Latest News

Weaponsmith. Problem Predictor. Behavioralist.

The Director of IBM Global CTO Safer Payments, Constantin von Altrock is a pioneering inventor and global expert in payment fraud prevention. He joined IBM in 2015 as part of the acquisition of IRIS Analytics. Von Altrock, was selected to be part of the Industry Academy’s inaugural class of Distinguished Industry Leaders, prestigious thinkers who are globally recognized for their industry-transforming work and leadership.
 

As someone who works in the field of payment fraud you’re probably working around-the-clock, right?

Think of us as the weaponsmiths. Protecting businesses from fraud is a 24/7 business, and part of what we do is provide the equipment, the technology, and the expertise for fighting fraud. In many ways we are on the front lines, right alongside the security teams inside banks and other businesses. We have to be there 24/7 if something goes wrong or if we pick up a new fraud pattern, making sure our tools for fraud fighting stay sharp and effective.

You're at a dinner party and someone asks you the age-old dreaded question: "What do you do for work?"

I usually respond with something evasive like, 'I'm paid to have way more fun than I deserve.' I'm a long-term startup guy, and this is the first time I've been with a company of this size. I came here by selling my business to IBM, and I've stayed because there are many ‘start up’ attributes at IBM. Finding innovative ways to tackle payment fraud is something that is growing and never gets boring. For any economy to work, and therefore any society to prosper, you need reliable payment systems.

So how do you approach building the best, safest way to pay for things in an increasingly digitized economy?

There’s a simple analogy I’ve heard that borrows from life in Sweden. In Sweden, alcohol is taxed through the roof, it's extraordinarily expensive. But in every small Swedish village you'll always find two things: a liquor store and a bank. One of these buildings is heavily armored and the other is not, and the heavily armored one is the liquor store. You have a window with bars, you tell a clerk what you want, they'll keep it out of reach until you pay for it. The amount of theft you could do in such a shop is zero, but the shopping experience sucks. It is zero fun to shop there.

Throughout history, it's the most convenient and affordable systems that win. Merchants want to give a good shopping experience but also ensure that they're not robbed, so they find a good compromise through experimentation and experience. This makes what IBM is doing so important. We don’t just offer clients another security feature—another fingerprint, another eye scan, another password. What we're doing is finding patterns and offering innovation.

What do you mean when you talk about finding patterns?

We’re constantly asking: Is it unusual for a particular consumer to order five flat screen televisions on Amazon to be shipped to Nigeria? Or is it more probable that a bad actor somehow got a person’s credit card credentials and is committing fraud? We find out what's usual for you and what's not.

The tough part is that, as humans, we constantly try new things. Our systems have to be quite clever. They have to anticipate that, 'Okay, this person has never done this, but it's also not close to known fraud patterns, so we probably shouldn't stop and disturb what they are doing.' These are the types of intelligence systems that we at IBM are building.

Let’s say someone is on Amazon, but instead of a book they’re looking to buy something far outside their normal areas of interest. How difficult is it to train a machine to not raise an eyebrow in that circumstance?

This is where we get exceptionally good results. Let me put it this way: In the past, fraud prevention systems were looking at normal customer behavior, and when something abnormal happened, BOOM, there was a check or a decline. And this is very annoying in a world where people do new things all the time. This is why it’s helpful to measure normal patterns against what we know is criminal behavior. We’ve developed technology that’s very good at contextualizing consumer behavior to address this very issue.

Does your work impact how you pay for things, personally?

Because of my job people often expect that I’m paying for things in the safest way possible. But in reality, I’m always trying to pressure test the system. I use all types of payment systems, sometimes at some of the most unusual places I can find. Part of our job is to think like criminals, to find holes in the system. It’s amazing how much creative energy bad actors have. They constantly come up with new schemes, so we have to be just as creative to protect the system.

How has the pandemic impacted your area of work?

The pandemic definitely presented opportunities to commit fraud. We noticed an uptick in activity when people started receiving their government stimulus checks. And then when people began getting vaccinated there were cases of people forging documentation showing proof of vaccination.

The good news is that IBM has spent decades innovating the landscape of digital payments to make it adaptable and secure. And in regard to vaccinations, we’ve used open technology to develop digital health pass technology that protects the authenticity of people’s information.

The world has increasingly embraced the digitization of payments. How do you and your team keep up?

On a worldwide scale, there is no other technology company like IBM, which has such a huge footprint in the actual payment machinery and the trust of so many organizations in both the private and public sectors. I mean, if you step into the proverbial engine room and see all the machines that process trillions of payments every year, there is no other company akin to IBM. We have strong partnerships with banks and payment companies, and so we’re the trusted partner for protecting those trillions of transactions. This is the kind of business IBM has been in for decades.

And now IBM has named you as one of its six people in its inaugural class of Distinguished Industry Leaders. That must feel pretty cool?

It absolutely does, and in hindsight, I feel this role was created for people like me. By training I'm an engineer, but I've always been fascinated by the human factor and the creativity of crime. By understanding the business problems that our clients have, I’ve been able to help build tools for thwarting bad actors. A business can have a great security strategy, but they’ll need innovative technologies to ensure those strategies can be realized. It’s an honor to be recognized for that work.