Opportunities and Threat. A reflection on Intergenerational differences, ICT use style and the Red-Queen Hypothesis in Fraud

Opportunities and Threat. A reflection on inter-generational differences, ICT use style and the Red-Queen Hypothesis in Fraud

It goes without saying that information communications technology (ICT) is the tether that in manifold ways holds our society and economy together. I want to reflect on how different generations or social groups may interact with ICT (data Farming) for this post, and the benefits and risks that lay in wait where fraud is concerned here.

Lewis Carol’s Through the looking glass had character who said, “It takes all the running you can do to stay in the same place” This statement and the character that said it inspired what is known as the Red-Queen Hypothesis.  A co-evolutionary theory that addresses biological and competitive systems but has recently found wider application to the business world. In this post I will argue that the interplay fraudsters and their victims is also an organic extension of this metaphor. The Red Queen hypothesis recognizes that organisms constantly adapt, evolve, and proliferate within competitive environments.  Some have likened this dynamic to a biological arms race.  The phrase “it takes all the running you can do to stay in the same place” recognizes that there is a delicate homeostasis or equilibrium that maintains the status quo, regardless of adaptations that may occur within this mutually reinforced dynamic. The more things change the more they stay the same.  I am going to focus on the required need to attend to this granular and important changes in this dynamic

The opportunities and threats borne from the ICT illustrate this metaphor perfectly. Specifically, as this relates to the interplay between fraud protection/prevention and its perpetration. The current technological field of innovations such as mobile banking, near field communication payments, (Apple Pay, G-Pay) as well as the growth of Social Media use is worthy of note.  Depending on one’s communication style and their age, these factors taken together presents a unique profile of risk for the individual.  For example, Millennials who are otherwise known as the “digital natives” are not as averse to online/mobile banking technology as their Baby Boomer counter parts tend to be. While on the surface this may seem prudent to those suspicious of such technologies, this stance widens the response time to potential fraud (real-time transaction monitoring) and it also robs those who forgo mobile/online banking from new innovations in the war against fraud such as remote/mobile credit card locking.

This said younger generations are not let off the hook. The prolific use of social media, and expansion of virtual communities has led to plethora of vectors where seemingly innocuous information can be mined and exploited.  Data farming has become a growing problem, particularly with surveys and games online deceptively designed to extract sensitive information that could be used to access online banking credentials. While everyone is at risk of data farming, I would argue that younger generations more prone to oversharing on social media are more vulnerable.

So how do we address the problem?   Andrew Lo made an elegant illustration and explanation of hedge funds, with regard to how they designed to “hedge” simultaneously against short- and long-term risk. He makes the claim that the hedge fund is the best tool to understand and prepare for uncertainty and shocks in the uncertain financial market as they are mobilized to help an investor prepare for what they anticipate and what they cannot.  I would argue that the same ethos is appropriate for navigating the ever-evolving landscape of fraud.  You might consider yourself savvy and have an elaborate system for managing your online passwords, but are any of them repeated?  Have you considered what can be gleaned from your digital “footprint? Can any of this be used as a back door into your banking, finances or be facilitated in identity theft?    I had a humbling reminder that my own established systems were not as airtight as I thought they were. Google recently provided an update on passwords involved in data breaches to its users. Embarrassingly enough I had many that were repeated. I pride myself on having a complex system of alphanumeric and symbolic password selections, but It is little quirks like this than can render a seemingly secure system absolutely moot.

To emphasize the points I have made here I wanted to share a few examples of the evolution fraud / financial impropriety that have taken shape in this new landscape.  The first involves a massively popular online multiplayer game called Fortnite. The game which is available on multiple gaming consoles (Nintendo Switch, Playstation, Xbox) implements the use of virtual currency to purchase in-game bonuses, upgrades and limited time content. It was recently was discovered that Money launderers have been using stolen credit cards to purchase this in game currency from the game’s digital store and selling these virtual goods on the dark web. (citation) The security firm named Sixgill had agents undercover posing as customers. This operation was able to uncover that this was a global operation taking place in Chinese, Russian, Spanish, Arabic as well as English.

Another recent trend has been the use of a technique called Simjacking. Simjacking is the process by which someone hacks one’s mobile device, allowing them to answer calls meant for the hacked individual. This can usurp and ultimately comprise a critical stage in the fraud confirmation life cycle used by most Financial institution’s fraud centres.

What this all illustrates is the intrepid manner in which fraud operations are changing. It is of utmost importance that we elevate the understanding of our own personal and collective thresholds of risk, given the technologies we engage in and enjoy.

  References  

Casiano, L.  (2019, January 19). ‘Fortnite’ has become a money-laundering paradise.  Retrieved from New York Post:  https://nypost.com/2019/01/18/fortnite-has-become-a-money-laundering-paradise/amp/

A Required Change in our Model Paradigm

The contemporary global environment is markedly different from a generation ago. Where notable threats were at a time easier to determine and track they have become more diffuse, harder to categorize and will require a paradigm shift in our thinking to be dealt with more appropriately and efficiently. I've reflected on this  as the coronavirus spreads seemingly unabated throughout

The globe. Viruses care not about national boarders, they can at times spread through multiple vectors of transmission. They care not if you're rich, poor, black, or white liberal or conservative.

