Analysis of the Various Credit Card Fraud Detection Techniques

Abstract:

The incidents of fraud are increasing year by year, with credit fraud occupying prominent role. This has driven scientists to keep investigating techniques that can be used to detect credit fraud. The main contribution of this project involves finding the characteristics of various techniques which have been suggested in the literature for detecting credit fraud. An ontological knowledge base is constructed to conceptualize the findings of research process. To demonstrate the usefulness of this conceptualization an expert system is constructed. This is capable to advise software developers for the detection technique which they should implement in order to detect a specific type of credit fraud.

A software developer, who wishes to use the expert system, will be asked a few questions associated with the characteristics of detection techniques. The answers to these questions will help the expert system in deciding the appropriate detection technique which best suits software developer’s needs. The hypothesis throughout the project is that the use of expert system can significantly reduce the amount of research that software developers – who wish to implement a fraud detection tool – need to undertake. This is validated by constructing an online questionnaire and invite software developers to participate in. An additional contribution is achieved during the project.

This involves finding and conceptualizing the characteristics of various different frauds and crimes in a second ontological knowledge base. This could be used – as a future work – to construct systems capable to inform people for the type of fraud or crime which they have been victimized. It is worth noting that the second ontological knowledge base acts as a generic version of the first one. This is because the first ontological knowledge base encapsulates the different types of credit fraud and their detection techniques only; whereas the second ontological knowledge base encapsulates a significant number of different frauds and crimes including credit fraud.

Introduction

This first chapter provides an introduction to the area which is related to this project. It starts with fraud in general and moves to credit fraud and detection since these are associated with project’s main contribution. Subsequently, a discussion about the exact aims and deliverables of this project is being made. Gosset el al. (1999) state that the definition of fraud is difficult to be formed since the distinction between fraudulent and legitimate behaviours is not always obvious [1]. On the other hand, Alexopoulos et al. (2007) define fraud as “the deliberate and premeditated act perpetrated to achieve gain on false ground [2]. Sections 2.1 and 2.7 show that the consequences of fraud are not restricted to economic losses but they can also lead to violation of human rights, physical and psychological harms as well as premature deaths [2] [3]. The main contribution of this project is related to credit fraud. Credit fraud is a term used to refer to the family of frauds which are perpetrated in credit industry. These are discussed in detail in section 2.1. For the purpose of this introductory chapter, a particular attention is taken to credit card fraud which is the most important and dangerous type of credit fraud.

Problem statement:

Credit card fraud stands as major problem for word wide financial institutions. Annual lost due to it scales to billions of dollars. We can observe this from many financial reports. Such as (Bhattacharyya et al., 2011) 10th annual online fraud report by CyberSource shows that estimated loss due to online fraud is $4 billion for 2008 which is 11% increase than $3.6 billion loss in 2007and in 2006, fraud in United Kingdom alone was estimated to be £535 million in 2007 and now costing around 13.9 billion a year (Mahdi et al., 2010). From 2006 to 2008, UK alone has lost £427.0 million to £609.90 million due to credit and debit card fraud (Woolsey & Schilz, 2011). Although, there is some decrease in such losses after implementation of detection and prevention systems by government and bank, card-not-present fraud losses are increasing at higher rate due to online transactions. Worst thing is it is still increasing un-protective and un-detective way.

Over the year, government and banks have implemented some steps to subdue these frauds but along with the evolution of fraud detection and control methods, perpetrators are also evolving their methods and practices to avoid detection. Thus an effective and innovative methods need to be develop which will evolve accordingly to the need.

Objective:

This project aims on researching the various techniques that have been suggested in the literature for detecting credit fraud. The characteristics of the techniques are analyzed and encapsulated into a knowledge base system. The latter is capable to receive questions – also known as queries – and respond with answers based on the encapsulated information. An example of the question that a user can impose into the knowledge base, using plain English, may be: “What technique should I implement if I want to detect credit card fraud and if there is a lot of noise in the data set?”

Literature review:

This is the most common fraud type that occurs in credit industry. A fraudster uses a legitimate card to undertake illegitimate transactions. The cardholder is not aware of the fact that their card is being used without their permission. The fraudster takes advantage of cardholder’s ignorance by undertaking as much transactions as possible before the cardholder realizes and reports the fraud to their bank [10]. According to Laleh et al. (2009) credit card fraud can be committed either offline or online [9]. These two ways are discussed below. Offline Credit Card Fraud Offline fraud occurs when a fraudster steals the physical card and uses it at the actual stores [9]. Although offline fraud is still popular nowadays; it is less common because there is a higher probability to fail. More precisely, the cardholders tend to realize the lost of the physical card and report that to their bank before the fraudster manages to undertake any illegitimate transactions with it. As soon as the stolen card is reported to the bank, the latter will lock the card so as it cannot be used anymore. It is particularly useful to notice that if the cardholder does not realize the lost of their card, a significant financial loss can occur. As mentioned in the introduction chapter, the policies of some banks enforce cardholders to pay for the losses which occur due to an unreported

Notice that most of the UK banks tend to send the newly created cards via the post office. This is extremely dangerous because the cards may be stolen while they are on the way to cardholder’s destination address [11]. Online Credit Card Fraud During online fraud only the details of the card are stolen and not the card itself. This is also known as virtual card theft. The details of the card can be used in places where the card need not be physically present like internet or phone purchases [9]. This type of credit card fraud is very dangerous and more difficult to prevent because fraudsters can hold credit card’s information for a long period of time before they use it [10]. There is no way for the cardholder to know in advance that their credit card information is stolen. Therefore this type of fraud may only be detected after one or more illegitimate transactions are taken place.

There are various ways that fraudsters adapt in order to steal the information of credit cards. Some of these ways are briefly discussed below. Skimming Patidar et al. (2011) define skimming as the “process where the actual data on a card’s magnetic stripe is electronically copied onto another” [12]. Fraudsters use special-purpose devices – also known as skimmers – to capture the information of credit cards that are encapsulated inside their magnetic stripes [11] [12]. They can use the stolen card information to create counterfeit physical cards in order to use them at actual shops or simply supply the card information at online shops [11]. Skimming can be committed by an unfaithful employee, who may swipe customer’s card using the skimmer device, while the customer is at the point of sale. In the past, skimmer devices have also been introduced on ATM cash machines. In addition to that, micro-cameras have been used to record the PIN code of a cardholder during ATM transactions. Site Cloning Fraudsters clone a legitimate website to deceive customers into placing an order with them. Since the fraudulent website seems identical to the legitimate one, the unsuspecting customers provide their credit card information to. complete their order.

Consequently fraudsters who obtained the customer’s credit card information can commit credit card fraud whenever they wish to [12]. False Merchant Sites According to Patidar et al. (2011) there are various websites that ask for credit card information in order to confirm customer’s age [12]. These websites will never charge the credit cards directly but they may sell their information to fraudsters who will commit credit card fraud [12]. Credit Card Generators These are automated programs which make use of banks’ algorithms to generate credit card numbers [12]. Fraudsters can generate an arbitrary sequence of candidate numbers and then use other techniques – like trial and error – to figure out which numbers correspond to real credit card accounts.

Phishing Refers to the spam emails that are sent by fraudsters in order to deceive their victims and obtain their personal information [12]. Fraudsters can impersonate a service provider or institute that victims collaborate with. In their email, fraudsters can make use of a convincing excuse to ask for victim’s personal information including credit card details. The spam emails may also include links to fraudulent websites which again can deceive victims into revealing their personal information. Taking into account the enormous amount of spam emails that we receive at a daily basis, anyone can conclude that this type of fraud is still popular nowadays; although it has been out for many years.