CREDIT CARD FRAUD DETECTION

Submitted in partial fulfillment of the requirement for the

award of the degree of

MASTER OF COMPUTER APPLICATION

BY

SMRITI ALIZA BARLA

(MCA/40038/20)

UNDER THE GUIDANCE OF

(MR. HARESHWAR PRASAD)

Department of CSE

DEPARTMENT OF COMP. SC. & ENGG.

BIRLA INSTITUTE OF TECHNOLOGY
LALPUR, RANCHI-834001

(MO 2022)
 DECLARATION CERTIFICATE

This is to certify that the work presented in the project entitled “CREDIT CARD

FRAUD DETECTION” in partial fulfillment of the requirement for the award of

degree of Master of Computer Application, of Birla Institute of Technology,

Lalpur, Ranchi, is an authentic work carried out under my supervision. To the

best of my knowledge, the content of this project does not form a basis for the

award of any previous Degree to anyone else.

Date Guide Name & Signature

Dept. to Comp. Sc. & Engg.
BIT Extn. Centre, Lalpur

Academic Coordinator
Department of Comp. Sc. & Engg. Director/ In-charge
Birla Institute of Technology, Lalpur Birla Institute of Technology, Lalpur
Ranchi – 834001 Ranchi – 834001
 CERTIFICATE OF APPROVAL

The foregoing project entitled, “CREDIT CARD FRAUD DETECTION” is

hereby approved as a creditable study of research topic and has been

presented in a satisfactory manner to warrant its acceptance as

prerequisite to the degree for which it was submitted.

It is understood that by this approval, the undersigned do not necessarily

endorse any conclusion drawn or opinion expressed therein, but approve

the thesis for the purpose for which it is submitted.

(Internal Examiner) (External Examiner)

(Director/In-charge)
BITOC, Lalpur, Ranchi
 Acknowledgement

We are pleased to present “Credit Card Fraud Detection” project and

take this opportunity to express our profound gratitude to all those people
who helped us in completion of this project.
We thank our college for providing us with excellent facilities that
helped us to complete and present this project. We would also like to thank
the staff members and lab assistants for permitting us to use computers in the
lab as and when required.
We express our deepest gratitude towards our project guide for her
valuable and timely advice during the various phases in our project. We would
also like to thank her for providing us with all proper facilities and support as
the project co-coordinator. We would like to thank her for support, patience
and faith in our capabilities and for giving us flexibility in terms of working and
reporting schedules.
We would like to thank all our friends for their smiles and friendship
making the college life enjoyable and memorable and family members who
always stood beside us and provided the utmost important moral support.
Finally we would like to thank everyone who has helped us directly or
indirectly in our project.
 PROJECT OVERVIEW

Introduction

For some time, there has been a strong interest in the ethics of banking
(Molyneaux, 2007; George, 1992), as well as the moral complexity of
fraudulent behavior (Clarke, 1994). Fraud means obtaining services/goods
and/or money by unethical means, and is a growing problem all over the world
nowadays. Fraud deals with cases involving criminal purposes that, mostly, are
difficult to identify.
Credit cards are one of the most famous targets of fraud but not the
only one; fraud can occur with any type of credit products, such as personal
loans, home loans, and retail. Furthermore, the face of fraud has changed
dramatically during the last few decades as technologies have changed and
developed. A critical task to help businesses, and financial institutions including
banks is to take steps to prevent fraud and to deal with it efficiently and
effectively, when it does happen (Anderson, 2007).
Anderson (2007) has identified and explained the different types of
fraud, which are as many and varied as the financial institution’s products and
technologies, as shown in below figure.
The main aims are, firstly, to identify the different types of credit card
fraud, and, secondly, to review alternative techniques that have been used in
fraud detection. The focus here is in Europe, and so ethical issues arising from
other cultures are not taken into account; but for a discussion of these the
reader is referred to Chepaitis (1997) and Gichure (2000).
 Indeed, transaction products, including credit cards, are the most
vulnerable to fraud. On the other hand, other products such as personal loans
and retail are also at risk, and have serious ethical
Modules and their Description

This system is having 6 Modules:

1. Registration
2. Login
3. Payment
4. Verification
5. Feedback
6. Logout

Description:

1. Registration:
- Here, user first need to registration themselves with details to access
the system.

2. Login:
- After a successful registration, user then need to login into the
system by inputting their credentials into the system.

3. Payment
- User can select payment mode to perform transactions by providing
the card details like card no., CVV code, Expiry Date and Holders
name.

