Computer-implemented predictive model generation systems and methods

US 7,788,195 B1
Filed: 03/26/2007
Issued: 08/31/2010
Est. Priority Date: 03/24/2006
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method for building a system of predictive models to predict credit card or debit card fraud, comprising:

receiving, using one or more processors, training data including data items from a plurality of accounts;

training a first predictive model using the received training data;

using a partitioning criterion to determine how to partition the training data into partitions, wherein the partitioning criterion is based upon a fraud ranking violation metric;

partitioning the training data into partitions, wherein partitioning includes weighting data items contained in the training data differently based upon how well a data item learns during the training of the first predictive model; and

training additional predictive models using at least one of the partitions of training data in order to generate a second predictive model, wherein training of the additional predictive models optimizes the fraud ranking violation metric, and wherein the first and second predictive models are combined and used to predict credit card or debit card fraud.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods for performing fraud detection. As an example, a system and method can be configured to build a set of predictive models to predict credit card or debit card fraud. A first predictive model is trained using a set of training data. A partitioning criterion is used to determine how to partition the training data into partitions. Another predictive model is trained using at least one of the partitions of training data in order to generate a second predictive model. The predictive models are combined for use in predicting credit card or debit card fraud.

167 Citations

57 Claims

1. A computer-implemented method for building a system of predictive models to predict credit card or debit card fraud, comprising:
- receiving, using one or more processors, training data including data items from a plurality of accounts;
  
  training a first predictive model using the received training data;
  
  using a partitioning criterion to determine how to partition the training data into partitions, wherein the partitioning criterion is based upon a fraud ranking violation metric;
  
  partitioning the training data into partitions, wherein partitioning includes weighting data items contained in the training data differently based upon how well a data item learns during the training of the first predictive model; and
  
  training additional predictive models using at least one of the partitions of training data in order to generate a second predictive model, wherein training of the additional predictive models optimizes the fraud ranking violation metric, and wherein the first and second predictive models are combined and used to predict credit card or debit card fraud.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
- - 2. The method of claim 1, wherein the received training data is an initial training data set.
  - 3. The method of claim 1, wherein the received training data is a data set that has been partitioned from a superset of training data.
  - 4. The method of claim 1, wherein the partitioning of the training data includes partitioning the training data into multiple data subsets.
  - 5. The method of claim 4, wherein the second predictive model is trained using a data subset from the multiple data subsets.
  - 6. The method of claim 5, further comprising:
    - using the partitioning criterion to determine how to partition the data subset that was used to train the second predictive model; and
      
      training a third predictive model using a data subset from the partitioned data subset.
  - 7. The method of claim 1, wherein the first predictive model is trained at the account level;
    - and wherein the first predictive model considers change to compromised state at a transaction level.
  - 8. The method of claim 7, wherein the first predictive model is trained on data examples from multiple accounts, wherein data associated with an account includes a plurality of transactions collected over time, and wherein early transactions in test data associated with an account are associated with a non-fraudulent indicator even though one or more subsequent transactions are associated with a fraudulent indicator.
  - 9. The method of claim 8, wherein the first predictive model is trained at the account level, and wherein early transactions in a fraud episode are more important than later transactions in a fraud episode.
  - 10. The method of claim 9, wherein the first predictive model is trained at the account level, wherein fraud is identified early-on, and wherein more substantial fraud losses are prevented.
  - 11. The method of claim 1, wherein the first and second predictive models are generated from a group of predictive models comprising a neural network model, a decision tree model, or a linear regression model.
  - 12. The method of claim 11, wherein the first predictive model and the second predictive model are the same type of model.
  - 13. The method of claim 11, wherein the first predictive model and the second predictive model are different types of models.
  - 14. The method of claim 1, wherein the first predictive model and second predictive model are combined for use in predicting credit card or debit card fraud by performing a fraud scoring on demand process;
    - and wherein the fraud scoring on demand process includes;
      
      generating a first score on an account-level based upon data regarding a new incremental transaction with respect to an entity,subsequent to the generation of the first score, receiving a trigger that was generated without an incremental transaction having occurred, andin response to the generated trigger, generating a second score for the entity based upon stored past incremental transaction data and upon non-incremental transaction data, wherein the second score is indicative of whether fraud has occurred or not, and wherein the second score is used to determine whether a fraud handling action is performed upon the entity.

