psyche, we know that some historical context. Definitely has happened. But now that you bring to the attention, yeah, I mean, and I guess scams have always happened. Now the quantum probability is much higher as well as the frequency is higher probably on this side. The other thing that what I found interesting in your comment was the controls that we have right now is our controls are more targeted and it's not end to end or some sort of that, that you're talking about, would you be able to explain a little bit more of how the current controls are being are not able to capture. That's what you are alluding to. We'd love to know more about that. I think

Long Jiang: 4:05

here's what I've noticed in the past couple of years is also working in various different banks is every single department have different. Sets of goals, right? So they have to accomplish by the year end and we're all very much in silos. So because fraud is very dynamic and also it acts as a lever, so we could either decline more or we could approve more, but based on that decision, it really impact various other stakeholders that we have as well, right? We drive up more declines. Operations might be okay because they might see lower fraud dispute coming through, but phone channel might actually blow up. So what we're trying to do is from a control perspective is number one to isolate and identify all of our stakeholders. Because I think the biggest success we have had is to be able to bridge. All those silos together and be able to, not only do we fulfill our goals within the bank, but more so trying to stay aligned with everybody's goals. And then, then we could find a really a good balance, whether it's a false positive rate, whether it's the number of calls that we're receiving. So all those could be. Very readily available and to be able to kind of make the overall prosperous and as far as control goes, and obviously every single department had different controls. We have tons of control. We have tons of metrics, but really it's the greatest success for the team.

Ravi Madavaram: 5:22

Okay, and sir, if I can paraphrase what you're saying, the way fraud impacts different teams within a company varies quite significantly. And so their objectives of how to tackle fraud, also their appetite of risk, appetite of how much they want to invest. How many people they have and how they want to deal with it all varies. And so your first strategy was to identify who are all impacted by it, which is where you're talking about stakeholders, right? Identify all of the people, identify what their objectives are and try to figure out the, it's an optimization problem. You can't probably satisfy everybody, but you're trying to figure out, you know, now at least they're conflicting objectives. How do I optimize this? This is what, if I had to, because

Long Jiang: 6:02

every single bank or financial institution works a little bit differently. Some banks have first party and third party. And so within first party, they have payment risk, credit risk, and then they also have authorization space. Third party, it could be device account security. It could be whether it's not linked to devices, but acquisition risk and also authorizations. Or certain other companies might each individual is, is a sets of teams. So how do you really marinate everything together? Okay. for, for that informed decision making and for that fraud controls, because every single venue is a pocket of fraud that we could really capture and tackle on.

Ravi Madavaram: 6:36

Cool. Cool. Can I also understand a little bit about what are typically the stakeholders? I know some of the key ones, but I would love to know what are the stakeholders that you've been able to map

Long Jiang: 6:45

out? From various different banks, I think, generally speaking, we are very close with our operations team and truthfully, they provided us with significant insight, so operations, fraud operations, fraud control. So

Ravi Madavaram: 6:55

when you say operations team, you're talking about customer operations, which is customer service kind of operations, or are you talking about?

Long Jiang: 7:00

So phone channels, we're dependent on phone channels to provide any sort of insights, right? So they're the first kind of line of defense authenticating our customers. They're in taking the claims that. From whether or not it's XYZ merchant. So we have one level of information that's critical for us as far as identifying trends. But fraud operation side also provides us with abilities to, because their data point are extremely valuable that we leverage on a day in day out basis to capture any sort of gaps within our processes. But more importantly is they help us recover. So fraud operations is a tremendous job with being able to recover funds, losses. Uh, anything else that we could either how customers accountable for, or we could recover from the merchant or the various association through, um, arbitration. So all these kind of goes into various levels of risk. And for example, like fraud operations helps us from a gross. To a net loss perspective, but acquisition risk, for example, the onboarding process, it will help us from the gross loss in general. And then transactions team will also facilitate those types of gross losses, mitigation, the controls. So depending on which team that every single, uh, various teams will have a different benchmark or avenue that we could really tackle on, but. Uh, generally speaking for us, again, operations, fraud operation, customer services, and phone channels, device count security, whether it's from any sort of, it's IP related, it could be someone's computers, devices, and et cetera. And then we have maybe a payments team. And then just to observe any sort of payments that are coming in, whether or not it's, it's bounced checks and then such, and then we have internal investigations, all of that really bridge who we are today.

