Fraud detection is a mechanism to identify fraudulent transactions. In Open Banking, Strong Customer Authentication (SCA) adds an additional authentication step to the authorisation flow. As for an example, a customer may have to go through several authentication steps before performing a low-value transaction from an account, which the customer has recently authorised. Therefore, Transaction Risk Analysis (TRA) is introduced to exempt SCA in some predefined scenarios. SCA-exempted scenarios are described in detail under Transaction Risk Analysis. The Fraud Detection (FD) module calculates the fraud rate for transactions and identifies the scenarios that SCA can be exempted. Moreover, FD in WSO2 Open Banking Business Intelligence (WSO2 OB BI) provides a dashboard to monitor transactions and mark fraudulent users and third-party applications. In this page, you can find information on the following topics:
Fraud detection in WSO2 Open Banking
The FD module in WSO2 Open Banking runs separately from the solution based on the published transaction data. This is how WSO2 Open Banking API Manager (WSO2 OB APIM) and WSO2 Open Banking Identity and Access Management (WSO2 OB IAM) interacts with the FD module in WSO2 OB BI:
The module calculates the fraud rate for transactions as shown in the diagram below:
There are four components of the FD module that store and analyse data in order to determine the fraud rate and exempt SCA.
Fraud rules
The fraud rules determine the fraudulent transactions that exceed the predetermined fraud rate. The following formula is used to calculate the fraud rate:
The calculation runs on a quarterly basis, i.e., data taken from the past 90 days is considered for the calculation.
Setting up Fraud detection in WSO2 Open Banking
When you download the WSO2 Open Banking Business Intelligence (WSO2 OB BI) component, you can enable API Analytics, Transaction Risk Analysis, Fraud Detection, and Data Reporting. For more information about the features and instructions to enable them, see Integrate Open Banking Business Intelligence.
Make sure you have created the databases required for FD. See Configuring databases to find out the required databases.
Enable TRA for FD to work. Follow the instructions given in Enabling Transaction Risk Analysis (TRA).
To enable FD, follow the instructions given in Enabling Fraud Detection.
Working with fraud rules
In the FD module of WSO2 Open Banking, you can work with fraud rules by:
Creating a new fraud rule
The Fraud Detection module is shipped with fraud rule templates. In this method, you can create a new fraud rule using templates. Follow the given instructions to see how you can create and deploy a fraud rule.
- Once you enable fraud detection, log in to WSO2 Business Rules Manager at
https://<WSO2_OB_BI_HOST>:9643/business-rules/businessRulesManager
. Use the credentials for the worker nodes that are configured underwso2.business.rules.manager
in<WSO2_OB_BI>/conf/dashboard/deployment.yaml:
Click Create and From Template.
- Select fraud-rules.
You can select a fraud rule from the existing rules.
Note that only the UK banks have to create the fraud rule named as
consecutive-consent-rejection-rule
.Enter the appropriate information to the fraud rule.
The Exemption Threshold Values (ETV) for the fraud rate is specified according to the Regulatory Technical Standards (RTS). In case you want to change the values:
Due to a change in a specification
To set a value not exceeding the ETV
edit the Threshold values in the fraud-detector fraud rule.
- Click SAVE or SAVE & DEPLOY.
- SAVE - You can save the fraud rule and deploy it later. See Deploy an available fraud rule for instructions.
- SAVE & DEPLOY - You can save and deploy the fraud rule at the same time.
After you save and deploy a fraud rule, you can find the information about it on the home page of WSO2 Business Rules Manager. In order to create more fraud rules, click the add sign on the left-top corner and follow the steps 1-5 for each rule.
Deploying an already created fraud rule
The business rules are available on the home page of WSO2 OB BI. This component is used to create, edit, and deploy business rules as fraud rules. In order to deploy a previously saved fraud rule from WSO2 Business Rules Manager, follow the given step.
Click the redeploy icon as marked in the on the image. As a result, a message appears to inform you that the rule is successfully deployed.
Updating a fraud rule
You can use the Business Rules Template Editor profile in WSO2 Stream Processor to update an existing fraud rule.
Using the Fraud Detection dashboard
WSO2 Open Banking provides a dashboard for banks to record and monitor transactions. You can use the fraud monitoring dashboard to:
View, filter, and sort transaction data for the past 90 days and beyond.
Mark transactions as fraudulent/not fraudulent.
Add fraudulent users and third-party applications to the deny list.
Log in to the WSO2 FD Dashboard using
https://<WSO2_OB_BI_HOST>:9643/portal/dashboards/frauddetectiondashboard/home
.Click the Fraud Analyzer tab on the left sidebar menu.
On the Fraud Analyzer tab, you can filter and sort transactions during the past 90 days, mark transactions as fraudulent, and mark users and third-party applications as fraudulent.