15. A computer-implemented method to generate reason information for a fraud score generated by a predictive model, said method comprising:
- storing input data related to financial transactions;
  
  wherein the stored input data are associated with multiple different types of entities;
  
  generating a score based upon data regarding a new incremental transaction with respect to an entity;
  
  generating reason information associated with the score generated for the entity;
  
  wherein the reason information provides reasons for value of the score generated for the entity;
  
  wherein the generating of the reason information is based on fraud risk reason factors;
  
  wherein the fraud risk reason factors were generated by grouping similar fraud risk reason variables together;
  
  whereby the reason information is provided to a user for use in conducting fraud analysis.
- View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33)
- - 16. The method of claim 15, wherein the reason information includes reason codes.
  - 17. The method of claim 16, wherein the reason codes provide directions for an initial investigation or review of a suspect case;
    - wherein the suspect case involves the entity'"'"'s account.
  - 18. The method of claim 16, wherein the reason codes can be generated by rank ordering importance of each reason factor.
  - 19. The method of claim 18, wherein the grouping of similar fraud risk reason variables includes grouping similar fraud risk reason variables together into clusters that are similar in concept.
  - 20. The method of claim 19, wherein principal component analysis is used to determine the clusters of similar fraud risk reason variables that are similar in concept.
  - 21. The method of claim 19, wherein reason codes are not generated based upon individual variables being the reasons for the generated score, thereby avoiding a predetermined number of top reasons being generated that provide the same information.
  - 22. The method of claim 19, wherein a pre-specified configuration number is provided to determine the number of clusters of the fraud risk reason factors.
  - 23. The method of claim 19, wherein at least one of the variable groupings was manually determined.
  - 24. The method of claim 23, wherein performance of how well a reason code explains a fraud score includes reviewing frequency of the reason code, manual review of validity of the reason code, or combinations thereof.
  - 25. The method of claim 19, wherein a user-friendly description is associated with a risk reason factor cluster.
  - 26. The method of claim 16, wherein the reason codes are used with a fraud scoring on demand process;
    - wherein the fraud scoring on demand process includes;
      
      generating a first score on an account-level based upon data regarding a new incremental transaction with respect to an entity;
      
      subsequent to the generation of the first score, receiving a trigger that was generated without an incremental transaction having occurred;
      
      in response to the generated trigger, generating a second score for the entity based upon stored past incremental transaction data and upon non-incremental transaction data;
      
      wherein the generated second score is indicative of whether fraud has occurred or not;
      
      whereby the second score is used to determine whether a fraud handling action is to be performed upon the entity;
      
      wherein the reason codes are used to explain the first and second scores.
  - 27. The method of claim 26, wherein the trigger is provided based upon a passage of time and not based upon whether an incremental transaction has occurred or not.
  - 28. The method of claim 26, wherein the trigger is provided based upon a passage of time and not based upon whether an incremental transaction has occurred or not, thereby allowing action to be taken earlier and in a more effective manner for addressing fraudulent activity.
  - 29. The method of claim 26, wherein a monitoring process generates the trigger at a predetermined time interval.
  - 30. The method of claim 29, wherein the second score generated in response to the trigger is different from the first score based only upon the passage of time.
  - 31. The method of claim 30, wherein an incremental transaction for the account was not received for the entity during said passage of time.
  - 32. The method of claim 15, wherein the predictive model is a neural network model.
  - 33. The method of claim 15, wherein the predictive model is selected from a group comprising a neural network model, a decision tree model, a linear regression model, or combinations thereof.

34. A computer-implemented system to generate reason information for a fraud score generated by a predictive model, said method comprising:
- financial transaction data store to store input data related to financial transactions;
  
  wherein the stored input data are associated with multiple different types of entities;
  
  score generation software instructions to generate a score based upon data regarding a new incremental transaction with respect to an entity;
  
  reason generation software instructions to generate reason information associated with the score generated for the entity;
  
  wherein the reason information provides reasons for value of the score generated for the entity;
  
  wherein the generating of the reason information is based on fraud risk reason factors;
  
  wherein the fraud risk reason factors were generated by grouping similar fraud risk reason variables together;
  
  whereby the reason information is provided to a user for use in conducting fraud analysis.

