人工智慧雲服務與金融服務應用

© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
T A I P E I
10.15.19
Incorporating AI/ML to drive innovation in
financial services industry
人工智慧雲服務與金融服務應用
Young Yang, beyoung@amazon.com
Machine Learning Specialist Solutions Architect

Agenda
• Cloud is new normal in financial services industry
• Earn Customers’ Trust: first thing first security, security, and security
• Machine learning for security and compliance workloads
• ML/Ops is new normal in financial services industry
• FinTechs aren’t disrupting banks… customer expectations are!!
• Automation with increased quality and innovation
• AI/ML is new normal in financial services industry
• The right tools for the right job. Legacy Systems Haven’t Kept Up.
• AI and ML are the next edge in digital innovation

Paradigm shift

Representative industry view: Financial and
Insurance
5
• Physical attacks against
ATMs have seen a
decline from their heyday
of the early 2010’s.
• Top 3 patterns: Web
Applications, Privilege
Misuse, and
Miscellaneous Errors.
• 36% Internal threat
actors.

TLS
Access
Man-in-the-browser
Client
Session hijacking
Malware
Cross-site request forgery
Abuse of functionality
Man-in-the-middle
DDoS
Malware
API attacks
Injection
Cross-site scripting
Certificate spoofing
Protocol abuse
Session hijacking
Key disclosure
DNS hijacking
DDoS
DNS spoofing
DNS cache poisoning
Man-in-the-middle
App services
DNS
DDoS
Eavesdropping
Protocol abuse
Man-in-the-middle
Credential theft
Credential stuffing
Session hijacking
Brute force
Phishing
Network
DDoS
Dictionary attacks

TLSCertificate spoofing
Protocol abuse
Session hijacking
Key disclosure
DDoS
Man-in-the-browser
Client
Session hijacking
Malware
DNS
DNS hijacking
DDoS
DNS spoofing
DNS cache poisoning
Man-in-the-middle
DDoS
Eavesdropping
Protocol abuse
Man-in-the-middle
Network
Dictionary attacks
Man-in-the-middle
DDoS
Malware
API attacks
Injection
App services
Access
Credential theft
Credential stuffing
Session hijacking
Brute force
Phishing

Vuln released
Continuous
improvement
Firewall what
you can’t fix
Applicable?
Test
Apply & Retest
1.7
0.8
0.5
0.4
0.5
1.4
0.9
0.6
0.2
0.3
2014 2015 2016 2017 2018
Average Days Between
Vulnerability Releases
Critical High
9-12
hours

% of organizational leaders
say cybersecurity teams are
understaffed
% of board directors and C-
level execs say they have
confidence in their
organization’s level of
cybersecurity
34
% of organizations believe that
malicious attacks are on the rise
y/y, but 34% confidence in their
teams’ ability to address complex
attacks
69
4
6Source: 2019 ISACA State of Cyber Security Report.
Information Systems Audit and Control Association (ISACA) 國際電腦稽核協會

Security continues to be job zero
healthcare
global banks

Foundation Services
Compute Storage Database Networking
Infrastructure
Regions
Availability Zones
Edge Locations
Client-side Data
Encryption
Server-side Data
Encryption
Network Traffic
Protection
Platform, Applications, Identity & Access Management
Operating System, Network & Firewall Configuration
Customer content
Shared Responsibility Model
You need to handle full
stacks and end-to-end
scopes
之前要負責這麼大的範
圍

AWS Foundation Services
AWS Global
Infrastructure
Regions
Availability Zones
Edge Locations
Client-side Data
Encryption
Server-side Data
Encryption
Network Traffic
Protection
Customer App / Content / Data
Shared Responsibility Model
CustomerAWS 聚焦在
創新應用
AWS 全球專業的安全
團隊
AWS 提供專業的工具
協助客戶

站在巨人的肩膀

Financial institutions across market segments are transforming on AWS

Our mission
Up to
135 Billion
events per day
Monitor
100% Equities &
70% Options
in the US
Run Hundreds
of surveillance
patterns
Reconstruct
Trillions of
market nodes
& edges
Investor
Protection
Market
Integrity