4. Verification:
- If the user performs a huge transaction then for security purpose, the
system will automatically redirect to the verification page to verify
the user and to prevent from misuse of card incase lost.
5. Feedback:
- Here, the user may provide feedback to the admin regarding the
working of the system.

6. Logout:
- After a successful transaction, user may logout from the system.
Existing System & Proposed System

 Problem with current scenario

PROPOSED SYSTEM

 In proposed system, I present a behavior and Location Analysis (BLA).

 Which does not require fraud signatures and yet is able to detect frauds
by considering a cardholder’s spending habit.
 Card transaction processing sequence by the stochastic process of a BLA.
 The details of items purchased in Individual transactions are usually not
known to any Fraud Detection System (FDS) running at the bank that
issues credit cards to the cardholders.
 Hence, I feel that BLA is an ideal choice for addressing this problem.
 Another important advantage of the BLA - based approach is a drastic
reduction in the number of False Positives transactions identified as
malicious by an FDS although they are actually genuine.
 An FDS runs at a credit card issuing bank. Each incoming transaction is
submitted to the FDS for verification.
 FDS receives the card details and the value of purchase to verify,
whether the transaction is genuine or not.
 The types of goods that are bought in that transaction are not known to
the FDS.
 It tries to find any anomaly in the transaction based on the spending
profile of the cardholder, shipping address, and billing address, etc.
 If the FDS confirms the transaction to be of fraud, it raises an alarm, and
the issuing bank declines the transaction.
 The credit card fraud detection features uses user behavior and location
scanning to check for unusual patterns. These patterns include user
characteristics such as user spending patterns as well as usual user geographic
locations to verify his identity. If any unusual pattern is detected, the system
requires re-verification.
The system analyses user credit card data for various characteristics.
These characteristics include user country, usual spending procedures. Based
upon previous data of that user the system recognizes unusual patterns in the
payment procedure. So now the system may require the user to login again or
even block the user for more than 3 invalid attempts.
Gantt Chart
 PROJECT DESIGN
E-R Diagram

Admin_id
Admin

Name Password

Credit Card Fraud

User access
Detection System

Password
provides
User_id
Name Payment

Gender
New User
Registration
Address
Update
Details
Verification
Mobile No.

Email id
User id Password
Use Case Diagram
Sequence Diagram
Activity Diagram
Class Diagram

USER New Registration

- User_id : String - Name : String
- Password : String - Gender : String
- Comment : String - Address : String
- Mobile No.: Int
+ Login() - Email id : String
+ btn_Click () - User id : String
+ Logout () - Password : String

ADMIN
- Admin_id : String
- Password : String

+ Login()
+ btn_Click ()
+ Logout ()
Data Flow Diagram

A data flow diagram is graphical tool used to describe and analyze

movement of data through a system. These are the central tool and the basis
from which the other components are developed. The transformation of data
from input to output, through processed, may be described logically and
independently of physical components associated with the system. These are
known as the logical data flow diagrams. The physical data flow diagrams
show the actual implements and movement of data between people,
departments and workstations. A full description of a system actually consists
of a set of data flow diagrams. Using two familiar notations Yourdon, Gane
and Sarson notation develops the data flow diagrams. Each component in a
DFD is labeled with a descriptive name. Process is further identified with a
number that will be used for identification purpose. The development of DFD’s
is done in several levels. Each process in lower level diagrams can be broken
down into a more detailed DFD in the next level. The lop-level diagram is often
called context diagram. It consists a single process bit, which plays vital role in
studying the current system. The process in the context level diagram is
exploded into other process at the first level DFD.

The idea behind the explosion of a process into more process is that
understanding at one level of detail is exploded into greater detail at the next
level. This is done until further explosion is necessary and an adequate
amount of detail is described for analyst to understand the process.
 Larry Constantine first developed the DFD as a way of expressing system
requirements in a graphical from, this lead to the modular design.

A DFD is also known as a “bubble Chart” has the purpose of clarifying

system requirements and identifying major transformations that will become
programs in system design. So it is the starting point of the design to the
lowest level of detail. A DFD consists of a series of bubbles joined by data
flows in the system.

DFD SYMBOLS:

In the DFD, there are four symbols

1. A square defines a source(originator) or destination of system data

2. An arrow identifies data flow. It is the pipeline through which the
information flows
3. A circle or a bubble represents a process that transforms incoming data
flow into outgoing data flows.
4. An open rectangle is a data store, data at rest or a temporary repository of
data
 Process that transforms data flow.