Ravi Madavaram: 8:39

So you have all these stakeholders and then you are essentially identifying the object. Good. I've not heard about holistic strategy of fraud itself. And you're talking about stakeholders, right? Again, as I said, right, this probably is in my mind, but I've never thought about it. And you point that out, right? So all of them having different objectives and in compliance space, you have a compliance officer who tries, and there is even a board level to actually say that, Hey, all of this needs to be thought through holistically, right? Because these all different teams have different, and they all fall under different verticals, right? How do you even achieve this practically? Because they're not in your teams, right? I mean, uh, they're in the same company, but how do you bring about a commonality? How do you make the discussion? Is there like a board discussion or like how is this organizational structure?

Long Jiang: 9:22

How for me is that how I have identified this pocket was probably a year ago. Our IT. Intake process. They have this value matrix. So, or such that really identifies like, Oh, how valuable is this project? Are we going ahead and then allocate resources for this? So from here. Like notice that they listed out their team goals and that really struck me because by knowing I have an understanding of your team goals, I was able to have a better idea in terms of, Oh, how should we prioritize our project before we're submitting over to them? And I think that was the trigger for me. So since then I've been. Kind of final integrated my goals into my signature, right? Really just kind of educating other people like, Hey, you know what? We will be like declining or we'll be reducing or maybe increasing our decline rate by X percentages. So how does it impact you guys? And then I wish that we could really brainstorm and have an understanding in terms of. What are your goals for this year and then how do we meet and then how do we benefit?

Ravi Madavaram: 10:20

Oh, wow. Well, bringing across learning from IT teams sounds pretty exciting. Like that's awesome, right? There is also another particular phrasing that you used, which is you said fraud controls are like a leader or maybe I'm getting this wrong. You use a particular word and you use this. So

Long Jiang: 10:39

we have a lot of, I would say power in our side of the house, right? So we could choose every single transactions and generating no revenue from the bank. So that's kind of really crazy. It's about it. So Depending on the fraud dynamic, right? So every year things a little bit differently. So there might be various technologies that gets implemented, whether or not maybe because I started in 2014. So I've seen a lot of new technology that was implemented, whether or not it was mobile devices, the chip migration, a lot of the, the data breaches, compromise reissuing strategies, P2P, and so all of that. So each of those facilitates and really. We observe different sort of risk associated with them and any given technology. Usually we do see an influx of fraud coming in. So how do we want to have those types of controls? Maybe we want to kind of have a little bit open with appetite for new product because everyone's really excited. I mean, you really don't want to like start declining every single little contact with their Apple Pay transaction on their first launch, right? It's horrible transaction experience. Those are type of risks that we usually facilitate. We want to understand what the company vision is, and we want to understand exactly what the push and driver is. And then through that, we'll be able to make a better informed decisions. Hey, you know what, maybe we want to let go of some additional losses in mobile wallet, but we want to strengthen our car present transactions or our 3DS transactions. So all those, then be able to really counteract some of the maybe negative impacts for the customers, but also driving a very positive customer experience overall. I know it's very conflicting, but again, that lever is ultimately how we decide on who to, whom to impact and who to let through.

Ravi Madavaram: 12:18

So if I understand that correctly, so you are saying that fraud or fraud objectives or fraud team itself is. Basically have to balance between business and fraud objectives, basically. And that's the lever. So it's basically, you're saying that, Hey, if the objective is to have zero fraud, then you press it harder. If it is to a new product, you don't want the business teams to head the fraud team. It's like, let it go a little bit farther, right? The loss is manageable for us. It's within our budget. So let it go a little more faster so that the growth of that product can be seen. By the business user, right? Okay. We talked about the balance between a business as well as fraud. And you're talking about as that, I said, it's not like an obsolete truth. That if I say this is fraud and you should stop this, it's not necessarily that way, right? Because there's always probability. Awesome. I was like thinking, what's the liver here? Thank you for explaining that as well. So one thing that I also wanted to understand is one is in a fraud space, right? You even got into this for this. That you want to stop bad actors. Right. And probably that's also appealing in a, at a personal level, but one, the fraud work is mostly technical, a lot of technical work, right? And second, it starts, for example, right. If I wear a policeman, my job would be like holding that guy and taking him to the court and sending him to jail. That's when I get my satisfaction of doing justice, right? But as a fraud team, we only have very little control, right? I mean, we only can say I will deny you this particular product, but beyond that, probably we report to the regulator that, Hey, something so and so has happened. And because they're also swam is likely nothing that is going to happen as well. Right. So how do you motivate yourself? I'm sure fraud seems like for a lot of newcomers, right? It may seem like, Oh, I'm going to catch bad guys. But I want to also hear from you from a realistic expectation of people. What is actually the role, vis a vis what you went into it?

