Due to a phenomenal growth in E-Commerce, use of credit cards has been dramatically increased. Credit cards are widely used for both online as well as regular purchase and it caused an explosion in the credit card fraud. Thus it is mandatory to implement efficient fraud detection systems. A clear understanding on different types of credit card fraud and alternative techniques used in fraud detection will certainly lead to an efficient credit card fraud detection system. This paper presents a survey on the various types of credit card fraud and gives a comparison among different techniques used in fraud detection.
Index Terms-E-Commerce, Credit card fraud, fraudsters, credit bureaus, neural networks, decision tree
I. INTRODUCTION
Credit cards are one of the most famous targets of fraud. But fraud is also possible through any type of credit card products such as personal loans home loans and retail. Indeed credit cards are the most vulnerable to fraud. Credit card is a small plastic card issued to users as a system of payment. Credit card security relies on the physical security of the plastic card as well as the privacy of the credit card number. CVV (Card Verification Value Code) is a new authentication procedure introduced by credit card companies to reduce fraud in internet transactions. The number of credit card transactions has reached the peak and results in considerable raise in fraudulent activities. Occurrence of credit card fraud is increasing dramatically due to the exposure of security weaknesses in traditional credit card processing systems resulting in loss of billions of dollars every year. A critical task to help businesses and financial institutions including banks is to take steps to prevent fraud and to deal with it efficiently and effectively to inhibit the loss. The risk is that "credit card fraud remains usually undetected until long after the fraudster has completed the crime". Credit card fraudsters employ a large number of techniques to commit fraud. In credit card business, fraud occurs when a lender is fooled by a borrower by offering purchases, believing that the borrower credit card account will provide payment for this purchase. Ideally, no payment will be made. If the payment is made, the credit card issuer will reclaim the amount paid. Fraudsters can either internal party or external party. As an external party, fraud is committed being a prospective/existing customer or a prospective/existing supplier. To combat the credit card fraud effectively, it is important to first understand the different types of credit card fraud.
II. DIFFERENT TYPES OF CREDIT CARD FRAUD AND RECOMMENDED SOLUTIONS
A. Preventing Bankruptcy Fraud using Credit Bureaus
Bankruptcy fraud is one of the most difficult types of fraud to predict. Bankruptcy fraud ( Foster, 2004) means, purchasers use credit cards knowing that they are not able to pay for their purchases. The bank will send them an order to pay. However, the customers will be recognized that they are not able to recover their debts. The only way to prevent this bankruptcy fraud is by doing a pre-check with credit bureau. Information in the credit bureau data is gathered from many different sources. Banks, consumer finance companies, credit unions, and collection agencies are some of the entities that periodically report to the credit bureau. Data are also obtained from state and federal courts on judgments, liens, and bankruptcy filings.
The process is as follows: the bank passes an enquiry to the credit bureau, who uses a third party in gather information. The enquiry includes identification information required by the credit bureau. The credit bureau sends a credit report for this single individual including personal particulars, details of non-compliance with contractual obligations, information from public directories and additional positive information such as repayment of loans according to contract at or before maturity. Some credit bureaus are also able to trace the address of a specific individual, who has moved to an 'unknown' address.
A credit file is created when an individual applies for, or uses, credit or a public record is reported to the credit bureau. Once a credit file is established, consumer's credit-seeking behavior, payment and purchase behavior, and any changes to the public records are recorded to estimate, detect, or avoid undesirable behavior and the updates are posted. Once the bank has received the credit report from the credit bureau, the bank can identify insolvency cases.
There are only few other methods to detect bankruptcy. Foster & Stine suggested a model based on standard regression techniques such as variable selection in data mining, to predict bankruptcy.
B. Detecting Charge-backs through Over limit/Vintage Reports
Theft fraud means using a card that is not owned by him/her. The fraudster will steal the card of someone else and use it as many times as much as possible before the card is blocked. The owner must react and contact the bank sooner, so that, bank will take measures to stop the fraudster.
Counterfeit fraud occurs when the credit card is used remotely and only the credit card details are needed. The fraudster will copy your card number and codes and use it via certain web-sites, where no signature or physical cards are required. Fraudsters use credit card data which is stolen and the merchant faces money loss and this is named as "charge-backs". Charge-backs are generated if credit card holders object to items on their monthly credit card statements.
