تشخیص کلاهبرداری کارت اعتباری: یک روش تلفیقی با استفاده از نظریه دمپستر-شافر و یادگیری بیزین

We propose a novel approach for credit card fraud detection, which combines evidences from current as well as past behavior. The fraud detection system (FDS) consists of four components, namely, rule-based filter, Dempster–Shafer adder, transaction history database and Bayesian learner. In the rule-based component, we determine the suspicion level of each incoming transaction based on the extent of its deviation from good pattern. Dempster–Shafer’s theory is used to combine multiple such evidences and an initial belief is computed. The transaction is classified as normal, abnormal or suspicious depending on this initial belief. Once a transaction is found to be suspicious, belief is further strengthened or weakened according to its similarity with fraudulent or genuine transaction history using Bayesian learning. Extensive simulation with stochastic models shows that fusion of different evidences has a very high positive impact on the performance of a credit card fraud detection system as compared to other methods.

In today’s electronic society, e-commerce has become an essential sales channel for global business. Due to rapid advancement of e-commerce, use of credit cards for purchases has dramatically increased. Unfortunately, fraudulent use of credit cards has also become an attractive source of revenue for criminals. Occurrence of credit card fraud is increasing dramatically due to the exposure of security weaknesses in traditional credit card processing systems resulting in loss of billions of dollars every year. Fraudsters now use sophisticated techniques to perpetrate credit card fraud. The fraudulent activities worldwide present unique challenges to banks and other financial institutions who issue credit cards. In case of bank cards (Visa and MasterCard) a study done by American Bankers Association in 1996 reveals that the estimated gross fraud loss was $790 million in 1995 [1]. The majority of the loss due to credit card fraud is suffered by the USA alone. This is not surprising since 71% of all credit cards are issued in the USA only. In 2005, the total fraud loss in the USA was reported to be $2.7 billion and it has gone up to $3.2 billion in 2007 [2]. Another survey of over 160 companies revealed that online fraud (committed over the Web or phone shopping) is 12 times higher than offline fraud (committed by using a stolen physical card) [3]. To address this problem, financial institutions employ various fraud prevention tools like real-time credit card authorization, address verification systems (AVS), card verification codes, rule-based detection, etc. But fraudsters are adaptive, and given time, they devise several ways to circumvent such protection mechanisms. Despite the best efforts of the financial institutions, law enforcement agencies and the government, credit card fraud continues to rise. In addition to significant financial losses, the main concern of the law enforcement agencies is that this money is also used to support other criminal activities worldwide. Thus, once fraud prevention measures have failed, there is a need for effective technologies to detect fraud in order to maintain the viability of the payment system. Fraudsters constitute a very inventive and fast moving fraternity. As preventive technology changes, so does the technology of criminals and the way they go about with their fraudulent activities. The possibility of enhancing existing operations by introducing an effective FDS constitutes the objective of our work.

Though most of the fraud detection systems show good results in detecting fraudulent transactions, they also lead to the generation of too many false alarms. This assumes significance especially in the domain of credit card fraud detection where a credit card company needs to minimize its losses but, at the same time, does not wish the cardholder to feel restricted too often. We have proposed a novel credit card fraud detection system based on the integration of three approaches, namely, rule-based filtering, Dempster–Shafer theory and Bayesian learning. Dempster’s rule is applied to combine multiple evidences from the rule-based component for computation of initial belief about each incoming transaction. The suspicion score is updated by means of Bayesian learning using history database of both genuine cardholder as well as fraudster. It should be noted that we do not consider any specific fraud model to generate FTH. Instead, FTH is built from history data about past fraudulent behaviors detected by any credit card company. Any other validated fraud model may also be suitably chosen. Moreover, the FDS architecture has been kept flexible so that new rules using any other effective technique can also be included at a later stage to further augment the rule-based component. In addition, Bayesian learning takes place so that the FDS dynamically adapts to the changing behavior of genuine customers as well as fraudsters over time. We have used stochastic models to generate synthetic transactions for analyzing the performance of the system. The simulation yielded up to 98% TP and less than 10% FP. Comparative studies show significant improvement in accuracy. While combining rules using Dempster–Shafer theory gives good performance, especially in terms of true positives, Bayesian learning helps to further improve the system accuracy. Based on the results, we conclude that fusion of multiple evidences and learning are the appropriate approaches for addressing this type of real world problems where the patterns of behavior are complex and there may be little or no knowledge about the semantics of the application domain. The system can be further improved by using an extension of DST as proposed in [30] which is more suited for combining conflicting evidences. Possibilities of using other methods for combining evidences like Bayesian combination network may be explored. We could also cluster the transaction gaps to determine separate Di’s for each cardholder. Such card-specific definitions of Di’s can potentially make it more effective. Since we have given all the details of our approach in Section 3 and that of the simulator in Section 4, the experiments can be repeated by interested readers, thus reproducing the results. Though we have tackled a specific application, we feel that with minor application-specific modifications, the present approach can be effectively used to counter intrusion in other database applications as well.