DESIGN AND IMPLEMENTATION OF A CREDIT CARD

FRAUD DETECTION SYSTEM

A TERM PAPER

BY

BRUKOWHO PRAISE OKEOGHENE

COMPUTER SCIENCE
(HND II)

COM/HND/23/01604

DECEMBER, 2024
 ABSTRACT

The aim of this dissertation is to design and develop an enhanced model for
credit card fraud detection in Nigerian banks. Credit card transaction frauds cost
financial institutions millions of dollars per year. As a result, fraud detection has
become an important and urgent task for this business. The incidents of loss of hard
earned money to fraudsters have raised a lot of concern and portend serious danger
to economic growth. The study resulted in a model, which is used to detect abrupt
changes in established patterns and recognize typical usage patterns of fraud. The
credit card fraud detection system was designed to run at the background of
existing banking software and attempt to discover illegitimate transaction entering
on real-time basis. This proved to be very efficient method of discovering fraudulent
transactions. The data used was a mixture of normal and fraudulent with an
unknown mixing mechanism.
 INTRODUCTION

BACKGROUND OF THE STUDY

Frauds have plagued telecommunication industries, financial institutions and other

organizations for a long time (Jia and Jongwoo, 2005) The type of fraud addressed
in this dissertation is called credit card transaction fraud This fraud costs financial
institutions millions of dollars per year As a result, fraud detection has become an
important and urgent need for these businesses

Currently, data mining is a popular way to combat frauds because of its

effectiveness Data mining is a well-defined procedure that takes data as input and
produces output in the form of patterns (Hand etal,2002) In other words, the task
of data mining is to analyse a massive amount of data and to extract some usable
information that one can interact with for future uses Once one has the right model
for the data, the model can be used to predict future events by classifying the data
In terms of data mining, fraud detection can be understood as the classification of
the data Input data is analysed with the appropriate model that determines
whether it implies any fraudulent activity or not

A well-defined classification model is developed by recognizing the patterns of

former fraudulent behaviours Then, the model is used to predict any suspicious
transaction implied in a new data set Data mining and model construction require
a lot of time, which prohibits it to detect frauds in real time This is a serious setback
since, in many occasions such as online credit card transactions, one need to detect
fraudulent activities in a very short period of time, typically while the fraudster is
still at the banking hall Otherwise, the loss could be huge.
Multi-agents are computer programs that can act on behalf of a person to
do various jobs Multi- agents can automate a large portion of fraud detection
process and require little human intervention Additionally, multi-agents do not
stick to one model or rule They can construct new models and rules for fraud
detection with their machine capabilities It will be harder to deceive multi- agents
than other computer programs for fraud detection Besides, in a multi- agents
system, many multi-agents can work in parallel and cooperate with each other This
not only accelerates the detection process but also increases the detection
accuracy Moreover, multi-agents can be deployed online for real-time detection
This is an extremely desirable feature for online credit card fraud detection and
network intrusion detection.

Fraud in organization and industries of late has taken on a new dimension,

This is due to the advances that have been made in information technology Its
increasing waves have resulted in a whole lot of havoc in various organizations For
businesses and organizations alike, fraud alongside financial crime is not an
acceptable way of carrying out day to day operations Fraud schemes are ever on
the increase, its cost is on the increase, same as customers’ expectations Fraud has
resulted in financial losses; it costs much to investigate and to pursue attendant
litigation Fraud eats away impinges on customer/consumers’ confidence and ruins
brand image It is indeed the number one enemy of the business world In recent
times, surveys conducted by leading internal consulting firms indicate that fraud in
the financial sector is rapidly increasing as information technology in this sector
advances and most of the reported cases involve data manipulation with assistance
of bank staff working hand in hand with external fraudsters (Lee et al,2005)

One such aspect of banking where there is high rate of abuse of office and some
level of collaboration in perpetrating fraud is in the case of credit card Timely
information on fraudulent activities is strategic to the banking industry Banks have
many and huge databases Valuable business information can be extracted from
these data stores Credit card fraud detection is the process of classifying those
transactions into two classes of legitimate (genuine) and fraudulent transactions
(Singh etal,2014) Credit card frauds can be broadly classified into three categories,
viz: traditional card related frauds (application, stolen, account takeover, fake and
counterfeit), merchant related frauds (merchant collusion and triangulation), and
Internet frauds (site cloning, credit card generators and false merchant sites) Data
mining is a process that uses a variety of data analysis tools to discover patterns
and relationships in data that may be used to make a valid prediction (Singh
etal,2014) In everyday life, credit cards are used for purchasing goods and services
using online transaction or physical card for offline transaction.

In credit or debit card based purchase, the cardholder presents card to a merchant
for making payment To commit fraud in this kind of acquisition, the fraudster has
to steal the credit card If the legitimate user does not understand the loss of card,
it can lead to important financial loss to the credit card company and also to the
user In online payment mode, attackers need only little information for false
transaction, for example, secure code, expiration date, card number and many
other factors In this purchase method, many transactions will be done through
Internet or telephone To obligate fraud in these types of purchases, an impostor
simply needs to know the card details Most of the time, the honest cardholder is
not aware that someone else has seen or stolen his card information The only way
to detect this kind of fraud is to analyse the spending patterns on every card and
to figure out any irregularity with respect to the “usual” spending patterns The
examination of existing purchase data of cardholder is a likely way to reduce the
rate of positive credit card frauds Since humans tend to display specific
behaviourist profiles, every cardholder can be characterized by a set of patterns
comprising information about the distinctive purchase category, the time since the
last buying, the amount of money spent, and other things Nonconformity from such
patterns is reflected as fraud.