Long Jiang: 14:06

Right. That's, that's a very, um, great question. So this is where really that collaborations with our team really comes into play. Right. Because we're not the one who's making calls. We, we declined several million transactions per day. And, and I, and I don't think I'm making every single call. Like, Hey, what was, was this you? So we do rely on a lot of the. The technology is out there, whether or not it's very standard to receive a two way connect message, right? On your text message on your phone, it says, Hey, is this you? Can you confirm that this transaction was made by you? So yes or no. So these are technologies that every single bank is really leveraging, or it could be an OTP if I'm making a transaction online and if it's high risk, you will receive an OTP to, to pursue those transactions. So for us, trying to find that balance, obviously it is very, very difficult. So through collaborating with other teams, so this is where phone channel comes into play. Right? So phone channel will be able to guide us a little bit in terms of, Hey, are, are we seeing an uptick of phone complaints or phone violence coming through? Maybe what specific hours are we seeing and which strategy is contributing to those type of inbound calls or. Or upticks in general is a particular hour. So all of these can really be observed through have coming conversations with them and transitively. Dig in a little bit deeper. So, and also there's every single firm that will be like, maybe the better business bureau, right? So you, maybe you receive complaints somewhere on social media or et cetera. So we would try to also analyze those and investigate maybe a particular role isn't working, or maybe the action for that particular strategy is a lot more severe than it really needs to be. Do we really need that? Additional level of inconvenience for the customer for that particular strategy. I mean, we could, depending on what types of fraud we're looking at. Maybe with the count takeover case or visit that or impersonation fraud, maybe although we do need more control because we're in the business of protecting our customers.

Ravi Madavaram: 16:00

Now, the job has more technology as well as. It's also the likely chance of you bringing justice to the bad actor is remote. I mean, you can identify this as a bad actor. So you stop the transaction or stop the account or delete or stop the person from using the account itself or even report to the right way. Beyond that, the chances are little as a financial analyst, at least financial fraud is that of doing much on the justice puzzle. I want to have a realistic expectation for new people joining the fraud teams. What would you say if you knew what your role was right now? And when you joined, would you have taken this and why would I have taken those? Why not?

Long Jiang: 16:35

So the role of within fraud, because it's very dynamic, right? You really engage in different stakeholders internally, but also externally as well. So when I first started at TD Bank 10 years ago, so as, as a fraud strategist, I was looking or tasked with ATM fraud. Related fraud. So cash withdrawal and et cetera. So during this time is right before the chip migration. And there was a lot of skimming activities that was done on our own internal ATM machines, whether it's gas pumps, other, and so it was really prevalent. So then we started looking at maybe common point of purchase. The, of these fraudulent card holders when, uh, where did all share commonality in terms of the transaction that have been made or exploited or versus what the cash out is, is that, so we're able to have, uh, isolate a time frame and just say, Oh, March 1st from 10 a. m. To 10 PM, and this is when the devices was on and off. So having that information, we did work with law enforcement. So that was really, really exciting. And then during part of the prosecution processes, but every single bank, again, what's very differently credit card banks also it's a little bit different as well. So I really want to kind of educate maybe the new people that are coming in because it's really, really, it's always involving, right? So yes, the first fraud happened day, way back, maybe a couple thousand years ago, There are new technologies that are out there. Every single technology will be exploited. I mean, recently, I think on Telegram, someone sent out a video of someone encoding card information onto a chip card. I can't authenticate whether or not it's true, but it did seem that it was a blank piece of card with a chip that they were able to make hash withdrawals. So does that mean that chip has, has now been exploited? I don't know, but these are the type of exciting things really out there that be able to have kind of fulfill my satisfaction. So we were kind of talking about earlier is call me practice is your two way connect messaging systems. Validating on across your mobile devices, whether or not you made a transaction or not, whether it's all one time passcode. So again, these are a lot of similar technologies out there that has been implemented.

