BHARATI VIDYAPEETH INSTITUTE OF TECHNOLOGY, NAVI MUMBAI

DEPARTMENT OF INFORMATION TECHNOLOGY

___________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________

MAHARASHTRA STATE BOARD OF TECHNICAL EDUCATION

PROJECT REPORT
CREDIT CARD FRAUD AS AN IDENTITY THREAT 
SUBMITTED BY

1800270204 3303 VIJAY ZAMBARE

1800270251 3304 TANMAY YERNE
1700270079 3305 SATWIK BERDE
1800270257 3306 SHARDUL VANAGE
2020-2021

DEPARTMENT OF INFORMATION TECHNOLOGY

SUPERVISED BY

MR.MOHAN MALI
Lecturer
Information Technology
 BHARATI VIDYAPEETH INSTITUTE OF TECHNOLOGY

Sector-7, C.B.D. Belapur, Navi Mumbai

CERTIFICATE
This is to certify that the report of the project entitled

CREDIT CARD FRAUD AS AN IDENTITY THREAT 

Submitted by:

1800270204 3303 VIJAY ZAMBARE

1800270251 3304 TANMAY YERNE
1700270079 3305 SATWIK BERDE
1800270257 3306 SHARDUL VANAGE
To the

MAHARASHTRA STATE BOARD OF TECHNICAL EDUCATION

In partial fulfilment of the requirement for the Course of
DIPLOMA IN INFORMATION TECHNOLOGY
Has been satisfactorily carried out under the guidance of
MR.MOHAN MALI
In SEM 6 during the academic year 2020 – 2021

Project Guide
___________________
 Abstract

Fraud is one of the major ethical issues in the credit card industry. The main aims
are, firstly, to identify the different types of credit card fraud, and, secondly, to
review alternative techniques that have been used in fraud detection. The sub-aim
is to present, compare and analyse recently published findings in credit card fraud
detection. This article defines common terms in credit card fraud and highlights
key statistics and figures in this field. Depending on the type of fraud faced by
banks or credit card companies, various measures can be adopted and
implemented. The proposals made in this paper are likely to have beneficial
attributes in terms of cost savings and time efficiency. The significance of the
application of the techniques reviewed here is in the minimization of credit card
fraud. Yet there are still ethical issues when genuine credit card customers are
misclassified as fraudulent.
 Introduction
Credit card fraud is an inclusive term for fraud committed using a payment
card, such as a credit card or debit card The purpose may be to obtain
goods or services, or to make payment to another account which is
controlled by a criminal. The Payment Card Industry Data Security
Standard (PCI DSS) is the data security standard created to help
businesses process card payments securely and reduce card fraud.

Credit card fraud can be authorized, where the genuine customer

themselves processes a payment to another account which is controlled by
a criminal, or unauthorized, where the account holder does not provide
authorization for the payment to proceed and the transaction is carried out
by a third party.

Credit cards are more secure than ever, with regulators, card providers and
banks taking considerable time and effort to collaborate with investigators
worldwide to ensure fraudsters aren't successful. Cardholders' money is
usually protected from scammers with regulations that make the card
provider and bank accountable. The technology and security measures
behind credit cards are becoming increasingly sophisticated making it
harder for fraudsters to steal money
Types of fraud :

Bankruptcy fraud. This section focuses on bankruptcy fraud and advises

the use of credit report from credit bureaux as a source of information
regarding the applicants’ public records as well as a possible
implementation of a bankruptcy model. Bankruptcy fraud is one of the
most difficult types of fraud to predict. However, some methods or
techniques may help in its prevention. Bankruptcy fraud means using a
credit card while being insolvent. In other words, purchasers use credit
cards knowing that they are not able to pay for their purchases. The bank
will send them an order to pay. However, the customers will be recognized
as being in a state of personal bankruptcy and not able to recover their
debts. The bank will have to cover the losses itself. Usually, this type of
fraud loss is not included in the calculation of the fraud loss provision as it
is considered a charge-off loss. The only way to prevent this bankruptcy
fraud is by doing a pre-check with credit bureaux in order to be informed
about the banking history of the customers
Theft fraud/counterfeit fraud. This section focuses on theft fraud and
counterfeit fraud, which are related to each other. Theft fraud means using
a card that is not yours. The perpetrator will steal the card of someone
else and use it as many times as possible before the card is blocked. The
sooner the owner will react and contact the bank, the faster the bank will
take measures to stop the thief. Similarly, counterfeit fraud occurs when
the credit card is used remotely; only the credit card details are needed. At
one point, one will copy your card number and codes and use it via certain
web-sites, where no signature or physical cards are required.