Credit card frauds are increasing day by day as the use of credit card is
increasing (Patel, 2014) Occurrence of credit card fraud has increased dramatically
both online and offline Credit card based purchase can be done in two ways: (i)
physical card (ii) virtual card In physical card purchase, the cardholder presents his
card physically to the merchant for making payment For this type of fraud the
attacker has to steal the credit card In virtual card purchase only the information
about the card is stolen or gathered like card number, secure code etc. Such
purchases are done over the Internet For this type of fraud the attacker needs only
the card details so the only way to detect this type of fraud is to analyse the
spending pattern of the card holder When one’s credit card or credit card
information is stolen and used to make unauthorized purchases on e-commerce
systems on the Internet, one becomes a victim of internet credit card fraud or no
card present fraud This is nothing new and there is nothing unusual about this
because identity theft and credit-card fraud are present-day happenings that affect
many people and involve substantial monetary losses Fraud is a million dollar
business and increasing every year.
Credit card is refers to a method of selling goods or services without the
buyer having cash in hand (Delamaire etal,2009) A credit card transaction involves
four entities The first entity is the consumer; that is the person who owns the card
and who carries out the legitimate transactions The second entity is the credit card
issuer; that is usually the consumer’s bank – also known as issuing bank – which
provides the credit services to the consumer The credit card issuer sends the bill to
the consumer in order to request a payment for their credit card transactions. The
third entity is the merchant who sells goods or services to the consumer by charging
consumer’s credit card This charge is achieved through merchant’s bank – the forth
entity which sends the request for the transaction to the issuing bank. The issuing
bank will check whether the amount of the transaction does not reach the credit
card’s limit before authorizing that transaction If the transaction is valid, the issuing
bank will block the requested amount from consumer’s credit card account and
send an authorization response to merchant bank As soon as the authorization
response is received by the merchant’s bank, the merchant is notified; the
transaction is marked as completed and the consumer can take the goods The
blocked amount on consumer’s credit card account will be transferred into
merchant’s bank account.

STATEMENT OF THE PROBLEM

Information Technology (IT) has contributed to a great extent in mitigating
fraud for banks that have embraced and implemented it Credit card transaction
frauds cost financial institutions millions of dollars per year As a result, fraud
detection has become an important and urgent task for this business The incidents
of loss of hard earned money to fraudsters have raised a lot of concern and portend
serious danger to economic growth Ordinarily, thieves invade homes and offices to
steal physical cash from their victims The rapid development in information and
communication technology has introduced a cashless society where people can pay
for goods and services using credit cards This appears more secured as people no
longer keep huge physical cash at home; leading to less incidents of theft The
recent development shows that hackers have device electronic means of stealing
money from people’s account by stealing their credit card details and using same
to transfer money to other accounts This is heart breaking and requires an
enhanced security system on communication channels to avert such financial loss
Another challenge for contemporary financial institutions is the ability to
understand and deal with the high volume of data and information, and using
knowledge from them to improve and make informed decisions Credit card fraud
detection is a pattern recognition problem Every cardholder has a shopping
behaviour which establishes a profile for the cardholder Currently, fraud detection
system (FDS) identifies many legitimate accounts as fraudulent resulting in a large
number of false positives (FPs) As every cardholder has a huge number of
possibilities for developing new patterns of behaviour, the types of transactions are
widely variable Hence, it is almost impossible to identify consistent and stable
patterns for al1 the transactions In fact, there are so many variations of behaviour
for each individual that are exponential in combination and the complexities of
enumerating all combinations of cases are enormous This ever changing pattern of
behaviour with the combination of legitimate and fraudulent cases has left the
Financial Institutions (FIs) with a large number of FPs (approximately 90% of flagged
accounts) for investigation The above challenges can be addressed through the use
of a multi-agents system that is based on artificial intelligence since it will provide
managers with added value information reduce the uncertainty of the decision
outcome and thereby enhance banking service quality No doubt, the application of
new technologies can give bank a competitive lead to a high performance and
eliminate fraud associated with credit cards Credit card frauds (CCF) have been a
long –time headache for credit card companies With the growth of online business
in Nigeria, the number of credit card frauds has also increased drastically.