We can be far more secure in the
cloud and achieve a higher level of
assurance at a much lower cost, in
terms of effort and dollars invested.
We determined that security in AWS
is superior to our on-premises data
center across several dimensions,
including patching, encryption, auditing
and logging, entitlements, and
compliance.
—John Brady
CISO, FINRA

 Micro-segmentation with security groups
 Federated identities + granular entitlements
 Visibility: AWS CloudTrail / Amazon CloudWatch Logs
 Pervasive encryption: AWS KMS
 Containers/serverless: Less to maintain or attack
 Automate everything: DevSecOps & compliance
 Resiliency: AZs, out-of-region data replication…
 Security services: AWS WAF / AWS Shield / AWS Config /Amazon Macie
Amazon GuardDuty, etc.
More secure in the cloud
Nearly everything else is better in the cloud, so it should be no surprise that security
is too. The strongest cloud providers have bigger security budgets and deeper talent
pools, and must be secure to survive.
How?

Machine learning-powered security service to discover, classify, and
protect sensitive data
AWS WAF - Web Application Firewall
AWS Shield
Machine Learning for Security and Compliance Workloads

MACHINE LEARNING FOR
COMPLIANCE
FOR PII-TYPES** LIKE NAMES, ADDRESSES,
USER NAMES AND PASSWORDS, A REGEX-
BASED APPROACH ISN’T POSSIBLE
**Personally identifiable information

Macie user behavior analytics
We use behavioral analytics to
baseline normal behavior
patterns
Contextualize by value of data
being accessed
Goals:
• Go to great lengths to avoid
false positives
• Features, features
• Compare peers
• Tell a narrative

0. Feature extraction
from event data
1. Map into user
time-series
2. Cluster
peer groups
3. Predict user
activity, update
models
4.Identify
anomalies
5. Attempt to
explain
statistically
7. Alert and narrative
explanation created
Normal accesses
Machine learning-powered security service to
discover, classify, and protect sensitive data

VPC flow logs
DNS
Logs
CloudTrail
Events
HIGH
MEDIUM
LOW
FindingsData
Sources
Threat Detection
Types
Threat
intelligence
Anomaly
Detection
(ML)
Bitcoin
Mining
Instance
Compromise
Account
Compromise
Total of 62*
detections
AWS Security
Hub
SIEM
Respond

Most mature, enterprise-ready provider, with
the strongest track record of customer success
and the most useful partner ecosystem
(Gartner, 2019)
Comprehensive
infrastructure
Compliance
standards & security
Artificial intelligence
& machine learning
Partner networkFinancial industry
services solutions

FinTechs aren’t disrupting banks…
customer expectations are!

The traditional model is purely transactional, not
“Customer Obsession”
x Generic / Bad experience. Fill a lot of forms
x Impersonal messages
x Poorly timed engagements
x Narrow audience reach
x Minimal customer data and insights
x Missed sales opportunities
x Lengthy, frustrating forms for users. Can’t
understand what it means
x Disconnected legacy systems to manage
x Limited touchpoints to reach users
Consumers want
financial institutions
to know them, and
expect
personalized,
contextual offers.

FinTechs aren’t disrupting banks… customer expectations are!
AWS re:Invent 2018: Bernd Heinemann, Board Member at Allianz,
Speaks at Global Partner Summit [link]

Superior
customer
experience is a
core value of our
digital initiatives
PayByPhone, VW
The world's leading parking
payment provider. In 2016,
PayByPhone has already
processed more than $250
million in payments and is
adding approximately 7,000
users per day to their
already substantial base of
more than 12.5 million
registered users.
Example: PayByPhone at
Apple‘s Developers
Conference WWDC2018
in June 2018

生存下來的物種
並不是那些最強壯，或者最聰明的，而是那些
能夠對變化做出快速反應的。
- 達爾文

Automation with increased
quality and innovation

Put your time on Innovation
Infrastructure
Support
Innovation
Infrastructure
Support
Innovation
Innovation
Support
✅
automate automate