This type of fraud can be detected through 'over limit' reports or 'vintage' reports. These reports provide a daily list of customers that have exceeded their credit limit. A certain degree of tolerance may be accepted. For the credit card listed, the customers are contacted and if they do not react, the card is blocked. ATM transactions of large amounts and purchases of goods for a larger amount than normal are suspicious and must be notified to the customer.
Fig.1. Different Types of Credit Card Fraud
C. Detecting Duplicates/Identity Fraudsters using Cross-matching technique
Someone applies for a credit card with false information is said to be Application Fraud. Two modes of application fraud are: Duplicates and Identity fraudsters. When applications come from a same individual with same details, it is called as duplicates. When applications come from different individuals with similar details is called as identity fraudsters.
The bank requires some details from the credit card applicants such as identification information, location information, contact information, confidential information and additional information. All these characteristics may be used individuals with more than one card can be identified. In contrast, identity fraudster is perpetrated by real criminals for searching duplicates. Cross-matching technique is used to identify the duplicates and identity fraudsters. To detect the duplicates simple queries that give fast results are passed to cross-identify the information with location details. As a result, filling wrong application data consciously. Identity fraudster may be either identity fraud (contain plausible) or identity theft (real but stolen identity information) [Phua et al. (2006)]. Many matching rules must be applied and it is acknowledged that many false positive cases will be identified (Thomas et al., 2004).
III. FRAUD DETECTION TECHNIQUES
A. Genetic Programming and certain other Algorithms
Using algorithms, certain types of credit card fraud can be detected.
The Evolutionary-Fuzzy System- A GP Approach
Algorithm proposed by Bentley et al (2000) is based on genetic programming and it contains logic rules, capable of classifying credit card transactions into suspicious and non-suspicious classes.
This system includes a Genetic Programming (GP) search algorithm and a fuzzy expert system. Data is provided to the Fraud Detection System (FDS) is clustered into three groups namely low, medium and high. The GP contains rules which match the incoming sequence with the past sequence. This algorithm easily detects stolen credit card Frauds with good accuracy and low false alarm. But it is very expensive and the processing speed is low.
Fig.2. Block diagram of the Evolutionary-fuzzy system
Other Algorithms
Chan et al. (1999) suggested an algorithm to predict suspect behavior and evaluated based on prediction rate/the true positive rate and the error rate/the false negative rate. Combination of different algorithms such as diagnostic algorithms, diagnostic resolution strategies, probabilistic curve algorithms, best match algorithms, negative selection algorithms, and density selection algorithms was suggested by Aitken (2000) to improve the power of prediction.
B. Neural Network Technologies in FDS
Neural classifier was proposed by Dorronsoro et al. (1997) which detects online fraud. Card watch (Aleskerov et al., 1997); Back-propagation of error signals (Maes et al., 2002); FDS (Ghosh & Reilly, 1994); SOM (Quah & Sriganesh, 2008; Zaslavsky & Strizkak, 2006); improving detection efficiency "mis-detections" (Kim & Kim, 2002) follow the same concept and have a constraint that data must be clustered by type of account.
Group of artificial neurons which are interconnected is called as ANN (Artificial Neural Network). It is used in applications, such as Pattern recognition or data classification, through a learning process. The most commonly used neural networks for pattern classification is the feed-forward network. An artificial neural network which has no directed cycle formed by connections the units is called feed forward neural network. In this network, the signals are propagated in forward as well as in backward direction. Detector is trained by a simple learning algorithm. It consist of three layers namely input, hidden and output layers. The incoming sequence of transactions passes from input layer through hidden layer to the output layer. This is known as forward propagation. The ANN consists of training data which is compared with the incoming sequence of transactions. Initial training data for neural network includes normal behavior of the cardholder. The suspicious transactions are then propagated backwards through the neural network and classify the suspicious and non-suspicious transactions.