35. A computer-implemented method for building a system of predictive models to predict credit card or debit card fraud, comprising:
- receiving, using one or more processors, training data including data items from a plurality of accounts;
  
  training a first predictive model using the received training data, wherein the first predictive model is trained at the account level; and
  
  wherein the first predictive model considers change to compromised state at a transaction level;
  
  using a partitioning criterion to determine how to partition the training data into partitions, wherein the partitioning criterion is based upon a fraud ranking violation metric; and
  
  training additional predictive models using at least one of the partitions of training data in order to generate a second predictive model, wherein training of the additional predictive models optimizes the fraud ranking violation metric, and wherein the first and second predictive models are combined and used to predict credit card or debit card fraud.
- View Dependent Claims (36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48)
- - 36. The method of claim 35, wherein the received training data is an initial training data set.
  - 37. The method of claim 35, wherein the received training data is a data set that has been partitioned from a superset of training data.
  - 38. The method of claim 35, further comprising:
    - partitioning the training data, wherein partitioning the training data includes weighting data items contained in the training data differently based upon how well a data item learns during training.
  - 39. The method of claim 35, further comprising:
    - partitioning the training data, wherein partitioning of the training data includes partitioning the training data into multiple data subsets.
  - 40. The method of claim 39, wherein the second predictive model is trained using a data subset from the multiple data subsets.
  - 41. The method of claim 40, further comprising:
    - using the partitioning criterion to determine how to partition the data subset that was used to train the second predictive model; and
      
      training a third predictive model using a data subset from the partitioned data subset.
  - 42. The method of claim 35, further comprising:
    - partitioning the training data, wherein partitioning the training data is based upon the fraud ranking violation metric.
  - 43. The method of claim 35, wherein the first predictive model is trained on data examples from multiple accounts, wherein data associated with an account includes a plurality of transactions collected over time, and wherein early transactions in test data associated with an account are associated with a non-fraudulent indicator.
  - 44. The method of claim 43, wherein the first predictive model is trained at the account level, and wherein early transactions in a fraud episode are more important than later transactions in a fraud episode.
  - 45. The method of claim 44, wherein the first predictive model is trained at the account level, wherein fraud is identified early-on, and wherein more substantial fraud losses are prevented.
  - 46. The method of claim 35, wherein the first and second predictive models are generated from a group of predictive models comprising a neural network model, a decision tree model, or a linear regression model.
  - 47. The method of claim 46, wherein the first predictive model and the second predictive model are the same type of model.
  - 48. The method of claim 46, wherein the first predictive model and the second predictive model are different types of models.

49. A computer-implemented method for building a system of predictive models to predict credit card or debit card fraud, comprising:
- receiving, using one or more processors, training data including data items from a plurality of accounts;
  
  training a first predictive model using the received training data;
  
  using a partitioning criterion to determine how to partition the training data into partitions, wherein the partitioning criterion is based upon a fraud ranking violation metric;
  
  partitioning the training data into partitions, wherein partitioning includes partitioning the training data into multiple data subsets; and
  
  training additional predictive models using at least one of the partitions of training data in order to generate a second predictive model, wherein training of the additional predictive models optimizes the fraud ranking violation metric, and wherein the first and second predictive models are combined and used to predict credit card or debit card fraud.
- View Dependent Claims (50, 51)
- - 50. The method of claim 49, wherein the second predictive model is trained using a data subset from the multiple data subsets.
  - 51. The method of claim 50, further comprising:
    - using the partitioning criterion to determine how to partition the data subset that was used to train the second predictive model; and
      
      training a third predictive model using a data subset from the partitioned data subset.

52. A computer-implemented method for building a system of predictive models to predict credit card or debit card fraud, comprising:
- receiving, using one or more processors, training data including data items from a plurality of accounts;
  
  training a first predictive model using the received training data;
  
  using a partitioning criterion to determine how to partition the training data into partitions, wherein the partitioning criterion is based upon a fraud ranking violation metric;
  
  partitioning the training data into partitions, wherein partitioning is based upon the fraud ranking violation metric; and
  
  training additional predictive models using at least one of the partitions of training data in order to generate a second predictive model, wherein training of the additional predictive models optimizes the fraud ranking violation metric, and wherein the first and second predictive models are combined and used to predict credit card or debit card fraud.