How AWS Help on “Automation”?
Regulation
DevOps
& Modern Applications

Customers rely on AWS’ compliance with global standards
Certifications & Attestations Laws, Regulations and Privacy Alignments & Frameworks
Cloud Computing Compliance Controls
Catalogue (C5)
🇩🇪 CISPE 🇪🇺 CIS (Center for Internet Security) 🌐
Cyber Essentials Plus 🇬🇧 EU Model Clauses 🇪🇺 CJIS (US FBI) 🇺🇸
DoD SRG 🇺🇸 FERPA 🇺🇸 CSA (Cloud Security Alliance) 🌐
FedRAMP 🇺🇸 GLBA 🇺🇸 Esquema Nacional de Seguridad 🇪🇸
FIPS 🇺🇸 HIPAA 🇺🇸 EU-US Privacy Shield 🇪🇺
IRAP 🇦🇺 HITECH 🌐 FISC 🇯🇵
ISO 9001 🌐 IRS 1075 🇺🇸 FISMA 🇺🇸
ISO 27001 🌐 ITAR 🇺🇸 G-Cloud 🇬🇧
ISO 27017 🌐 My Number Act 🇯🇵 GxP (US FDA CFR 21 Part 11) 🇺🇸
ISO 27018 🌐 Data Protection Act – 1988 🇬🇧 ICREA 🌐
MLPS Level 3 🇨🇳 VPAT / Section 508 🇺🇸 IT Grundschutz 🇩🇪
MTCS 🇸🇬 Data Protection Directive 🇪🇺 MITA 3.0 (US Medicaid) 🇺🇸
PCI DSS Level 1 💳 Privacy Act [Australia] 🇦🇺 MPAA 🇺🇸
SEC Rule 17-a-4(f) 🇺🇸 Privacy Act [New Zealand] 🇳🇿 NIST 🇺🇸
SOC 1, SOC 2, SOC 3 🌐 PDPA - 2010 [Malaysia] 🇲🇾 Uptime Institute Tiers 🌐
PDPA - 2012 [Singapore] 🇸🇬 Cloud Security Principles 🇬🇧
PIPEDA [Canada] 🇨🇦
🌐 = industry or global standard Agencia Española de Protección de Datos 🇪🇸
26

The AWS Compliance Center features country-specific
resources
The AWS Compliance Center
is a central location to research
cloud regulations in specific
countries and learn about
AWS Compliance programs.

AWS Native Services
Cloud
Mgmt.
AWS
Service Catalog
AWS
CloudTrail
AWS
Config
AWS Trusted
Advisor
AWS X-Ray
AWS
OpsWorks
Amazon
CloudWatch
AWS
CloudFormation
AWSSnowball
AWSSMS
AWS
Systems
Manager
AWSKMS
IAM
AWSDMS
Amazon Inspector
Amazon Macie
Amazon
GuardDuty
Service
request
Inventory and
classification
Monitoring
and analytics
Packaging
and delivery*
Provisioning
and orchestration
Cost management and
resource optimization
Cloud migration,
backup, and DR
Identity, security,
and compliance
AWSConfigAWSCodeDeploy
AWSCodeCommit
AWSCodePipeline
AWSCodeBuild
Source:
Gartner May 2018
Evaluation Criteria for
Cloud Management
Platforms and Tools

• AWS and Standard Chartered have
worked together for over 5 years
• The Standard Chartered cloud
journey started with a proof-of-
concept grid compute running risk
calculations
• Has since expanded into a variety of
production and non-production
workloads

Standard Chartered Cloud Journey
2017 Q2
- CI/CD pipeline (VX)
for Cloud IaaS
- 20k Concurrent
vCPUs
2013 Q4
Grid PoC
2015 Q3
Production
Grid Go-Live
2018 Q3
- Security monitoring with auto remediation
- First Production application Go-Live via CI/CD
pipeline (VX) with customer data
- 1 million EC2 Instance-hours
2014 Q4
Development Grid
Go-Live
2016 Q3
Grid has reached max of
7k concurrent vCPUs
2019 Q1 – NOW
- 160 workloads
- daily average of 250k vCPUs
- 200k concurrent vCPUs
- Grid cost $0.02 per vCPU hour

Standard Chartered Cloud Journey

Applying ML/Ops
Data
Science
Project
Team
Business
Analyst
Data
Scientist
Data
Engineer
SecurityDeveloper
Operations
QA
Cross-Functional Project Team
Domain Expertise
Math/Statistical Expertise
BigData &
Data Pipeline Expertise
Security ExpertiseApplication Code Expertise
Full Stack &
Operational Expertise
Solution Expertise