Source or Destination of data

Data flow

Data Store

CONSTRUCTING A DFD:

Several rules of thumb are used in drawing DFD’s:

1. Process should be named and numbered for an easy reference. Each name
should be representative of the process.
2. The direction of flow is from top to bottom and from left to right. Data
traditionally flow from source to the destination although they may flow
back to the source. One way to indicate this is to draw long flow line back
to a source. An alternative way is to repeat the source symbol as a
destination. Since it is used more than once in the DFD it is marked with a
short diagonal.
3. When a process is exploded into lower level details, they are numbered.
4. The names of data stores and destinations are written in capital letters.
Process and dataflow names have the first letter of each work capitalized

A DFD typically shows the minimum contents of data store. Each data store
should contain all the data elements that flow in and out.

Questionnaires should contain all the data elements that flow in and out.
Missing interfaces redundancies and like is then accounted for often through
interviews.

SAILENT FEATURES OF DFD’s

1. The DFD shows flow of data, not of control loops and decision are
controlled considerations do not appear on a DFD.
2. The DFD does not indicate the time factor involved in any process
whether the data flows take place daily, weekly, monthly or yearly.
3. The sequence of events is not brought out on the DFD.
TYPES OF DATA FLOW DIAGRAMS
1. Current Physical
2. Current Logical
3. New Logical
4. New Physical

CURRENT PHYSICAL:

In Current Physical DFD process label include the name of people or

their positions or the names of computer systems that might provide some of
the overall system-processing label includes an identification of the technology
used to process the data. Similarly data flows and data stores are often labels
with the names of the actual physical media on which data are stored such as
file folders, computer files, business forms or computer tapes.

CURRENT LOGICAL:

The physical aspects at the system are removed as much as possible so

that the current system is reduced to its essence to the data and the
processors that transform them regardless of actual physical form.
NEW LOGICAL:

This is exactly like a current logical model if the user were completely
happy with the user were completely happy with the functionality of the
current system but had problems with how it was implemented typically
through the new logical model will differ from current logical model while
having additional functions, absolute function removal and inefficient flows
recognized.

NEW PHYSICAL:

The new physical represents only the physical implementation of the

new system.

RULES GOVERNING THE DFD’S

PROCESS
1) No process can have only outputs.
2) No process can have only inputs. If an object has only inputs than it
must be a sink.
3) A process has a verb phrase label.

DATA STORE
1) Data cannot move directly from one data store to another data store,
a process must move data.
 2) Data cannot move directly from an outside source to a data store, a
process, which receives, must move data from the source and place
the data into data store
3) A data store has a noun phrase label.

SOURCE OR SINK
The origin and /or destination of data.

1) Data cannot move direly from a source to sink it must be moved by

a process
2) A source and /or sink has a noun phrase land

DATA FLOW
1) A Data Flow has only one direction of flow between symbols. It may
flow in both directions between a process and a data store to show a
read before an update. The later it usually indicated however by two
separate arrows since these happen at different type.
2) A join in DFD means that exactly the same data comes from any of
two or more different processes data store or sink to a common
location.
3) A data flow cannot go directly back to the same process it leads.
There must be at least one other process that handles the data flow
produce some other data flow returns the original data into the
beginning process.
4) A Data flow to a data store means update (delete or change).
5) A data Flow from a data store means retrieve or use.
Data Flow Diagrams

1.0
Query
User Query Process 0.0 Check for user
Request Requirement
Credit Card Fraud
User Detection System Database
DB
User need

1.1

Feedback For
Relevant Database
User Data

DATABASE DETAIL

LEVEL 1 DFD
 LEVEL 2 DFD: PREDICTION
Query 2.0

User Accept
Query

Give info about

2.1
DB
Give Check Availability
request of or for query
to user processing

2.2

Process Via Credit Card Fraud

Query Detection System DB

Snapshots
 PROJECT IMPLEMENTATION

Project Implementation Technology

The Project is loaded in Visual Studio 2010. We used Visual Studio for
Design and coding of project. Created and maintained all databases into SQL
Server 2008, in that we create tables, write query for store data or record of
project.

 Hardware Requirement:-

 i3 Processor Based Computer

 1GB-Ram
 5 GB Hard Disk

 Software Requirement:

 Windows XP, Windows 7(ultimate & enterprise)

 Visual studio 2010.