Application fraud. Application fraud is when someone applies for a

credit card with false information. To detect application fraud, the solution
is to implement a fraud system that allows identifying suspicious
applications. To detect application fraud, two different situations have to
be distinguished: when applications come from a same individual with the
same details, the so-called duplicates, and when applications come from
different individuals with similar details, the so called identity fraudsters.
In most banks, to be eligible for a credit card, applicants need to
complete an application form. This application form is mandatory except
for social fields. The information required includes identification
information, location information, contact information, confidential
information and additional information. Recurrent information available
would be for identification purposes, such as the full name and the date
of birth. The applicant would inform the bank about his/her location
details: the address, the postal code, the city and the country. The bank
would also ask for contact details, such as e-mail address, land-line and
mobile phone numbers. Confidential information will be the password. In
addition, the gender will be given. All those characteristics may be used
while searching for duplicates.
To identify the so-called duplicates, cross-matching techniques are in
common use. Rather than using statistical techniques, another method
easy to implement is cross-matching. For instance, simple queries that
give fast results are to cross-identify information with location details.
Examples would be “last name and date of birth and postal code and
address” or “last name and address and e-mail and gender”. By those
queries, individuals with more than one card are identified. Those are
quite simplistic queries but will remove most duplicates from the system.
Note that duplicates may usually be genuine. Customers can reapply
filling in a new address or spelling differently in one of the fields. By
contrast, identity crime, as it is named, is perpetrated by real criminals
filling wrong application data consciously
Behavioral fraud. Behavioral fraud occurs when details of legitimate
cards have been obtained fraudulently and sales are made on a
‘cardholder present’ basis. These sales include telephone sales and e-
commerce transactions, where only the card details are required.
Behavioral fraud can be detected by implementing a fraud scorecard
predicting which customers are likely to default. Traditional credit
scorecards are used to detect customers who are likely to default, and
the reasons for this may include fraud. Regarding the process, using
scoring for fraud prevention is similar to any other use, including profit,
default, and collection. The score reflects experience of past cases, and
the result is a binary outcome: a genuine customer or a fraudster.

The key difference is that professional fraudsters will make their

application look very genuine. Therefore, some scoring developments for
fraud prevention have not proved worthwhile because they are unable to
differentiate between genuine applications and fraudulent applications.
On the other hand, if one uses scoring as a fraud check in addition to
using a different scoring model as a credit risk check, any improvement
will add value. However, the value of this additional check relies on it not
presenting too many false-positive cases. To detect fraudulent
applications is possible once they have gone through the system and
have been bank customers for a certain time. To build a scorecard, it is
important to define what the profile of a fraudulent customer is, and
especially the cardholder level profiles encapsulating normal transaction
patterns, such as frequency of use, typical value range, types of goods
purchased, transaction types, retailer profiles, cash usage, balance and
payment histories, overseas spending patterns and daily, weekly,
monthly and seasonal patterns

With application fraud, fraudsters will only be detected while accounts are
sent out or repayment dates begin to pass. Time delays are the main
issues with suspicious scorecards. Generally, a bank would need a 12-
month period to collect enough relevant data to build this model and to
have such a model fully implemented

Proposed Methodology
the observations in the review of literature that reveal the need for feature
selection in order to improve quality of classifiers. Towards this end, we
have chosen two well-known supervised learning methods like RF and
SVM. Besides we used a Representative Feature Selection (RFS)
algorithm that is used to eliminate redundant features and irrelevant
features. The algorithm takes representative features in order to reduce
search space and improve performance of the algorithms. In addition to
this, the proposed algorithm can improve accuracy of the prediction due
to the quality improvement in the training sets. A framework is proposed
and used for the empirical study.
 Problem Statement
With the growth of e-commerce websites, people and financial
companies rely on online services to carry out their transactions that have
led to an exponential increase in the credit card frauds.

