How PayPal Protects Billions of TransactionsPayPal's Guru Bhat on How the Self-Learning Fraud Prevention Engine Works
How does PayPal, one of the world's largest internet payment companies with over 203 million active users, maintain a fraud loss rate of just 0.32 percent? Guru Bhat, PayPal's general manager of technology and head of engineering, says it comes down to a combination of sophisticated automation, machine learning, and human insight.
In an in-depth interview with Information Security Media Group, Bhat shares what it takes to create an effective self-learning model that leverages machine learning to track and mitigate fraud, and how it is supported by a team of over 2000 risk analysts .
In the first quarter of 2017 alone, PayPal, which operates in over 200 countries, handled 1.2 billion transactions, processing close to $12,500 every second. As a result, PayPal has an extremely large volume of transaction data that's leveraged by its fraud engine to constantly teach itself evolving fraud patterns and detect anomalies, he says.
"With each interaction we learn something new, which then gets fed into our risk models that iteratively start getting better and better," he says. "The sheer volume and scale at which we operate ends up being to our advantage.... There are certain patterns that are not unique to any part of the world and are applicable globally, which is why when we have perfected our risk model from findings in one part of the world, we find that they are immediately applicable to other parts of the world as well."
The fraud prevention engine analyzes and correlate thousands of learned parameters automatically to detect fraud within seconds, Bhat claims. But risk analysts still play an extremely valuable role in fighting fraud, he stresses (see: Tapping Analytics In CyberSec, Fraud).
"On top of the insights and analytics that can be gleaned through computational means, human insight is extremely valuable," he says. "The corner-cases and outliers missed by the engine is where this human insight goes a long way in exponentially improving the quality of insight from the data, and improving the algorithms ten-fold or a hundred-fold," he explains.
In this interview (see audio player link below photo), Bhat discusses:
- Striking a balance between automation and human intervention in fighting fraud;
- Details of universal fraud trends that PayPal's engine is seeing across the globe;
- The dynamic between the cyber risk and fraud functions at Paypal.
Bhat joined PayPal in 2015 as the general manager of the Chennai technology center in India. He currently leads the technology centers in Bangalore and Chennai and is the global engineering leader for PayPal's Transaction Orchestration Platform organization. Bhat, who has more than 19 years of experience in the technology sector, is responsible for driving PayPal's technology strategy in Chennai and Bangalore, whose technologists are part of a global team that drives software development initiatives that enhance and expand PayPal's global payments platform. He previously worked at Ericsson, Sun Microsystems, Oracle, SAP and Serus Corp.
Editor's note: At the time of publishing, the figure for PayPal's fraud loss rate has been further updated to 0.28 percent.