 SQL Server 2008.
CODING
FEASIBILITY REPORT

Feasibility Study is a high level capsule version of the entire process

intended to answer a number of questions like: What is the problem? Is there
any feasible solution to the given problem? Is the problem even worth solving?
Feasibility study is conducted once the problem clearly understood. Feasibility
study is necessary to determine that the proposed system is Feasible by
considering the technical, Operational, and Economical factors. By having a
detailed feasibility study the management will have a clear-cut view of the
proposed system.
The following feasibilities are considered for the project in order to ensure
that the project is variable and it does not have any major obstructions.
Feasibility study encompasses the following things:

 Technical Feasibility
 Economic Feasibility
 Operational Feasibility

In this phase, we study the feasibility of all proposed systems, and pick the
best feasible solution for the problem. The feasibility is studied based on three
main factors as follows.
 Technical Feasibility

In this step, we verify whether the proposed systems are technically

feasible or not. i.e., all the technologies required to develop the system
are available readily or not.
Technical Feasibility determines whether the organization has the
technology and skills necessary to carry out the project and how this
should be obtained. The system can be feasible because of the following
grounds:

 All necessary technology exists to develop the system.

 This system is too flexible and it can be expanded further.
 This system can give guarantees of accuracy, ease of use, reliability
and the data security.
 This system can give instant response to inquire.
Our project is technically feasible because, all the
technology needed for our project is readily available.

Operating System : Windows XP, 7(ultimate & enterprise)

Languages : Asp.Net with C# (.Net 2010)

Database System : MS-SQL Server 2008

Documentation Tool : MS - Word 2013

  Economic Feasibility

Economically, this project is completely feasible because it

requires no extra financial investment and with respect to time, it’s
completely possible to complete this project in 6 months.

In this step, we verify which proposal is more economical. We

compare the financial benefits of the new system with the investment.
The new system is economically feasible only when the financial benefits
are more than the investments and expenditure. Economic Feasibility
determines whether the project goal can be within the resource limits
allocated to it or not. It must determine whether it is worthwhile to
process with the entire project or whether the benefits obtained from
the new system are not worth the costs. Financial benefits must be
equal or exceed the costs. In this issue, we should consider:

 The cost to conduct a full system investigation.

 The cost of h/w and s/w for the class of application being considered.
 The development tool.
 The cost of maintenance etc...

Our project is economically feasible because the cost of development is

very minimal when compared to financial benefits of the application.
  Operational Feasibility

In this step, we verify different operational factors of the proposed

systems like man-power, time etc., whichever solution uses less operational
resources, is the best operationally feasible solution. The solution should also
be operationally possible to implement. Operational Feasibility determines if
the proposed system satisfied user objectives could be fitted into the current
system operation.

 The methods of processing and presentation are completely accepted

by the clients since they can meet all user requirements.
 The clients have been involved in the planning and development of
the system.
 The proposed system will not cause any problem under any
circumstances.

Our project is operationally feasible because the time requirements and

personnel requirements are satisfied. We are a team of four members and we
worked on this project for three working months.
 TESTING

As the project is on bit large scale, we always need testing to make it

successful. If each components work properly in all respect and gives desired
output for all kind of inputs then project is said to be successful. So the
conclusion is-to make the project successful, it needs to be tested.

The testing done here was System Testing checking whether the user
requirements were satisfied. The code for the new system has been written
completely using ASP .NET with C# as the coding language, C# as the interface
for front-end designing. The new system has been tested well with the help of
the users and all the applications have been verified from every nook and
corner of the user.

Although some applications were found to be erroneous these

applications have been corrected before being implemented. The flow of the
forms has been found to be very much in accordance with the actual flow of
data.
Levels of Testing

In order to uncover the errors present in different phases we have the

concept of levels of testing. The basic levels of testing are:

Client Needs Acceptance Testing

Requirements System Testing

Design Integration Testing

Code Unit Testing

A series of testing is done for the proposed system before the system
is ready for the user acceptance testing.
 The steps involved in Testing are:

 Unit Testing

Unit testing focuses verification efforts on the smallest unit of the

software design, the module. This is also known as “Module Testing”. The
modules are tested separately. This testing carried out during programming
stage itself. In this testing each module is found to be working satisfactorily as
regards to the expected output from the module.

 Integration Testing

Data can be grossed across an interface; one module can have

adverse efforts on another. Integration testing is systematic testing for
construction the program structure while at the same time conducting tests to
uncover errors associated with in the interface. The objective is to take unit
tested modules and build a program structure. All the modules are combined
and tested as a whole. Here correction is difficult because the isolation of
cause is complicate by the vast expense of the entire program. Thus in the
integration testing stop, all the errors uncovered are corrected for the text
testing steps.
  System testing

System testing is the stage of implementation that is aimed at ensuring

that the system works accurately and efficiently for live operation commences.
Testing is vital to the success of the system. System testing makes a logical
assumption that if all the parts of the system are correct, then goal will be
successfully achieved.