Fraudulent credit card transactions lead to a loss of huge amount of

money. The design of an effective fraud detection system is necessary in
order to reduce the losses incurred by the customers and financial
companies.

Research has been done on many models and methods to prevent and
detect credit card frauds. Some credit card fraud transaction datasets
contain the problem of imbalance in datasets. A good fraud detection
system should be able to identify the fraud transaction accurately and
should make the detection possible in real-time transactions. Fraud
detection can be divided into two groups: anomaly detection and misuse
detection. Anomaly detection systems bring normal transaction to be
trained and use techniques to determine novel frauds. Conversely, a
misuse fraud detection system uses the labelled transaction as normal or
fraud transaction to be trained in the database history. So, this misuse
detection system entails a system of supervised learning and anomaly
detection system a system of unsupervised learning

Fraudsters masquerade the normal behaviour of customers and the

fraud patterns are changing rapidly so the fraud detection system needs
to constantly learn and update. Credit card frauds can be broadly
classified into three categories, that is, traditional card related frauds
merchant related frauds

Conclusion

Clearly, credit card fraud is an act of criminal dishonesty. This article has
reviewed recent findings in the credit card field. This paper has identified
the different types of fraud, such as bankruptcy fraud, counterfeit fraud,
theft fraud, application fraud and behavioural fraud, and discussed
measures to detect them. Such measures have included pair-wise
matching, decision trees, clustering techniques, neural networks, and
genetic algorithms.

From an ethical perspective, it can be argued that banks and credit card
companies should attempt to detect all fraudulent cases. Yet, the
unprofessional fraudster is unlikely to operate on the scale of the
professional fraudster and so the costs to the bank of their detection may
be uneconomic. The bank would then be faced with an ethical dilemma.
Should they try to detect such fraudulent cases or should they act in
shareholder interests and avoid uneconomic costs?

As the next step in this research program, the focus will be upon the
implementation of a ‘suspicious’ scorecard on a real data-set and its
evaluation. The main tasks will be to build scoring models to predict
fraudulent behaviour, taking into account the fields of behaviour that
relate to the different types of credit card fraud identified in this paper,
and to evaluate the associated ethical implications.

Detection Techniques

Decision tree: The idea of a similarity tree using decision tree logic has
been developed. A similarity tree is defined recursively: nodes are
labelled with attribute names, edges are labelled with values of attributes
that satisfy some condition and ‘leaves’ that contain an intensity factor
which is defined as the ratio of the number of transactions that satisfy
these condition(s) over the total number of legitimate transactions in the
behaviour The advantage of the method that is suggested is that it is
easy to implement, to understand and to display. However, a
disadvantage of this system is the requirements to check each
transaction one by one. Nevertheless, similarity trees have given proven
results

Genetic algorithms and other algorithms: Algorithms are often

recommended as predictive methods as a means of detecting fraud. One
algorithm that has been suggested by Bentley et al. (2000) is based on
genetic programming in order to establish logic rules capable of
classifying credit card transactions into suspicious and non-suspicious
classes. Basically, this method follows the scoring process. In the
experiment described in their study, the database was made of 4,000
transactions with 62 fields. As for the similarity tree, training and testing
samples were employed. Different types of rules were tested with the
different fields. The best rule is the one with the highest predictability.
Their method has proven results for real home insurance data and could
be one efficient method against credit card fraud.

