Graph databases catch electronic con artists in the act

Program Director, Digital Experience, IBM

If your security measures can’t stop cyber criminals from even attempting to breach your security, the next best thing is to catch them in the act of trying. Unfortunately, in industries such as financial services, detecting intruders before they vanish is becoming increasingly difficult.

Bringing past and future together

Data warehouses and analytics tools provide an excellent snapshot of the past—and in our robust market for traditional analytics, almost anyone can slice and dice data to present a view of what has already been. Accordingly, identifying fraud that has already occurred is a relatively easy task. Moreover, thanks to predictive analytics, which models past performance to identify trends and predict future behavior, we can get an approximate idea of where electronic fraudsters are likely to strike next. modern organizations can enlist the aid of sophisticated and mature tools with which to look into the past—and a strong and ever broader selection of tools allowing them to peek into the future. But what about what’s happening right now?

Thanks to the growing prominence of graph databases in data relationship analysis, real-time fraud detection—once a seemingly unattainable goal—is finally within reach. Listen in as Kamille Nixon, senior portfolio marketing manager for IBM Cloud Data Services, discusses the rise of real-time analytics with James Kobielus, IBM big data evangelist.

As Nixon explains, lenders and other credit-extending businesses, such as banks and financial institutions, rely on sophisticated tools and systems to sniff out fraud. But often cyber criminals have come and gone before their fraud is ever detected. Indeed, fraudsters have developed elaborate schemes to “take the money and run,” disappearing before data analysis reveals the pattern of their swindle.

Catching such criminals in the act—especially those who organize as gangs adept at beating sophisticated security measures—can seem impossible. However, increasing use of graph databases in transactional applications is beginning to make real-time detection of financial con artistry a reality.

Operating “in the now” with graph databases

Databases that incorporate property graph storage and processing engines can help fraud detection units operate in real time, Nixon says. When working with most NoSQL or relational data stores, discovering complex data relationships is too slow and cumbersome a process to work effectively “in the now.” But a graph database stores data based on its relationship to other data, allowing patterns—for example, patterns in the activities of those committing fraud—to be detected more quickly than ever before.

A traditional database, being designed around individual data points within a horizontal and vertical structure, depends on the application layer to connect those data points. In a graph database, however, data and connections are stored together. Accordingly, such databases store not only data points but also data relationships and properties, allowing transactional applications to be imbued with real-time analytics functions.

In the fraud prevention arena, traditional databases can spot a thief’s attempt to charge a stolen credit card number for an irregular amount or from an out-of-the-norm location. Accordingly, professional credit card criminals have learned to charge many small transactions using many credit cards at once—yet, Nixon says, a graph database is adept at detecting exactly this sort of nuanced transaction.

Building on an open source foundation

Many modern database-as-a-service (DBaaS) solutions, IBM Graph among them, are built using open-source software. IBM Graph, for example, relies on Apache TinkerPop 3 and accepts queries made in the Gremlin graph language—both open-source projects. “We are leveraging very well-performing, popular, interesting open-source tech in enterprise-grade solutions,” Nixon says. An open-source platform such Apache TinkerPop, she adds, speeds development and contains an embedded peer review process “where issues get reviewed and fixed immediately.” The openness and transparency that mark the review process encourage high levels of thought leadership and help offer intelligent perspectives while engaging a wide variety of industries in verifying the code’s functionality, she says.

Open source DBaaS technologies such as IBM Graph can permit polyglot persistence, eliminating the need for different persistence tools for each database and thereby simplifying synchronization and data conversion. Thanks to a multi-model approach to graph computing, use cases that require multiple databases and multiple data schemas can be tapped by a single API and queried using a single tool. The most striking benefit offered by this modern approach to cybersecurity, however, is that IBM Graph’s as-a-service approach frees developers do what they do best—develop compelling applications—while leaving database management to data experts.

Learn more about graph computing in this IBM Big Data Hub podcast featuring Kamille Nixon and Jim Kobielus. Also, for more information about IBM Graph, available now on IBM Bluemix, visit this IBM Analytics resource page.