In the digital age, mobile apps have become a common platform for businesses and users to carry out real-money transactions. However, this convenience has also opened up new avenues for fraudsters to exploit. A 2022 survey by Forrester Consulting, commissioned by Grab, revealed that 7 out of 10 businesses experienced online fraud within the past year. The survey involved 600 businesses across Southeast Asia.
As a superapp deeply integrated into the daily lives of its users, Grab is well aware of the potential risks. To combat this, Grab built its own anti-fraud technology to safeguard its platform. Encouraged by the results, the team externalised the solution as an enterprise product under the name GrabDefence.This solution has been adopted by many other digital platforms seeking specialised anti-fraud technology.
During Grab’s earlier years, mobile-first digital platforms were a new phenomenon and exploits by fraudsters were less common. As the company grew rapidly, around 2015, “we started to see more issues,” says Vincent Raj, Head of Risk Solutions at Grab.
Initially, Grab relied on third-party services for fraud prevention, but these weren’t tailored for the diverse fraud types Grab was facing in Southeast Asia, such as abuse of promotions and incentives, account takeovers, and payment frauds.
It became clear that internal Grab teams had the data and insights to build solutions for protecting the platform, says Puneet Gambhir, Head of Risk at Grab This resulted in Grab investing more systematically in its own anti-fraud tech. In less than four years, this tech was fully built with tremendous reduction in all fraud risks. By 2020, Grab’s anti-fraud platform was mature enough to be tapped into by other companies and became known as GrabDefence.
GrabDefence works from multiple angles to identify, prevent, and manage digital fraud as it occurs in real-time.
One method to assess risk is through a GrabDefence solution called Device Intelligence, which can uniquely identify devices used to access a platform, based on Identifiers like time zone, browser version, and operating system.
Based on such attributes, Device Intelligence can accurately detect devices with high risk profiles, for example if they appear to have been modified or tampered with. This helps identify bad actors.
Similarly, using artificial intelligence (AI) and machine learning (ML) capabilities, GrabDefence can analyse a users’ patterns with regards to their activity on the platform and detect anomalies. One such algorithm is to detect users who manipulate their GPS location using fake GPS apps or other spoofing techniques. By comparing real-time signals from the telemetry, device sensors, cell-towers, and so on against historical user behaviour, the algorithm can flag suspicious deviations.
If GrabDefence’s AI models detect anomalies, they trigger actions through its Risk Orchestration Engine. It identifies and flags high-risk activities and from there, takes steps to mitigate—such as, for instance, disabling fraudulent accounts. Another method is to execute a Biometric Verification, which could require a driver- or delivery partner to log into their account with a digital fingerprint. When a login attempt is identified as being high-risk, it then triggers additional verification methods such as facial recognition.
Another example is the use of Graph Network technology. Vast amounts of data including account IDs, devices, IP addresses, are mapped, resulting in a complex graph structure which can reveal hidden relationships between seemingly unrelated entities. For example, if small amounts of money are repeatedly funnelled through the same group of entities, this could indicate a money laundering network. GrabDefence makes use of graphs to detect fraud, and Grab also collaborates with academic research to make graph-based fraud analysis even more effective.
All these techniques work together to make it harder to commit fraudulent transactions.
Using the millions of transactions and vast amounts of data GrabDefence processes daily—up to 40TB in SEA alone—GrabDefence is able to train its system to learn and stay ahead of fraudulent activities.
This gives it a unique advantage over off-the-shelf anti-fraud solutions in Southeast Asia.
Among the other digital giants in Southeast Asia who have adopted GrabDefence solutions to protect their platforms is Indonesia-based digital wallet and payment platform OVO—a close partner of Grab’s and as of 2022 acquired by Grab.
According to OVO, its previous solutions gave a response time of almost one day when fraud was detected, allowing fraudsters a large window to profit from their actions. GrabDefence was able to introduce real-time detection and prevention. The solution resulted in savings of up to 1 million USD a month for OVO that would otherwise have been lost to fraud, in addition to increased trust in the platform due to lower rates of exploitation These findings are summarised in a case study published by GrabDefence.
Today, many fintech platforms in the region use GrabDefence to bolster their anti-fraud capabilities, among them P2P lender Julo and investment app Nanovest from Indonesia, and Vietnamese mobile wallet Momo.
In fact, when GrabDefence’s Fraud Research and Insights team finds out about new fraud methods deployed against other companies, it alerts the businesses it works with. This speaks to the ability of GrabDefence’s capabilities and Grab’s overall goal to reduce the rate of fraud in the industry to ensure businesses and users can go about their days trusting the platforms they rely on.
GrabDefence continuously works to improve the efficiency of its technology and AI models, and to provide these capabilities to a wider range of external platforms including digital banks, fintechs, lending and ecommerce.
3 Media Close,
Singapore 138498
GrabFood delivery-partner, Thailand
GrabFood delivery-partner, Thailand
COVID-19 has dealt an unprecedented blow to the tourism industry, affecting the livelihoods of millions of workers. One of them was Komsan, an assistant chef in a luxury hotel based in the Srinakarin area.
As the number of tourists at the hotel plunged, he decided to sign up as a GrabFood delivery-partner to earn an alternative income. Soon after, the hotel ceased operations.
Komsan has viewed this change through an optimistic lens, calling it the perfect opportunity for him to embark on a fresh journey after his previous job. Aside from GrabFood deliveries, he now also picks up GrabExpress jobs. It can get tiring, having to shuttle between different locations, but Komsan finds it exciting. And mostly, he’s glad to get his income back on track.