 Validation Testing

At the conclusion of integration testing software is completely

assembled as a package, interfacing errors have been uncovered and corrected
and a final series of software tests begins, validation test begins. Validation
test can be defined in many ways. But the simple definition is that validation
succeeds when the software function in a manner that can reasonably
expected by the customer. After validation test has been conducted one of two
possible conditions exists.

One is the function or performance characteristics confirm to

specifications and are accepted and the other is deviation from specification is
uncovered and a deficiency list is created. Proposed system under
consideration has been tested by using validation testing and found to be
working satisfactorily.
  Output Testing

After performing validation testing, the next step is output testing of

the proposed system since no system could be useful if it does not produce the
required output in the specified format. Asking the users about the format
required by them tests the outputs generated by the system under
consideration. Here the output format is considered in two ways, one is on the
screen and other is the printed format. The output format on the screen is
found to be correct as the format was designed in the system designed phase
according to the user needs.

For the hard copy also the output comes as the specified
requirements by the users. Hence output testing does not result any
corrections in the system.

 User Acceptance Testing

User acceptance of a system is the key factor of the success of any

system. The system under study is tested for the user acceptance by constantly
keeping in touch with the prospective system users at the time of developing
and making changes wherever required.
 ADVANTAGES OF PROJECT

 The system stores previous transaction patterns for each user.

 Based upon the user spending ability and even country, it calculates
user’s characteristics.
 More than 20 -30 % deviation of user’s transaction (spending history and
operating country) is considered as an invalid attempt and system takes
action.
System is:

1) Load Balancing:
Since the system will be available only the admin logs in the
amount of load on server will be limited to time period of admin access.

2) Easy Accessibility:
Records can be easily accessed and store and other information
respectively.

3) User Friendly:
The system will be giving a very user friendly approach for all user.

4) Efficient and reliable:

Maintaining the all secured and database on the server which will be
accessible according the user requirement without any maintenance
cost will be a very efficient as compared to storing all the customer data
on the spreadsheet or in physically in the record books.

5) Easy maintenance:
Credit Card Fraud Detection System is design as easy way. So
maintenance is also easy.
 CONCLUSION

Clearly, credit card fraud is an act of criminal dishonesty. This article has
reviewed recent findings in the credit card field. This paper has identified the
different types of fraud, such as bankruptcy fraud, counterfeit fraud, theft
fraud, application fraud and behavioral fraud, and discussed measures to
detect them. Such measures have included pair-wise matching, decision trees,
clustering techniques, neural networks, and genetic algorithms. From an
ethical perspective, it can be argued that banks and credit card companies
should attempt to detect all fraudulent cases. Yet, the unprofessional fraudster
is unlikely to operate on the scale of the professional fraudster and so the
costs to the bank of their detection may be uneconomic. The bank would then
be faced with an ethical dilemma. Should they try to detect such fraudulent
cases or should they act in shareholder interests and avoid uneconomic costs?
As the next step in this research program, the focus will be upon the
implementation of a ‘suspicious’ scorecard on a real data-set and its
evaluation. The main tasks will be to build scoring models to predict fraudulent
behavior, taking into account the fields of behavior that relate to the different
types of credit card fraud identified in this paper, and to evaluate the
associated ethical implications. The plan is to take one of the European
countries, probably Germany, and then to extend the research to other EU
countries.
 BIBLIOGRAPHY

► Websites

 en.wikipedia.org

 Microsoft Developer Network (MSDN): http://msdn2.microsoft.com/en-

us/default.aspx: This is a valuable online resource, and is a must for any
developer using Microsoft tools.
 http://www.asp.net/: This is the official Microsoft ASP.NET web site. It
has a lot of: tutorials, training videos, and sample projects.
 http://ieeexplore.ieee.org/xpl/articleDetails.jsp?
tp=&arnumber=5159014&queryText%3DCredit+Card+Fraud+Detection
 http://ieeexplore.ieee.org/xpl/articleDetails.jsp?
tp=&arnumber=323314&queryText%3DCredit+Card+Fraud+Detection
 http://ieeexplore.ieee.org/xpl/articleDetails.jsp?
tp=&arnumber=5762457&queryText%3DCredit+Card+Fraud+Detection