53. A computer-implemented method for building a system of predictive models to predict credit card or debit card fraud, comprising:
- receiving, using one or more processors, training data including data items from a plurality of accounts;
  
  training a first predictive model using the received training data;
  
  using a partitioning criterion to determine how to partition the training data into partitions, wherein the partitioning criterion is based upon a fraud ranking violation metric;
  
  training additional predictive models using at least one of the partitions of training data in order to generate a second predictive model, wherein training of the additional predictive models optimizes the fraud ranking violation metric; and
  
  combining the first predictive model and second predictive models, wherein the combination is used to predict credit card or debit card fraud by performing a fraud scoring on demand process including;
  
  generating a first score on an account-level based upon data regarding a new incremental transaction with respect to an entity,subsequent to the generation of the first score, receiving a trigger that was generated without an incremental transaction having occurred, andin response to the generated trigger, generating a second score for the entity based upon stored past incremental transaction data and upon non-incremental transaction data, wherein the second score is indicative of whether fraud has occurred or not, and wherein the second score is used to determine whether a fraud handling action is performed upon the entity.

54. A system, comprising:
- one or more processors;
  
  one or more computer-readable storage mediums containing instructions configured to cause the one or more processors to perform operations including;
  
  receiving training data including data items from a plurality of accounts;
  
  training a first predictive model using the received training data;
  
  using a partitioning criterion to determine how to partition the training data into partitions, wherein the partitioning criterion is based upon a fraud ranking violation metric;
  
  partitioning the training data into partitions, wherein partitioning includes weighting data items contained in the training data differently based upon how well a data item learns during the training of the first predictive model; and
  
  training additional predictive models using at least one of the partitions of training data in order to generate a second predictive model, wherein training of the additional predictive models optimizes the fraud ranking violation metric, and wherein the first and second predictive models are combined and used to predict credit card or debit card fraud.

55. A computer-program product, tangibly embodied in a machine-readable storage medium, including instructions operable to cause a data processing apparatus to:
- receive training data including data items from a plurality of accounts;
  
  train a first predictive model using the received training data;
  
  use a partitioning criterion to determine how to partition the training data into partitions, wherein the partitioning criterion is based upon a fraud ranking violation metric;
  
  partition the training data into partitions, wherein partitioning includes weighting data items contained in the training data differently based upon how well a data item learns during the training of the first predictive model; and
  
  train additional predictive models using at least one of the partitions of training data in order to generate a second predictive model, wherein training of the additional predictive models optimizes the fraud ranking violation metric, and wherein the first and second predictive models are combined and used to predict credit card or debit card fraud.

56. A system, comprising:
- one or more processors;
  
  one or more computer-readable storage mediums containing instructions configured to cause the one or more processors to perform operations including;
  
  receiving training data including data items from a plurality of accounts;
  
  training a first predictive model using the received training data, wherein the first predictive model is trained at the account level; and
  
  wherein the first predictive model considers change to compromised state at a transaction level;
  
  using a partitioning criterion to determine how to partition the training data into partitions, wherein the partitioning criterion is based upon a fraud ranking violation metric; and
  
  training additional predictive models using at least one of the partitions of training data in order to generate a second predictive model, wherein training of the additional predictive models optimizes the fraud ranking violation metric, and wherein the first and second predictive models are combined and used to predict credit card or debit card fraud.

57. A computer-program product, tangibly embodied in a machine-readable storage medium, including instructions operable to cause a data processing apparatus to:
- receive training data including data items from a plurality of accounts;
  
  train a first predictive model using the received training data, wherein the first predictive model is trained at the account level; and
  
  wherein the first predictive model considers change to compromised state at a transaction level;
  
  use a partitioning criterion to determine how to partition the training data into partitions, wherein the partitioning criterion is based upon a fraud ranking violation metric; and
  
  train additional predictive models using at least one of the partitions of training data in order to generate a second predictive model, wherein training of the additional predictive models optimizes the fraud ranking violation metric, and wherein the first and second predictive models are combined and used to predict credit card or debit card fraud.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
SAS Institute Incorporated
Original Assignee
SAS Institute Incorporated
Inventors
Chen, Chao-Wen (Kevin), Luk, Ho Ming, Dulany, Paul C., Drossu, Radu, Subramanian, Revathi
Primary Examiner(s)
HOLMES, MICHAEL B

Application Number

US11/691,260
Time in Patent Office

1,254 Days
Field of Search

706/20
US Class Current

706/20
CPC Class Codes

G06N 20/00 Machine learning

Computer-implemented predictive model generation systems and methods

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

167 Citations

57 Claims

Specification

Solutions

Use Cases

Quick Links

Computer-implemented predictive model generation systems and methods

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

167 Citations

57 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links