FNA Shortlisted for BIS Analytics Challenge

News
Written By Saiesha Pitroda

As a result of the widespread increase in consumer fraud and scams, several countries are seeking to establish or strengthen cross-bank, cross-platform, and cross-industry utilities to counter financial crime at the national level. These shared infrastructures are essential to augment the traditional, siloed efforts of individual financial institutions.

Understanding the scam and fraud difference makes the need for collaboration clear. Because modern scams rely on authorized manipulation rather than unauthorized access, some data sharing across Financial Institutions (FIs) is crucial. It enables organizations to track fraudulent funds across the payment systems, execute robust payment fraud detection, and flag suspicious transactions that may go unnoticed if a bank can only access its own isolated transaction data.

This collaborative approach enhances the overall security of the financial ecosystem, enables quicker responses to emerging fraud tactics, and facilitates the development of comprehensive fraud detection systems. Consequently, it protects consumers by reducing the incidence and impact of fraud, thus fostering greater trust and confidence in digital banking.

Figure 1: Example of Money Trail visible to a bank. The amount of information shared about other banks’ customers can be configured by local requirements and the banks’ willingness to share data.

Balancing Collaboration with Data Privacy

It has been evident for several years that privacy is a key concern when considering sharing data between financial institutions and authorities for combatting fraud and scams. Legislators have developed robust frameworks protecting personal and other sensitive data, and Financial Network Analytics (FNA) strives to create solutions that are fully compatible with these frameworks. To this end, FNA has invested heavily in R&D and public sector education for many years.

The BIS Innovation Hub provided a key forum for exchange at a recent event in London. FNA’s solution tackling the problem statement—“How can privacy technology be used to support public and private institutions to share data and intelligence, and collaborate while preserving user privacy?”—was shortlisted. Florian Loecker, FNA Chief Technology Officer, presented it at the BIS Innovation Hub’s Analytics Showcase in London on 27-28 March to an audience of senior leaders from central banks, public sector organizations, and financial institutions.

Shared Infrastructure: The National Fraud Portal

Before evaluating specific privacy technologies, it is important to contextualize the capability that many financial ecosystems are looking to build: a real-time, multi-rail track and trace system designed to freeze fraudulently acquired funds and recover them for victims.

FNA already deploys these systems in several countries via its Money Trails solution. A prime example is the National Fraud Portal in Malaysia, operated by PayNet and Bank Negara Malaysia (BNM), which utilizes advanced financial network analytics to disrupt mule networks.

Comparing Privacy Technologies for Fraud Intelligence

During the BIS Innovation Hub event, participants presented several privacy-preserving technologies. Here are three primary approaches and how they apply to the rigorous demands of national fraud utilities:

  • Homomorphic Encryption: This technology allows participants to submit data in a fully encrypted format (including value and timestamp) while a centralized platform performs computations on the encrypted data. While it provides total data obfuscation during computation, its primary drawback is scalability. Current limits cap out at tens of thousands of transactions, making it unsuitable for national systems processing millions of payments daily due to prohibitive computational complexity.

  • Secure Multi-Party Computation (SMPC): SMPC employs clever protocols to share data in a noisy (randomized) fashion combined with cryptographic hashing, ensuring no single party can read the data alone. However, computing useful outputs in a shared setting introduces significant latency and architectural complexity. These calculations can take several minutes, which makes real-time intervention and freezing of funds difficult, and setups costly.

  • Zero Knowledge Proofs & Cryptographic Hashing (FNA's Approach): In this model, identifying PII data is hashed securely using a common protocol across FIs. Data can only be recovered by parties who already own it. Because the protocol is common, potentially illicit transactions can still be linked using graph analytics. This approach offers limitless scalability and simplicity, enabling real-time track & trace and sub-millisecond transaction monitoring SLAs. The only drawback is that care must be taken during system design to ensure that the value and timestamp of payments do not allow the identification of PII data through indirect inference.

FNA’s Approach: Scalable, Privacy-Preserving Analytics

The approach presented by FNA has its principal advantage in its simplicity and limitless scalability, whilst protecting all Personally Identifiable Information (PII) data in payments. By utilizing Zero Knowledge Proofs and cryptographic hashing, FNA enables real-time collaborative track and trace capabilities without exposing sensitive consumer data to unauthorized parties.

Watch the Presentation & Access the Research

FNA’s BIS Analytics Challenge submission was accompanied by an in-depth research paper detailing this methodology.

Footnotes & References:

  • [1] BIS Working Paper: https://www.bis.org/publ/work1242.pdf

  • [2] Examples of national utilities include the National Scam Response Center (NSRC) and National Fraud Portal (NFP) in Malaysia, Anti-Deception Coordination Center (ADCC) in Hong Kong, AFCX in Australia, and Cifas/Action-Fraud in the UK.

Footnotes & References

  • (1) https://www.bis.org/publ/work1242.pdf

  • (2) e.g. National Scam response Center (NSRC) and National Fraud Portal (NFP) in Malaysia, Anti-Deception Coordination Center (ADCC) in Hong Kong, AFCX in Australia and Cifas/Action-Fraud in UK

  • FNA’s BIS Analytics Challenge submission: FNA Money Trails and Fraud Intelligence Sharing. Access the Paper

Saiesha Pitroda
Previous

FNA to Develop Fraud Portal as a Service
Next

Shaping the Future of Fraud in Real-time Payments