Ravi Madavaram: 18:40

Okay, one of the area that I also would love to understand more, we did talk about the phone channel as well as. The fraud ops team, right? One difference that I would always think from that between these two teams is one is a proactive team, which does, uses data to detect whether something is fraud or not. Nobody's told them that this is fraud, but they are proactively trying to detect if something is fraud. Whereas phone channel is a reactive channel where somebody is reporting to you that something has happened, right? Now, obviously, I do want to understand the balance again, because you also talked about SQL as an objective, right? These two teams. The efficiency is very different in the fraud ops team. You're probably talking very high false positives in the phone channel. You probably, I mean, more or less likely that the customer is having issue. It could be a customer service issue or some other issue, but some issue is happening. So the time is never generally wasted, but in the fraud ops team, you are spending a lot of time chasing off the ghost. Basically, it's probably not happening. So how do you balance, because, I mean, if you want to really have high efficiency and not waste any money, probably just keep the phone channel and not do fraud offs, right? But again, that also doesn't work. So I want to understand how do you balance a proactive approach versus a reactive approach from customers.

Long Jiang: 19:53

So we obviously don't expect like a hundred percent accuracy, right? So, so that, that is, that's the real world we're currently in. So as far as balance goes, I think it's really important to identify them. So it's just understand that, Hey, we're not shooting for a hundred percent. So it is okay if our process is flawed, but how do we make improvement? And I think some of the improvement that there could be had is additional authentication questions related, whether or not that this is kind of know your customer base, but more importantly, is that educating our customers is, Hey, you know what, this Amazon purchase that you made, you made this maybe on three or three or four months ago, how And if we have that additional level of information, then maybe it wouldn't necessarily lead to a claim or dispute being submitted. I think there's various associations right now, whether Visa or MasterCard, they're going through this digital of receipt type of technologies that are out there, they'll be able to generate the receipt or dispute that the customers are calling in. So it, and, and chances are is there is, they have done studies that it's really high percentage, right? So you, maybe you. Forgot you made a purchase and then you're filing the dispute. So those kinds of technologies are currently work. So, and as far as operations goes, it's the same type of thing. So they partner up with us and then trying to understand what makes sense. Right? So if all the customers. In order to provision their mobile device for Apple Pay or Google Wallet. And if we're sending out one time passcode for those types of customers, maybe if the customer is all of a sudden disputing a charge on a mobile wallet, can we hold them accountable for maybe we can in certain situations, but maybe if they were a fall victim of scam, maybe it works a little bit differently. So all those are information that we're able to pass on to operations and for them to make the best judgment in terms of, do we want to deny this claim? Do we want to prove this claim? Or do we want to investigate further?

Ravi Madavaram: 21:40

Okay. Also in terms of the metrics as well, it's because we also talked about having different objectives and when you also worked on this strategy of having. A identifying stakeholders and having understanding, commonalities, right, with any metrics that were interesting, that worked out? I'm sure each of the teams have their own metrics, this is the metric that I am gonna chase after, right. were there any interesting metrics? That came out as a base metric for most of the things that worked, or was there no way that you could come out to those

Long Jiang: 22:10

metrics? Unfortunately, we don't have one metric that fits all. So I won't speak on behalf of other departments. I know that other departments are more SLA big. The number of minutes that they're on call and that maybe customers are calling in repeatedly. So maybe those are type of metrics that they observe, but I can say from my team is that it really depends on what level you are or which tier you are in the corporate ladder because you really see a metrics very differently. Right? So as someone who's in the day in and day out of creating strategies, fraud mitigation strategies, they might look at false positive rate. They might look at detection rate. They might look at hit rate. So what I like to do is that I like to really decipher each layer and then peel it out. So for example, a detection rate or hit rate, maybe instead of looking at. Just the overall encompassing number. We want to peel it back a little bit and say, Oh, what is the success rate of our two way connect messages? What is the customer's, uh, respond rate for that? Is there a particular timeframe within maybe certain hours of the day that has higher probabilities that they're responding back, right? So all these really goes into better controls as far as better detection rate overall. So from someone in the managerial space, then I focus more in terms of really trends I'm looking at. Maybe I'm looking at from operations perspective as in from the claims that we receive, what is the percentage of distribution across maybe card present, card not present, or it could be a card secure. So there were various other names for it as well, right? So is it account takeover is a fraud app? Is it not received? So having that level of information can really give me an idea in terms of where are we combating, or it might just be seasonalities, right? So, I mean, it's very common for, uh, not received or mail theft to be in warmer climate or maybe in the summertime, in the wintertime, maybe they're just really, really chill and cold and they'll kind of stay in. Right. But then if you're, if you're a higher as maybe board of directors or C suite, maybe you assess metrics a little bit differently. You might be looking at. What is the ROA for this particular project that you're working on? So it really varies, but for me, again, I think the biggest driver is to evaluate recoveries and evaluate what the claims looks like, because that ultimately what goes into our net fraud and our bottom line.