ML/Ops Challenges:
Automation with increased quality and Innovation
40%
Gartner predicts that
40% of data science
tasks will be
automated by 2020**
**Gartner Report – “Predicts 2017: Analytics Strategy and Technology”

The right tools for the right job

Surveillance and Fraud Detection Has Rapidly Evolved
Entities and
Events
Known Threats
and Risks
Structured and
Unstructured
Data
Machine
Learning, AI,
Natural
Language
Understanding,
Behavioral
Analytics
Out-of-the-Box
and Custom
Models
and Legacy Systems Haven’t Kept Up

Surveillance and Fraud Detection Are Difficult and Expensive
Detecting Intent
Accurately
Identifying
Suspicious
Communications
Minimizing
False Positives
Uncovering Risky
Entities / Individuals
Inefficient and
Costly
Investigations
Multiple Siloed
Surveillance
Platforms
Random and
Reactive
Labor Intensive

Powered by
machine learning
Online application origination
Growing issue as breaches expose more data
Uses synthetic identities to create accounts—
or sign up for credit cards online
How do you defend against synthetic
identities?
Model development
We reduced model development time by 60
percent—the more we practice it, the better
we get!
Used a variety of AWS services

Surveillance and Fraud Detection Reference Technical Stack
Data
Gathering
Analysis
Decisions /
Rules
Investigations
Device Fingerprints
Browser Info
IP Layer
Usage History
Payment Instrument
Clickstream
Log Files
Behavioral Patterns
Derived Values
Relationships
3rd Party Data
Real Time
Binary Tree
Regression
Machine Learning
Deep Learning
Derived Values
Historical
Model Training
Back Testing
Anomaly Detection
Auto Pass
Auto Block
Investigate
Usage Limits
Gather more Info
Pass
Gather more Info
Fail
Supporting
Workflows
Amazon NeptuneAmazon Kinesis
Data Streams
Amazon Simple
Storage Service
Amazon
Redshift
Amazon
DynamoDB
Amazon
SageMaker
AWS Lambda
Amazon RDS
Amazon Simple
Notification Service
Amazon Simple Queue
Service
Amazon EC2
AWS Step Functions
Amazon Athena

AI and ML are the next edge in digital innovation.
Compliance, Surveillance,
and Fraud Detection
Document
Processing
Pricing and Product
Recommendation Trading
Financial institutions are increasingly investing in AI/ML thanks, in part, to the availability of
cost-effective, easy-to-use, and scalable cloud-based AI/ML services.
Customer Experience
• Credit card/account
fraud detection
• Sales practices/
transaction surveillance
• AML/Sanctions
• Investigations optimization
• Regulatory mapping
• Common financial
instrument taxonomy
• Contract ingestion
and analytics
• Financial information
extraction
• Corporate actions
• Loan/Insurance underwriting
• Sales/recommendations of
financial products
• Credit assessments
• Portfolio management/
robo-advising
• Algorithmic trading
• Sentiment/news analysis
• Image analysis
• Grid computing scheduling
• Enhanced customer service
through chatbots
• Call center optimization
• Personal financial
management
Core processing Client facing

Alexa personalizes Financial Services
“Alexa, ask Fidelity to get me a
market update.”
“Alexa, ask Liberty Mutual for an auto
insurance estimate.”
“Alexa, ask Capital One how much I
spent at Amazon last month.”
Voice-based interactions can strengthen the relationship between consumers and their Financial
Services providers.

苹果周二新品发表会，各大研究机构、外资都推
出供应链受惠名单，促动苹概股前进上涨，使台
股即登上10800點。
Amazon Polly
Turn text into lifelike speech using deep learning

Text
Text normalization
Grapheme-to-phoneme
conversion
Waveform
generation
Speech
100% Recycled – 8 ½ x 11 inch 20 lb Office Paper – 3,000 count
one hundred percent recycled, eight and a half by eleven inch…
ˈwʌn ˈhʌndrəd pɚˈsɛnt riːˈsaɪkəld ˈeɪt ənd ə ˈhæf ˈɪntʃ…
Text-to-speech pipeline