Bayesian Neural Network (BNN) is also known as belief network (Ezawa & Norton, 1996; Maes et al., 2002; Mehdi et al., 2007) It is a kind of artificial intelligence programming which uses machine learning algorithms and data mining, to create layers of data, or belief. Bayesian learning combines results from current as well as past behavior using supervised learning. This enables Bayesian networks to process data, without any experimentation. Bayesian belief networks are very effective for modeling situations. Time constraint is the main disadvantage of this technique.
A neural network learns and does not need to be reprogrammed. It can be implemented in any application without any problem. Its processing speed is higher than BNN. Neural network needs training to operate and requires high processing time for large neural networks. Bayesian networks are supervised algorithms and they provide a good accuracy, but it needs training of data to operate and requires a high processing speed. The accuracy in fraud detection of ANN is low compared to BNN.
C. Behavioral Analysis
Once human behavior is correctly modeled, any detected deviation is a cause for concern since an attacker is not expected to have behavior similar to the genuine user. Hidden Markov Model- HMM (Abhinay et al., 2008) modeled human behavior. If a transaction is not accepted by the trained Hidden Markov Model with sufficient probability, it is considered as fraudulent transaction.
HMM never check the original user as it maintains a log. The maintained log will act as a proof for transactions made. HMM maintains a log and reduces work of an bank employee. HMM produces high false alarm as well as high false positive.
Fig.3. Process Flow of the Proposed FDS
D. Analysis based on Clustering
There are two types of clustering techniques (Bolton & Hand, 2002) namely peer-group analysis and break-point analysis. The hypothesis of the peer group analysis is that if accounts behave the same for a certain period of time and then one account is behaving significantly differently, this account has to be notified and flagged as suspicious. Based on the transactions of a single card, the break-point analysis can identify suspicious behavior. Signals of suspicious behavior are a sudden transaction for a high amount, and a high frequency of usage.
E. Similarity Tree- A Decision Tree Approach
In a similarity tree, the nodes are labeled with attribute names and edges are labeled with values of attributes that satisfy some condition and 'leaves' that contain an intensity factor which is the ratio of the number of transactions that satisfy these conditions to the total number of legitimate transactions in the behavior (Kokkinaki, 1997). It is easy to implement but the transactions must be checked one by one.
IV. COMPARISON RESULTS
The Comparison table was prepared in order to compare various Fraud Detection mechanisms that were used in identifying various credit card frauds. All the techniques of credit card fraud detection described in the table 1 have its own strengths and weaknesses. The comparison is made based on the design criteria. Also it describes the methodology used to counter the credit card fraud. The various efficient methods like genetic programming, various algorithms, neural networks, behavioral analysis, clustering and decision trees are used to detect and counter frauds in credit card transactions.
Table1. Comparison between various Credit Card Fraud Detection Methods
Method
Genetic Programming,
algorithms
Neural Networks
Behavioral Analysis
Clustering
Decision Tree
Technique
The Evolutionary-Fuzzy System- A GP Approach
ANN & BNN
Hidden Markov
Model
Peer-Group Analysis,
Break-point Analysis
Similarity Tree
Processing Speed
Low
Low
High
Low
Low
Cost
Implementation is highly expensive
Expensive
Quite expensive
Expensive
Low Expensive
Accuracy
Very High
Medium
Medium
High
High
Research issues addressed
Easily detect stolen credit card Frauds. Detect suspicious, non-suspicious data
Cellular phone fraud, Calling card fraud, Computer Network Intrusion Applicable in E-Commerce
Applicable in online detection of credit card fraud.
The original user is not checked as it maintains a log
Identify suspicious data
easily
Easily detect suspicious data. Easy to implement
Research Challenges
Not applicable in E-Commerce, Difficult to implement
Needs training to operate and requires high processing time for large neural networks and BNN
High false alarm,
False Positive is high
High false alarm
Transactions must be checked one by one which leads to time constraint
V. CONCLUSION
Efficient credit card fraud detection system is the most wanted. This paper has discussed about various types of credit card fraud and different methods to detect such fraudulent activities. Also the strength and weakness of each method is clearly tabulated. An ethical problem arises from the use of credit card fraud detection techniques is that sometimes there is a probability to mispredict genuine customers as fraudsters and vice versa. As a next step, research must be carried out to meet the research challenges specified in the table and also should try to minimize ethical problem.