Ravi Madavaram: 24:19

Okay. Makes sense. You talked a little bit about trends that you'll be tracking at a managerial level or strategy level, right? Can you understand a little bit more about what kind of trends in fraud are you seeing? Obviously, there is generative AI talk that is happening all the time, right? I mean, I keep seeing rounds of ID cards passing around that this was generated by generative AI and nobody could detect that this is a fake ID card or something like that, right? Generative AI is the big topic that we are having. I also want to understand what type of trends are you seeing from a fraud

Long Jiang: 24:52

point of view? So the most common things obviously is current non present. And I think whether or not you're asking associations, uh, we're seeing that it is basically the reality. And it has been for, for a very various amount of time. So these are your enumeration tasks, your bin, uh, bin testings, right? Obviously there have been controls in the recent years. Maybe we, we're no longer issuing sequential orders for card numbers, which is great. And it helps. But more so into recognizing that what is the percentages that we're expecting increases for, for this year, compared to 2026, I think MasterCard came out saying that like, it's going to increase another 20 something percent into 2026. The more sophisticated, I think these are your scams, your claim abuse, these type of areas is where we're seeing a lot more, it's a lot more sophisticated man in the middle attack in the past. I mean, like you'll, you'll get an email or emails with really horrible, like grammatical issue, uh, errors and, and vocabulary, but now it sounds legit, quite incredible how, how Jenna had really involved in the fraud space. So those are definitely avenues that we are tackling. And then we're trying to, whether partner up with various other vendors. And I know that like Pindraw, for example, another vendor that really helps with biometrics authentication. I think they're kind of, whether or not they're working on something that's more related into like, how do I identify these sort of deep fakes from legitimate customers, right? So all of these is really is what we're working with. We're dealing with in a day in and day out basis. Have we. Gun have the overall industry gone that sophisticated. I don't know, but it is definitely, um, where things are going into, because if you're evaluating the documentation, like you said, or personal identifications, if, if someone is maybe like they missed the one particular, um, particular area, they might have missed the whole, the whole entire thing, and which could lead to, um, really high amount of fraud. So those, those are what we're seeing. And again, nothing new. It's been around for some time, forging documentations, but the speed at which able to and the accuracy that they're trying to bypass our system, it has really has been increasing.

Ravi Madavaram: 27:05

Okay, understood. So you talked about scams being one of the areas where you're seeing a lot of that. A lot of fraud, right? So can I understand more about what do you define as a scam? Is it, again, maybe it's better for you to define what a scam is. I know, uh, scam is a word that is used quite commonly. I do want to understand, because there's the word which is fraud and also scam. I have an understanding of a particular scam. I do want to understand

Long Jiang: 27:33

I think scams is really baits the individual into your natural instinct, right? So this is the more commonly known as your authority or urgency and then your actions. So that particular is something I will want to scan. Uh, there's various different types, right? So your man in the middle attack, whether or not they're, they're trying to insert themselves into the, on the call process, they're saying, Hey, it's bank XYZ calling in, and then we're just wanting to verify a transaction that they have made, right? So give me your OTP code and I will be able to authenticate you. So again, very, very common as well, but the level of details that they have information on too, I think that's really incredible. So you're, you're social engineering from social media sites and et cetera. So, uh, very others are your romance scams. Uh, we've, we've seen surgeons of these sort, I think across the industry as well. And again, these bad actors are really great at providing deepfakes. I was at a conference a couple, um, just last year, and I took, there was an app application on an international region that I could download on the app store. And so all it is his face on mine, it looks really, really legit. So. We have been aware of these sort of things. It really is critical as far as our day in and day out.

Ravi Madavaram: 28:48

Okay, so SCAM is the way we are defining. Again, I do want to understand whether this would be first party or third party. Because that definitions are typical traditional fraud definitions, right? So would SCAM fit into first party or third party? I

Long Jiang: 29:00

would say in most cases within the industry, we're treating this as third party. And we're also a regulatory perspective as well, because even within Capitol Hill said that, um, or whether it's specific states, they have various, um, definition of, of scam set, whether or not if someone who's maybe from a family member or that that's scheming, you might have different outcome for example. Okay.