M L F R A M E W O R K S &
I N F R A S T R U C T U R E
A I S E R V I C E S
REKOGNITION
IMAGE
POLLY TRANSCRIBE TRANSLATE COMPREHEND LEXREKOGNITION
VIDEO
Vision Speech Language Chatbots
A M A Z O N
S A G E M A K E R
B U I L D T R A I N
FORECAST
Forecasting
TEXTRACT PERSONALIZE
Recommendations
D E P L O Y
Pre-built algorithms & notebooks
Data labeling (GROUND TRUTH)
One-click model training & tuning
Optimization (N E O )
One-click deployment &
hosting
M L S E R V I C E S
Frameworks Interfaces Infrastructure
EC2 P3
& P3dn
EC2 C5 FPGAs GREENGRASS ELASTIC
INFERENCE
Reinforcement learning
Algorithms & models ( AWS MARKETPLACE
FOR MACHINE LEARNING)
A W S
D E E P R A C E R
A W S
D e e p L e n s
Amazon
Inferentia
Optimized

Machine learning is new normal in
financial services industry

Take Away

TLS
Access
Man-in-the-browser
Client
Session hijacking
Malware
Man-in-the-middle
DDoS
Malware
API attacks
Injection
Certificate spoofing
Protocol abuse
Session hijacking
Key disclosure
DNS hijacking
DDoS
DNS spoofing
DNS cache poisoning
Man-in-the-middle
App services
DNS
DDoS
Eavesdropping
Protocol abuse
Man-in-the-middle
Credential theft
Credential stuffing
Session hijacking
Brute force
Phishing
Network
DDoS
Dictionary attacks
% of organizational leaders say
cybersecurity teams are
understaffed
% of board directors and C-level
execs say they have confidence in
their organization’s level of
cybersecurity34
% of organizations believe that
malicious attacks are on the rise y/y,
but 34% confidence in their teams’
ability to address complex attacks
69
46
Source: 2019 ISACA State of Cyber Security Report.
Information Systems Audit and Control Association (ISACA)
Agenda
• Cloud is new normal in financial services industry
• Earn Customers’ Trust: first thing first security, security, and security
• ML/ Ops is new normal in financial services industry
• FinTechs aren’t disrupting banks… customer expectations are!!
• AI/ ML is new normal in financial services industry
• The right tools for the right job. Legacy Systems Haven’t Kept Up.

AWS Foundation Services
AWS Global
Infrastructure
Regions
Availability Zones
Edge Locations
Client-side Data
Encryption
Server-side Data
Encryption
Network Traffic
Protection
Customer App / Content / Data
CustomerAWS
AWS
AWS
We can be far more secure in the cloud
and achieve a higher level of assurance
at a much lower cost, in terms of effort
and dollars invested. We determined
that
, including patching,
encryption, auditing and logging,
entitlements, and compliance.
—John Brady
CISO, FINRA
Machine learning-powered security service to discover, classify, and
protect sensitive data
AWS WAF - Web Application Firewall
AWS Shield
Machine Learning for Security and Compliance Workloads

Put your time on Innovation
Infrastructure
Support
Innovation
Infrastructure
Support
Innovation
Innovation
Support
automate automate
FinTechsaren’t disrupting banks…
customer expectations are!
The traditional model ispurely transactional,not
“Customer Obsession”
x Generic / Bad experience. Fill a lot of forms
x Impersonal messages
x Poorly timed engagements
x Narrow audience reach
x Minimal customer data and insights
x Missed sales opportunities
x Lengthy, frustrating forms for users. Can’t
understand what it means
x Disconnected legacy systems to manage
x Limited touchpoints to reach users
Consumers want
financial institutions
, and
expect
.
FinTechsaren’t disrupting banks… customer expectationsare!
AWS re:Invent 2018: Bernd Heinemann, Board Member at Allianz,
Speaks at Global Partner Summit [link]

How AWSHelp on “Automation”?
Regulation
DevOps
& Modern Applications
The AWSCompliance Center featurescountry-specific resources
The AWS Compliance Center
is a central location to research
cloud regulations in specific
countries and learn about
AWSCompliance programs.
Data
Science
Project
Team
Business
Analyst
Data
Scientist
Data
Engineer
SecurityDeveloper
Operations
QA
Cross-Functional Project Team
Domain Expertise
Math/ Statistical Expertise
BigData &
Data Pipeline Expertise
Security ExpertiseApplication Code Expertise
Full Stack &
Operational Expertise
Solution Expertise