AIM AND OBJECTIVES OF THE STUDY

The aim of this dissertation is to design and develop an enhanced model for credit
card fraud detection in Nigerian banks

The specific objectives are:

1. To characterize the information source and identify the security problems

inherent in the communication channels for credit card transactions

2. To provide a means of detecting and preventing credit card fraud in a real –time
transaction on the Internet

3. To model a security system that will promote trust in communication channels

by implementing hybrid technology that will combine both adaptive data mining
and multi- agents to authenticate the credit card transaction

4. To develop a system using PHP-MySQL and java script to implement the credit
card fraud detection model which can authenticate credit card transactions

5. To evaluate the performance of this model in detecting credit card fraud

SCOPE OF THE STUDY

This work focuses on predictive model using data mining that scores each
transaction with high or low risk of fraud and those with high risk generate alerts
Predictive data mining performs inference on the current data in order to make
predictions The check those alerts and provide a feedback for each alert ie true
positive (genuine) or false positive (fraud) Furthermore, in view of the broad nature
of financial fraud, the study is particularly about credit card fraud using data strictly
stored on the core banking database and card issuer’s database The study will
narrow down to particular type of financial institutions which are the banks Since
most of the existing credit card frauds are done using a customer’s banking
information and card information, the study will focus on banking industry and card
issuer institutions. This work will cover detection, monitoring and response of
fraudulent activities in e-commerce business, it will also cover the area of real-time
alerting system to enable financial companies stop or deactivate any financial
transaction suspected to be fraud.

SIGNIFICANCE OF THE STUDY

The process of searching for fraud is lengthy due to the amount of data
involved In most cases, auditors unknowingly get the information they need from
the involved employees who deliberately mislead them and waste their time With
a multi-agents fraud detection system in place to check unusual transactions, the
work load is distributed among the agents, thus a search is faster and block any
transaction suspected to be fraudulent Since different agents communicate and
carry out the verifications otherwise done manually, they detect a fraud on the fly,
before a transaction fraud is concluded Without an effective system to check
against internal attacks, management of these financial institutions rely on
auditors, both internal and external to investigate the fraud, if they suspect that
one has taken place The problem is that some fraud can go undetected or by the
time they figure out that fraud has occurred it is either too late and the fraudsters
have disappeared or they have had enough time to cover their tracks and
the trail goes cold.

LIMITATIONS OF STUDY
Unfortunately most banks prefer not to go public and report the incidences
as they fear losing business if the fraud cases are known to the public Owing to this
fact, it is difficult to get direct reports from the financial institutions, so it is difficult
to come up with a clear indication of how rampant the problem is However, reports
from Central Bank of Nigeria (CBN), newspaper articles and a few publications on
the issue show that the problem exists and is actually growing steadily.

DEFINITION OF TERMS
Agent: Computer software that is capable of autonomous action in some
environment in order to meet the designed objectives

ATM: is an abbreviation for Automated Teller Machine It is a cash point that can be
used to withdraw cash, do transfers a debit card or credit card is used at the
machine to withdraw cash the personal identification number (PIN) has to be
entered along with credit or debit card to access cash

Bank Account: It is record of financial transaction between a bank and the customer
which is maintained by the bank a bank account also shows the resultant financial
position of the customer with the bank

Bank Fraud: The use of potentially illegal means to obtain money, assets or other
property owned or held by a financial institution or obtaining money from
depositors by fraudulently posing at a bank or other financial institution

Card Association: Is a network of issuing banks and acquiring banks that process
payment cards of a specific brand

Cardholder: Is a person who owns the credit card issued by appropriate credit card
company or financial institution
Commercial Banks: Financial institutions that provide services such as accepting
deposits, giving business loans and auto loans, mortgage lending and basic
investment products like savings accounts and certificates of deposits (Koru, 2014)
The traditional commercial bank is a brick and mortar institution with tellers, safe
deposit boxes, vaults and ATMS However, some commercial banks do not have any
physical branches and require customers to complete all transactions by phone or
internet

Credit card fraud detection: This is a process of classifying credit card transactions
into two classes of legitimate (genuine) and fraudulent transactions

Data Mining: This is a well-defined procedure that takes data as input and produces
output in the forms of models or patterns

Financial Institution: This is an institution that provides financial services for its
clients or members (Wikipedia, 2016) probably the most important financial service
provided by financial institutions is acting as financial intermediaries

Financial Sector: This is a category of stocks containing firms that provide financial
services to commercial and retail customers It includes banks, investment funds
(Koru, 2014)

Fraudulent Card Transaction: is one in which the rules and regulations are not
properly followed generally, such transactions are unauthorized by credit card
holders and involve a lost stolen, fabricated, counterfeit and fraudulent processing
of a credit card
Multi-agents: Is a system that is capable of flexible autonomous actions in order to
meet its design objectives it is flexible in terms of its reactivity, reactiveness and
social ability Knowledge: This can be defined as the body of facts and principles
accumulated by human kind or the act, fact or state of knowing
Machine Learning are computer programs that can learn from experience with
respect to some class of tasks and performance measure.
 CONCLUSION

The design and implementation of a credit card fraud detection system is a

critical task in the prevention of financial losses due to fraudulent activities. This
project has demonstrated the effectiveness of a machine learning-based approach
in detecting credit card fraud. The system developed in this project utilizes a
combination of data pre-processing, feature engineering, and classification
algorithms to identify fraudulent transactions.
The results of this project show that the proposed system can achieve high
accuracy, precision, and recall in detecting credit card fraud. The system's
performance is comparable to, and in some cases, surpasses that of existing
commercial fraud detection systems.