Ravi Madavaram: 29:24

The way you define, again, I think we have similar definitions of the way I'm thinking of scams is that. I am doing everything from a technical standpoint. I am giving all the details, but somebody is engineering me to do it. Somebody is essentially cheating me to do it. They have not hacked my system. They're not done anything. Account takeover has not happened. Nothing like that has happened, but they are making me on my own volition to do all the things that I am doing. Even though I'm thinking I'm doing it for some other reason, they're making, I am still doing it essentially, right? It's still my conscious of, uh, consciously doing it. And again, there are issues on the scam side. I mean, I had some great conversations around, uh, how do you differentiate if somebody is actually doing it? Let's say I have another friend, right? I, and we are together doing it. I'm, but I'm paving for the bank. Uh, and because of the regulations, sometimes you have to give back the money to me. And that guy has made money. I made money. So I'm happy the bank is not SMC, right? I have one final question is, so what are the key areas of problems that you're currently tackling? Basically, let's say top three things that you're currently trying to solve.

Long Jiang: 30:32

Part 3 for WAMLONG. See you.

Ravi Madavaram: 30:37

Or anything that is definitely at the top of your mind. Like, like, so these are the things that are, that we are currently actively pursuing, not as a company, but as, as an industry.

Long Jiang: 30:47

Industry of really kind of knowing your, your customer base. So these, then, so these information are really critical because it helps us build profiles, right? Profiles can be used from a rule decisioning perspective and whether or not it's, we're leading this into machine learning, but. Holistically, it should be able to generate some sort of, uh, whether it's, um, um, binary value or whether it's a percentage, the likelihood that this is a third party fraud versus the customer that is making the transaction. So profiles is something that we're trying to, uh, proactively working towards, and I think overall the industry is working towards modeling, right? So. Having a more solid accuracy in terms of bridging every single application together, because every, again, going back to earlier discussion is that every single team have varied level of customer information, whether or not this is the onboarding process, they have received red flags for particular elements or, or attribute during the onboarding process. Maybe they are from a system device perspective or account security. They might be accessing the sort of. Uh, their logins at a very high risk types of whether a computer desktops or mobile devices. So having all these under one infrastructure, this is really, really going to be a key driver for everything. And because a lot of these vendors doesn't necessarily work together, we might have one vendor to tackle on a particular area, but that would likely be missed if we're looking at something else. So having that marination of, across multiple different partners is, will be the right direction that we're all working towards.

Ravi Madavaram: 32:31

Let's say I am a customer. You would like to know that, okay Ravi uses a iPhone, uses a Windows laptop and travels to these, these destinations. These are the kind of thing that he buys. So if you know that, then if there is an anomaly, then you can detect it. Probably highlighted as probably a risk, right? So that's what you're talking about.

Long Jiang: 32:54

And every single segment is also very different. So, because if you're working with brokerage account and they're very sensitive towards customer friction as well, right? So. But really understanding exactly what segmentation of customers that you are working with, that you, um, and you could be able to have a better idea in terms of how do you want to interrupt those types, maybe, um, and then what is your risk appetite for specific portfolios as well. So, so that, that's where it can.

Ravi Madavaram: 33:20

Hmm. So then we are connecting between profiles and levers as well. Profiles and doing into segments and then connecting that to Google, whether, how do you want to press? Right.

Long Jiang: 33:33

I think America Express does this pretty well as well. So, because they're all about customer experience, right? So for example, if it may, maybe cars that have might be compromised for so. But they will still, they might allow transactions to still go through in a card presence setting. So as long as you're dipping a card, these transactions will work in two minutes. And then because this is kind of really the convenience and then they're really customer centric. And I think that I praise them. I think that's great because they're able to offer that level of customer experience. Okay,

Ravi Madavaram: 34:05

with that, thank you so much for the great, some of the quotes that I really love. And also some of the areas that you touched upon, even though I think most of us know these things, never thought about it in that particular framework. And so thank you so much for all the valuable thoughts that you shared with us and, uh, we'd love to have you again, uh, long.

Long Jiang: 34:25

Yeah.

Ravi Madavaram: 34:25

Good luck. Thanks for having me.

Long Jiang: 34:26

Thanks for having me. Thank you.