Trust is the cornerstone of the modern web. Sysadmins and developers have always known that their visitors and customers won’t do business with suspicious apps and websites, and near-constant news of high-profile hacks, fraud and breaches has brought heightened visibility to concerns around online security. The rise of malicious tools powered by artificial intelligence (A.I.) and other cutting-edge technologies, as well as a spike of phishing and cyberattacks that leverage fears over COVID-19, have made it even more critical for websites and platforms to take the steps necessary to earn and preserve trust.
For job sites like Dice, one of the product team’s most important tasks is building and solidifying trust, and they manage it through strategic engineering. For example, the constant threat of bad actors creating fake profiles, creates major issues, not only slowing down the time recruiters need to sift through candidates, but also making it harder for the real candidates to stand out and land their dream jobs. These profiles can be manually removed, but at the rate they are created, that fix would never be sustainable.
Faced with this obstacle and the other new threats that have come with the evolution of technology, the Dice product team chose to complete a foundational revamp of the organization’s data and fraud detection strategy. The new system would incorporate machine learning, reducing the need for human intervention to squish fake profiles and counteract other negative behavior.
In addition to setting Dice up for the future with a modern fraud detection system, our team learned quite a bit along the way, and we wanted to share some of those best practices with you.
Ask the Right Evaluation Questions
Given the complexity of the task, the team spent a lot of time understanding how fraud-detection technology had evolved over the past few years. They wanted a solution that took advantage of the latest and greatest in machine learning and A.I. But when you embrace the cutting edge, you also make your peace with a certain amount of uncertainty; specifically, you never fully know how the system will behave until you plug your own data into it.
When evaluating the potential vendors’ products, the Dice team asked some core questions. First, could a new system support existing business rules? There needed to be enough crossover functionality to ensure the team could continue to function in the “traditional” way while the algorithm was being trained. You can have the most powerful and advanced machine learning/A.I. system in the world, but its usefulness is curtailed if it doesn’t interface well with humans.
Second, the product had to work well with Dice’s existing dataset. Fortunately, the product chosen by the team was backed by a best-in-class machine learning model, so this was not an issue in this particular case. Still, it’s important to ask the question and dig into specifications in this area to avoid issues down the road.
Build as Much Time As Possible Into the Process
The team also knew from the outset that it would need to build as much time as possible into the process. Large integration projects are a complex undertaking, and thus always require more time than anyone is truly comfortable with.
With anything involving machine learning and large datasets, you’re retiring an old system while building a new system and testing the underlying algorithms. Activating your buildout is only the first step; after that, you need to train it, then bring it online in a way so that there’s no gap in coverage. This is quite the challenge even for the most experienced teams, and demands not only a high degree of innovation, but also a willingness to adjust plans and timetables as unexpected events occur.
Trust, But Verify
When implementing the new system, the Dice team needed to get comfortable with its ability to make decisions about fake profiles and other types of fraud. In light of that, the team embraced a “low trust approach,” initially keeping the A.I.’s decisions to a minimum. As the A.I. proved its effectiveness, they allowed the model to take over more and more decisions.
Iterate Through Fraud Detection Problems
With a project like this, iterating through problems as rapidly and thoroughly as possible is a must; the alternative is technical debt, or the system failing to work altogether. Transitioning from one platform to another means ensuring that the platforms speak seamlessly to one another, then making sure the new system doesn’t require a massive step backwards before you can move forward.
Once those tasks are accomplished (whew!), the team can begin iterating and evolving the new system to take advantage of its newer technologies. The new system, like the old one, recognizes the niche behavior and “expert rules” that govern interactions on the Dice platform; it’s very good at recognizing suspicious profiles, behavior, and detecting fake activity, all virtually in real time.
Meanwhile, Dice’s compliance team provides something of a “human touch” here, manually reviewing profiles and providing a constant stream of human judgements to continuously improve the accuracy of the model.
The whole implementation, from start to finish, took around six months. As with any massive project, we found that success lay in giving ourselves as much time as possible to evaluate our options before we started. When working with machine learning, it also pays off to trust gradually, rather than switching over as fast as possible to a new, relatively untested system.