Secure Open Banking Payments: How Trustly uses Machine Learning to prevent fraud

Have you ever wondered how Trustly leads the way in Pay by Bank? Today, we're pulling back the curtain and giving you an exclusive look at the technology that makes it all possible. Our Machine Learning (ML) Engineer, Gustavo Polleti, takes over The Trustly Blog to reveal the secrets behind our success.

Our proprietary fraud prevention system leverages data from over 99% of North American financial institutions, providing unparalleled insights into transaction patterns and risk factors. However, the Pay by Bank landscape presents unique challenges. Connections with third-party banks can be unpredictable, and accessing real-time data isn't always guaranteed.

That’s why Trustly incorporates "smart safety guardrails" to ensure its security. Our ML models are designed to gracefully handle potential disruptions, such as delayed connections or outdated information. We also employ dependable fallback strategies to maintain security even when faced with unexpected failures.

Why fallback strategies are essential for secure Open Banking Payments

ML is crucial in real-time risk mitigation for financial institutions. But what happens when these ML systems encounter unexpected failures or data disruptions? That's where fallback strategies become essential.

Fallback strategies ensure that operations continue seamlessly, even during system outages or data delays. Consider the potential consequences of an ML system failure: a fraudulent transaction might be approved, or a risky loan might be granted. These errors can severely harm a financial institution, both financially and in its reputation.

Reliance on Open Banking data also amplifies the challenge. Many modern ML systems depend on this data for accurate risk assessment. However, relying on external data sources introduces potential vulnerabilities. For example, the risk assessment process could be compromised if a financial institution providing Open Banking data experiences an outage.

To mitigate this risk, robust fallback strategies are essential. These strategies ensure that risk evaluations remain reliable and effective, even when faced with data disruptions or system failures. This helps prevent fraudsters from exploiting potential vulnerabilities and protects financial institutions from significant losses.

Trustly's Hierarchical Fallback Architecture: A multi-layered approach to security

Trustly employs a sophisticated, multi-layered fallback architecture to ensure the resilience and reliability of our ML-powered risk assessment system. This architecture, illustrated in Figure 1, comprises a main model and additional fallback steps to handle various failure scenarios.

Data Provider Outage Fallback: Maintaining accuracy 

Trustly maintains a dedicated model version designed explicitly as a fallback for each critical data source group in case of data provider failure. This approach guarantees that the system always uses the best available model version to make risk assessments, minimizing the impact of data disruptions.

The first layer of defense addresses situations where input data is missing due to a data provider outage. In these cases, the system automatically switches to a similar ML model trained without the potentially absent data. This ensures that risk assessments remain accurate and effective, even with incomplete information.

‍

Redundancy and Retry Policies: Enhancing resilience in real-time risk assessment

The second layer of Trustly's fallback architecture focuses on redundancy optimization and retry policies. This approach enhances the system's resilience by mitigating issues caused by momentary service unavailability or latency spikes, which are common challenges in real-time data environments.

When the primary ML model is unavailable or experiencing delays, the system automatically attempts to retry the operation. This retry policy considers various factors, including transaction information, the probability of subsequent failures, and the additional time required for risk analysis.

Trustly's system intelligently manages retries to ensure that temporary disruptions do not compromise risk assessment accuracy. This approach uses the primary ML model whenever possible, maximizing its effectiveness and minimizing reliance on fallback models.

Client-Side Fallback Model: Ensuring functionality even in worst-case scenarios

The final layer of Trustly's fallback architecture is the Client-Side Fallback Model. This model acts as a last line of defense, ensuring that risk assessments can still be performed even when all other systems are unavailable.

Trustly's architecture has a main software application that orchestrates calls to each independent model service, the main model, and its fallbacks. For example, if the model services are unavailable due to infrastructure outages, we have a client-side fallback embedded in the main software application. So, this client-side fallback will always be available because it is part of the main software application itself.

This model utilizes fewer data sources, reducing the memory required for execution–ensuring the model can operate effectively even under extreme conditions, such as widespread system outages or severe data limitations.

Trustly's Pioneering Research on Machine Learning Safety

Trustly is a pioneer in developing safe and reliable machine-learning systems for Open Banking Payments. Our innovative approach sets an industry benchmark for security and fosters research and advancement in the field. We're committed to sharing our knowledge and expertise with the broader community. 

Our latest research details Trustly's Hierarchical Fallback Architecture and how it ensures the resilience and dependability of our ML-powered risk assessment system–even in the face of unexpected disruptions or data limitations.

Trustly provides our clients with a secure and reliable Open Banking Payment experience. We achieve this by combining a comprehensive knowledge base with advanced ML models to combat fraud and financial crimes. To learn more, connect with our team here. 

‍