With the proliferation of digitization across business, government and social environments, individuals have become more dependent on their digital identity for social interactions and business engagements. However, this has also resulted in the rise of frauds occurring due to theft of digital identity and impersonation of individuals. Fortunately, it is possible to improve detection of online frauds and secure privacy of user information by leveraging decentralized ledger.
Online frauds often cause loss of money and grief for individuals who are impersonated or whose services are consumed through online frauds. Banks also incur cost in conducting investigation on reported online frauds. Also, there is an impact on customers’ confidence in the banks’ ability to detect and prevent online frauds.
With rapid advancements in technology, fraud detection has become a complex process as impersonators explore various latest technologies. This complex process is led by anomaly detection. There are five layers of anomaly detection build into fraud detection systems –
The capabilities for Layer 4 and 5 can be enhanced by utilizing DID (Decentralized Identifiers) for anomaly detection process. These DID based systems blend well with the existing systems and provide additional benefits like compliance to regulations like GDPR, increased efficiency of the anomaly detection systems and enhanced customer privacy for the financial institutions.
What are DID based anomaly detection systems?
DID systems employ Zero Knowledge Proof process and DID documents saved in the ledger for anomaly detection. Customer identity and spend patterns are converted as DID documents. The DID solution is built on an ecosystem of peers / trusted bodies and customers, all of whom will play the role of issuers, verifiers and holders.
This additional layer of DID based defense will help in:
Prevention: Leveraging DID and identifying patterns unique to a digital transaction in conjunction with the existing fraud detection systems will enable capture of patterns called as Indicators of Fraudulent Transactions (IOFT) and anchor the IOFT in a DID based distributed ledger.
Detection: Leveraging DID allows us to identify if valid proofs are associated with each transaction making use of sophisticated ZKPs (Zero knowledge Proofs) for anomaly prevention.
Revoke: Online transactions will be verified by ZKPs as part of the prevention process and on detection of a fraudulent transaction, the ZKPs will deny the authorization for the transaction thereby revoking the transaction request initiated from the source.
Detection of online frauds using Decentralized Identity Management in a Bank
Courtesy: www.iconfinder.com
Benefits from using decentralized identifiers based solution:
Conclusion:
Utilizing DID improves the capabilities of anomaly detection systems. It will be easy to blend these systems with the existing ones to strengthen prevention process and enhance privacy. The additional layer of security that DID will offer without compromising on consumer privacy is invaluable. However, to make use of the same, enterprises will need to invest in creating an eco-system of trust network among peers as DID is best implemented in a permissioned blockchain network.
Vinod Panicker
Chief Architect- Cybersecurity, Blockchain & open source
Vinod has over 20 years of experience in software development and product architecture. He currently leads the Blockchain Security initiatives for the Cybersecurity practice at Wipro. Vinod is an expert in Decentralized identity, Blockchain security and building open source solutions. He has extensive expertise in open-source and community led tools development, open-source licensing and re-engineering of products.
Sumod Rajan George PMP
Sr. Project Manager, CRS, Wipro
Sumod has over 18 years of experience in software development and has managed various projects and programs for business domains, including retail, finance, healthcare and transportation. He is currently part of the Advanced Security Solutions team with CRS, which develops solutions around Decentralized Identity Management using Blockchain technology.