How Grab is using Kafka in fraud detection

When Grab first built its technology stack for fraud detection and prevention, the in-house software was intertwined with internal systems, making it difficult to achieve interoperability if it were to open it up to partners such as e-commerce and financial technology (fintech) firms.

So, before it launched Grab Defence, as the technology stack is now called, it started looking out for what it calls “universal adapters”, a class of service providers that offers the technology pieces it needs to plug into other technology stacks.

One such technology is Apache Kafka, an open-source software platform for event streaming, the practice of capturing data in real-time from databases, sensors, mobile devices, cloud services and software applications in the form of streams of events to be processed and acted upon.

For Grab Defence, Kafka is being used to ingest event streams from its mobile software development kits (SDKs) and client backends to pick up fraudulent behaviour, said Wui Ngiap Foo, head of technology at Grab.

Speaking at the recent Kafka Summit in Asia-Pacific, Foo said the event streams, comprising data such as device fingerprinting signals, are fed into Apache Flink or Spark for feature engineering, and later into machine learning and deep learning models.

Grab worked with Confluent, a commercial Kafka vendor, to implement the technology through Confluent Cloud, a managed service which Foo said has been “working well out of the box”.

“We serve a suite of fintech companies that have very strict regulatory requirements around data privacy and data separation,” Foo said. “Kafka was able to help us to achieve data isolation, fostering events like sign-ups, logins and transactions – and you can imagine why this data is super sensitive to fintechs and banks.”

At the same time, Grab has built self-service options to provide easier access to Kafka for developers and other teams. Foo said its developers now provision new event streams and onboard new clients in just a few clicks, with minimal concerns about stability and scalability.

Being a cloud-agnostic service, Confluent Cloud also supports Kafka deployments across multiple clouds, without which Grab would have to “take a lot of effort and resources to duplicate your code, and then adapt it to different native streaming solutions offered by different clouds”, Foo said.

According to third party research, e-commerce businesses in Southeast Asia lose on average 1.6% of their revenue to fraud through anomalous transactions and GPS spoofing, among other fraudulent activities.

To address the challenge, Foo said Grab has invested in developing systems powered by machine learning and artificial intelligence to catch and prevent fraud, thanks to its visibility over millions of transactions daily. As a result, Grab has kept its fraud rate at about 0.2%, which is far below the industry average, he added.

The Grab Defence suite of tools is offered as part of GrabPlatform, Grab’s open platform strategy and a suite of application programming interfaces (APIs) for partners to integrate their services with Grab. It was first made available in Indonesia in 2019.