Connecting Crimes: Six Degrees of Separation in Fraud Detection

May 17, 2024
Alex Faivusovich
Head of Fraud Risk

Kevin Bacon might be connected to any Hollywood star within six connections, but when it comes to financial services, fraudsters might have an even closer connection - a concept that can be powerful in identifying fraud.

In this post, we explore how linking entities within a network reflects the concept of “Six Degrees of Separation” and how it can be a game-changer in detecting sophisticated fraud schemes. 

Detecting Fraud Through Matching the Right Precision Data

This is our eighth installment in Fraud Files, our blog series that shares unique insights based on data from over 4.05B events on the Unit21 platform. We recently explored the power of precision data points and matching the right data in detecting and fighting fraud. Some recent posts include:


(Read our entire Fraud Files series here.

Fraud Rings and Behavioral Patterns of Linked Entities

We have examined how combining the right precision data points can lead to exponential increases in true positive rates. Now, we can see how combining the right number of entities linked to specific data points can reflect a larger behavioral pattern where fraudulent activities are more common among groups of linked entities.

In fraud detection, we often see fraudulent activities more likely occurring within interconnected groups or individuals. These connections are commonly known as “fraud rings.” They allow fraudsters to leverage complex networks of relationships and share resources to commit fraud on a larger scale and execute schemes that would be more difficult to detect than if conducted individually. Fraud rings can come in all shapes and sizes, consisting of just a few - perhaps six! - or thousands of people, all of whom can have different skill sets. As a result, fraud rings can target many different types of entities, operating online, offline, or both.

Analyzing behavioral patterns across linked entities allows fraud detection systems to uncover subtle, coordinated activities and is a powerful tool for identifying fraud rings.

The Implications of Behavioral Analysis

We can see the impact of this type of analysis when examining a table showing Graph-Based Rules and matches with different numbers of entities. There is a high true positive rate for matches involving more linked entities. Some of these matches are a big red flag for potential fraud.

Look at how the rates increase for addresses and the number of links, for example. One link (i.e., two entities) matched to the same address shows a rate of true positives of almost 27%. But with five links matching with the same address (i.e., six entities), the true positive rate increases to 99.98%! Our apologies to Mr. Bacon, but in this case, the six degrees of separation lead us to an almost 100% true positive rate. 

This makes sense logically. Two users linked to the same address don't usually present a super-high risk of fraudulent activity (in this case, 26.88%); six users linked to the same address do.

This is true for many other data points matched to different numbers of entities: four entities linked to one payment method have a 95.00% true positive rate. Two entities linked to a phone number show a 12.60% true positive rate, which soars when there are eight and 11 entities matched to it, at 99.22% and 100.00%, respectively. Again, this trend strongly suggests fraudulent activity, as it's highly improbable to have four legitimate users sharing the same payment method or more than three legitimate users with the same phone number.

Many fraud rings will use the same information repeatedly on different accounts, devices, and transactions—such as personal information, financial credentials, device fingerprints, and IP addresses—so it’s crucial to be able to identify these connections, understand what they mean, and then take action. 

Beyond Six Degrees: The Point of Diminishing Returns

While the increase in linked entities generally improves true positive rates (as evidenced in higher true positive rates), there is a point where additional links may not provide extra value. Our data shows that once nine links are reached, there is a point where the additional value of linking entities tends to decrease. The point here is to ideally detect fraud as soon as possible, i.e., seeking the minimum threshold that reveals a fraud ring. There is a risk of adding more noise than value - obscuring rather than clarifying key fraud indicators. The threshold can vary based on the context and specific algorithms used in the fraud detection system. 

This is why it’s so important to balance the depth of link analysis and the clarity of insights gained from Graph-Based Rules. These allow risk teams to build rules based on entity links, visually uncovering connections and proactively detecting accounts linked in suspicious ways (instead of focusing on individual transactions or activities). They can be applied to myriad use cases, from ban evasion to fraud-ring detection.

The Takeaway

The idea of six degrees of separation existed long before Kevin Bacon’s relationship with Hollywood. An article from Harvard Business Review found that it is a small world, after all, and the principles that account for the six degrees of separation can apply to networks beyond social and Hollywood movie star ones. Unfortunately, those networks can include fraud rings. Fortunately, link analysis helps risk teams identify and block them.

It’s important to remember, though, that just because the data exists doesn’t mean it is always helpful. Relying on overly complex link networks can make it difficult to extract actionable intelligence. It’s all about finding the right equilibrium between entity connection analysis and powerful Graph-Based Rules insights.

To learn more about Graph-Based Rules, watch our webinar.

Subscribe to our Blog!

Please fill out the form below:

Related Articles

Getting started is easy

See first-hand how Unit21
can help bolster your risk & compliance operations