In this article, we will start with a brief overview of risk management. Then we will dive deeper into three different applications, including the GPS moving trip, detection for fake trips, and sequence modeling to classify user behaviors between good users and bad users. Also, we will talk about the knowledge graph machine learning platform.
So for risk management, we know that fraud not only worsens financials but also hurts the user experience. There are different types of fraud
1. Payment fraud
For payment fraud usually, the fraudster will use stolen credit cards to pay for Uber trips. When the real owner of the credit card finds that out, the owner will call the bank to dispute the transaction.
By doing that, Uber has to take all the laws. So to maximize the profit from stolen credit cards, the fraudster will offer agent service trips.
So what is agent service trips Let’s see, if you want to take a trip to San Francisco airports by Uber X and that will cost you $100. Then you can order an agent service trip.
From some, like a website or some chatting rooms, from the fraudster and they will give you a discounted trip at $50 then they will pay for that trip using the stolen credit card. And this is how they can make money and get money out from all the stolen credit cards.
2. Incentive abuse
And for incentive use, they were offered a bonus for both rider promo and drivers if the driver refers some other drivers to be Uber drivers.
And if Driver can finish a certain amount of trips during a certain amount of time, Uber will give extra money.
The fraudsters will leverage all these by creating fake accounts or creating fake trips so that you can get a lot of incentive from Uber.
3. Compromised Accounts
The accounting over the fraudster will hack into Uber driver accounts and rider accounts. They were giving a phishing phone call to drivers to get their password so that they can withdraw all the money from driver accounts.
Fighting this is actually a very difficult task as they’re not fighting with a single individual, but they’re actually fighting with a group of very well organized and high technology, hardworking and smart people. Customer service people working with the chatting rooms to taking the agent service order.
So we will start with the GPS moving trip detection. So everything is about location integrity.
If you are in Uber if you look into the system and you can see there’s a trip going on. But how do you know if this trip is real or fake? The fraudsters can leverage the fake location apps to create fake trips.
I believe you all play with Pokémon Go before and in Pokémon Go you can use a spoofing app to spoof yourself to a location to catch the monster, and people can do the same thing to Uber for payment fraud.
They can create a rider account. Add the stolen credit card as a payment profile. Then they will use the spoofing app to create fake trips for driver accounts.
Then use the right account to pay for their own trip through the driver account by using that stolen credit card.
And the fraudsters can also use the spoofing app to create a bunch of fake trips so that they can boost their total number of trips to meet the requirements in the incentive. And then they can get the extra money from Uber for the incentive.
So how do you detect this?
This is an example of the GPS pulling up.
In this example, you can imagine a fraudster is operating a phone using the rider account to request a trip. And there’s another phone running on a driver account using this account to take the trip.
And he’s also using the GPS, pulling up to spoof the entire location of the trip. You can imagine that the trip is happening over the countertop at home without even occurring actually.
The first technology Uber developed is to leverage all the Uber historical trip data to build the attitude profile all over the world.
So in this example, you can see a real trip. A real trip attitude travels along the earth’s surface. However, a fake trip is flying in the Sky or sometimes travel underground.
And they do the same thing for speed. They developed the speed profile using Uber or the historical trip data for every hour, every day, and all the road segments all over the world.
This is not a big deal for Uber, they are anyways doing in-depth data analysis for optimizing trip booking on Uber Apps long back. And in this example, you can see that for the fake trip, a large percent of the speed as shown in red are abnormal. But for the real trip, this percentage is very small.
This location Integrated Defense task is very complicated, so the data can be from apps, emulators or even bad devices.
The two techniques just described about GPS profiling are app-dependent. However, it has some limitations. If they’re in a certain region there are not a lot of Uber trips, Uber cannot build a solid proof.
So they also leverage another type of profiling like geo-hash, profiling using the information about the trip probability that happened in certain geo location, or the fraudulent signups that happened in a certain geo-hash.
Uber combine this information and cross-check that with other GPS feature in different pieces of information.
For example, the financial loss in a region or the device information, chip, or user-level features. They get all these informtion and send some trips for manual review.
They have a very strong manual review team and they can provide them very good label sites and patterns.
Combining the patterns and labels will build machine learning models for GPS spoofing detection. On the other side, as we mentioned, they already know there are a bunch of GPS moving apps available in the App Store.
What they can do is emulate spoofing apps so that they can augment their data set. And at the same time, they can leverage the deep learning technologies to do anomaly detection and reduce the effort in feature engineering.
These are just a few ways for Uber to be step ahead of the technology fraudsters. But they already have so many swords in their shealth for fraud and anomaly detection. Let us know if you know any of them apart from this one.