David Detomasi writes

 "...the contemporary strategic environment has been described as one of "no bears, ,but many snakes"  It  is no secret that potential threats in the post Cold War era have multiplied; they now emanate from more diverse sources, ranging from ethnic, civil and regional  conflict to environmental degradation to proliferation of weapons of mass destruction." (Detomasi, 2002, p.51).

 In 2013 I was fortunate to present some of my previous studies on early warning at the International Peace and Security Institute during a Peer to Peer symposium in the Hague Netherlands.  Reflecting on research on early warning for humanitarian emergencies I made the argument that the conventional Cold War Model of Early Warning (in general terms) has become increasingly unfit to model and approach the problems of the modern day. For one, the notion of human security has become increasingly inter-meshed with national security, despite the fact that most world governments maintain and prioritized a dated and rigid consideration of the latter.  Cold War Era politics and military history have cast a long shadow on how the world has approached its problems, and in this blog post I'd like to make the argument that like the human security issues that have flourished in the post-cold war era the complex nature of financial risk and fraud require new modelling and thinking as well.

 The Cold War Early Warning paradigm is heavily influenced by the classical Von Neumann Computing Architecture of Information processing.  This is also called the Physical Symbol System (PSS)

 This architecture for information processing is comprised of the following characteristics

 1.       All Information is coded as symbols

2.       Information is stored in specific locations in memory

3.       Information is transferred to a central processing unit

4.       All operations on coded information are governed by specific rules

5.       All operations are serial (they occur one at a time.)

 With respect to early warning this paradigm fosters several cognitive limits for decision makers reliant upon type of paradigm.

 1.       It promotes "Cognitive Miserliness"

2.       Decision makers who understand the complexity of a given problem will be less likely to choose complex solutions or responses.

3.       Decision Makers will procrastinate until the decision-making deadline

4.       Decision makers are more likely to make short-term decision

  Artificial Neural Nets or Parallel distributed processing offer a far more superior model for complex early warning and preparation.   ANN"s are essentially logic gates with in input layer, hidden layer and output layer

  ANN’s have the following characteristics

1.       Information is coded by pattern of activations throughout the system

2.       Information is stored / distributed throughout the network

3.       No Central Processing Unit (CPU)

4.       There are no rules that can be specified

5.       Activations occur in parallel

 The ANN is superior with respect to  complex information processing because of it's disjunctive / inclusive ("or") Logic operation (at the middle / hidden layer) which affords it a seamless means to parse and differentiate the minutiae of unitary perception. This gives it a way to process features of both a universal and particular nature.

  the Artificial Neural Net has an inherent ability to encode for both enduring knowledge and occurring knowledge.   For example enduring knowledge within the system is manifest by virtue of the connection weights set throughout each level of the logic gates within the ANN. Occurring knowledge however is manifest by the level of activation existing within the network at a given time.  An example of this is the ability to determine female vs male faces in general, and the ability to determine whether a given face encountered at a present time is male or female.

 This model has two features that are critical. The first is semantic parsing, the second is back-propagation. The architecture of parallel distributed processing / ANNs if used to account for risk factors of complex phenomena such as fraud could bypass the obstacle of competing terminologies. Since the units within PDP signal a semantic fact that tend to defy description. (Clark, 2001). Back propagation is the process by which PDP models remember and compare critical thresholds it has encountered. This is paired perfectly to early warning as it would aid in comparative situational awareness especially where similar events are contrasted and accounted for

    References

Best, Richard A., Cumming, Alfred (December 2007). Open Source Intelligence (OSINT): Issues for Congress.

Butler, B (2004) How to Build a Mind: Part 3 Neural Networks. Personal Collection of Brian Butler, Department of Psychology, Queen’s University, Kingston, Ontario Canada

Clark, A. (2001).  Chapter 4 Connectionism. In A. Clark, Mindware An Introduction to the  Philosophy of Cognitive Science (pp. 62-83). New York: Oxford University  Press.

Detomasi, D.  (2002). The New Public Management and Defense Departments: The Canadian Case.  Defense & Security Analysis, 18(1), 51-71.

Powell, R. A.  (2013). Genocide Prevention in Globalized Society. Peer to Peer  Presentation International Peace and Security Institute. The Hague,  Netherlands: International Peace and Security Institute.

Introductory Post

*Disclaimer - Ideas, thoughts, and  resulting suggestions from this blog / blog post are wholly my own, and not representative of mandated by any external organization, individual firm, or group*

Next Submission:  I will be exploring mental / information management models and their relevance to understanding and approaching fraud. Target publication date Friday January 17th 2020