Clustering techniques: Bolton & Hand (2002) suggest two clustering

techniques for behavioral fraud. The peer group analysis is a system that
allows identifying accounts that are behaving differently from others at
one moment in time whereas they were behaving the same previously.
Those accounts are then flagged as suspicious. Fraud analysts have
then to investigate those cases. The hypothesis of the peer group
analysis is that if accounts behave the same for a certain period of time
and then one account is behaving significantly differently, this account
has to be notified. Breakpoint analysis uses a different approach. The
hypothesis is that if a change of card usage is notified on an individual
basis, the account has to be investigated. In other words, based on the
transactions of a single card, the break-point analysis can identify
suspicious behavior. Signals of suspicious behavior are a sudden
transaction for a high amount, and a high frequency of usage.

Neural networks. Neural networks are also often recommended for fraud
detection. Dorronsoro et al. (1997) developed a technically accessible
online fraud detection system, based on a neural classifier. However, the
main constraint is that data need to be clustered by type of account.
Similar concepts are: Card watch Back-propagation of error signals
FDS SOM improving detection efficiency “mis-detections”. Data mining
tools, such as ‘Clementine’ allow the use of neural network technologies,
which have been used in credit card fraud

Bayesian networks are also one technique to detect fraud, and have
been applied to detect fraud in the telecommunications industry Results
from this technique are optimistic. However, the time constraint is one
main disadvantage of such a technique, especially compared with neural
networks Furthermore, expert systems have also been used in credit card
fraud using a rule-based expert system

However, no matter the statistical techniques chosen, the fraud detection

system will need to fulfil some conditions. As the number of fraudulent
transactions is much less than the total number of transactions, the
system will have to handle skewed distributions of the data. Otherwise,
the data need to be split into training samples, where the distribution is
less skewed (Chan et al., 1997). The system has to be accurate with
actual performing classifiers and to be capable of handling noise in the
data; a suggested solution is to clean the data (Fawcett & Provost, 1997).
The system should also be able to handle overlaps; fraudulent
transactions may be similar to normal transactions. As fraudsters reinvent
new techniques constantly, the system needs to be adaptive and
evaluated regularly. A cost profit analysis is also a must in fraud detection
to avoid spending time on uneconomic cases.

Literature Survey

As the information technology is developing the fraud is also increasing

as a result financial loss due to fraud is also very large. A cost sensitive
decision tree approach has been used for fraud detection. A cost called
misclassification cost is used which is taken as varying as well as
priorities of the fraud also differs according to individual records. So
common performance metrics such as accuracy, True Positive Rate
(TPR) or even area Under Curve cannot be used to evaluate the
performance of the models because they accept each fraud as having the
same priority regardless of the amount of that fraudulent transaction or
the available usable limit of the card used in the transaction at that time.
For avoiding this a new performance metric which prioritizes each
fraudulent transaction in a meaningful way and it also checks the
performance of the model in minimizing the total financial loss. The
measure used is Saved Loss Rate (SLR) which is the saved percentage
of the potential financial loss that is the sum of the available usable limits
of the cards from which fraudulent transactions are committed

Number of credit and debit card fraud incidents reported across

India in 2019, by leading state
Fraudsters siphoned off ₹615.39 crore in more than 1.17 lakh cases of credit and debit card frauds over 10
years (April 2009 to September 2019), Reserve Bank of India (RBI) data revealed.
According to the Central bank’s reply to a right-to-information (RTI) query, the amount would be much
higher because the bank did not keep a record of cybercrimes amounting to less than ₹1 lakh between April
2009 and April 2017.
 References

1. Smith, Michael. The Federal Cyber Role: How Federal Cybersecurity

Policy Has Affected the Public and Private Sector. Diss. Utica College,
2017.

2. Seyedhossein, Leila, and Mahmoud Reza Hashemi. "Mining information

from credit card time series for timelier fraud detection."
Telecommunications (IST), 2010 5th International Symposium on. IEEE,
2010.

3. https://www.h2o.ai/h2o-old/h2o-flow/

4. Pumsirirat, Apapan, and Liu Yan. "Credit Card Fraud Detection using
Deep Learning based on Auto-Encoder and Restricted Boltzmann
Machine." INTERNATIONAL JOURNAL OF ADVANCED COMPUTER
SCIENCE AND APPLICATIONS 9.1 (2018): 18-25.