Right toolsfor right jobs
Surveillance and Fraud Detection HasRapidly Evolved
Entities and
Events
Known Threats
and Risks
Structured and
Unstructured
Data
Machine
Learning, AI,
Natural
Language
Understanding,
Behavioral
Analytics
Out-of-the-Box
and Custom
Models
and Legacy Systems Haven’t Kept Up
Surveillance and Fraud Detection Reference Technical Stack
Data
Gathering
Analysis
Decisions /
Rules
Investigations
Device Fingerprints
Browser Info
IP Layer
Usage History
Payment Instrument
Clickstream
Log Files
Behavioral Patterns
Derived Values
Relationships
3rd Party Data
Real Time
Binary Tree
Regression
Machine Learning
Deep Learning
Derived Values
Historical
Model Training
Back Testing
Anomaly Detection
Auto Pass
Auto Block
Investigate
Usage Limits
Gather more Info
Pass
Gather more Info
Fail
Supporting
Workflows
Amazon NeptuneAmazon Kinesis
Data Streams
Amazon Simple
Storage Service
Amazon
Redshift
Amazon
DynamoDB
Amazon
SageMaker
AWS Lambda
Amazon RDS
Amazon Simple
Notification Service
Amazon Simple Queue
Service
Amazon EC2
AWS Step Functions
Amazon Athena
AI and ML are the next edge in digital innovation.
Compliance, Surveillance,
and Fraud Detection
Document
Processing
Pricing and Product
Recommendation Trading
Financial institutions are increasingly investing in AI/ ML thanks, in part, to the availability
of cost-effective, easy-to-use, and scalable cloud-based AI/ ML services.
Customer Experience
• Credit card/ account
fraud detection
• Sales practices/
transaction surveillance
• AML/ Sanctions
• Investigations optimization
• Regulatory mapping
• Common financial
instrument taxonomy
• Contract ingestion
and analytics
• Financial information
extraction
• Corporate actions
• Loan/ Insurance underwriting
• Sales/ recommendations of
financial products
• Credit assessments
• Portfolio management/
robo-advising
• Algorithmic trading
• Sentiment/ news analysis
• Image analysis
• Grid computing scheduling
• Enhanced customer service
through chatbots
• Call center optimization
• Personal financial
management
Core processing Client facing

Machine learning isnew normal in
financial servicesindustry
10800
Amazon Polly
Turn text into lifelike speech using deep learning

• Cloud is new normal in financial services
industry
• Earn Customers’ Trust: first thing first security, security,
and security
• ML/Ops is new normal in financial services
industry
• FinTechs aren’t disrupting banks… customer
expectations are!!
• AI/ML is new normal in financial services
industry
• The right tools for the right job. Legacy Systems Haven’t
Kept Up.
• 上雲在金融業很常見
• 客戶對於安全性的要求越來越高
• 透過人工智能來幫助安全和合規的工作
• ML/Ops 在金融業很常見
• FinTechs 不會顛覆金融產業，但是客戶經驗會感
變整個產業
• 自動化能增進品質和創新
• AI/ML 在金融業很常見
• 使用正確的工具，做正確的事情。老舊的系統很難
跟業務的需求
• 人工智慧是下一時代的數位創新

Build on AWS

Thank you!
Young Yang, ML Specialist Solutions Architect
beyoung@amazon.com

Calibrate thresholds in transaction
surveillance alert logic
Refine keywords and phrases
used for e-communications
surveillance lexicons
Extract hidden relationships
and insights in the data
Drive “what if” analysis on
risks which are not covered
by existing metrics/analysis
Optimize alert output: New scenario analysis:
Solution: Use machine learning to optimize surveillance logic

人工智慧雲服務與金融服務應用

Empfohlen

Empfohlen

Weitere ähnliche Inhalte

Was ist angesagt?

Was ist angesagt? (20)

Ähnlich wie 人工智慧雲服務與金融服務應用

Ähnlich wie 人工智慧雲服務與金融服務應用 (20)

Mehr von Amazon Web Services

Mehr von Amazon Web Services (20)

人工智慧雲服務與金融服務應用