Docstoc

Detecting online credit card frauds

Document Sample
Detecting online credit card frauds Powered By Docstoc
					National Conference on Role of Cloud Computing Environment in Green Communication 2012                        589



                     Detecting online credit card frauds
                                           A.ILANTHENTAL
                                               I ME CSE
                             SUN COLLEGE OF ENGINEERING AND TECHNOLOGY
                                            ERACHAKULAM

      ABSTRACT
      Growth of e-commerce has been deterred by online frauds. Credit card fraud is the most reported
      crime. In this article we propose the development of a fraud detection system for credit card
      (FDSCC) that is based on artificial immune system (AIS). AIS in turn inspired by the concepts
      of biological immune system (BIS). In this article we demonstrate the analogy between FDSCC
      transactions based on AIS and BIS. FDSCC will help promote e-commerce as it will effectively
      minimize losses due to card not present (CNP) and other online credit card frauds. We propose
      that FDSCC can be made more robust by incorporating BIS features such as affinity maturation
      and somatic hyper mutation in the future.

      1.0 Introduction
      E-commerce transactions are currently plagued with online fraud, globally. In 2008, 4.8 million
      credit cards were compromised in USA (website Attrition.org). Revenue losses to the tune of $
      3.3 billion were reported 2009 from US alone due to online fraud .Card-Not-Present (CNP) fraud
      is the most reported type of online credit card fraud. CNP fraud in 2007 in Australia and UK
      lead to a loss of $39M (i.e., $3.00 p.a. per card) and £290M respectively (APAC 2003, 2004,
      2006 and 2009). Online frauds act as a serious deterrent to growth of e-commerce globally.
      In this article we demonstrate schematically in Figure 2, the analogy between fraud detection
      systems for credit card (FDSCC) transactions based on the principles of Artificial Immune
      Systems (AIS) with that of biological immune system (BIS).
      BIS are a multilayered defense system comprising of cells and molecules which interact in
      various ways to detect and eliminate infectious agents (pathogens) from our body. BIS
      differentiates between self, (S), and (ii) nonself (NS) peptides and then assigns the right effectors
      to eliminate each pathogen (Hofmeyr et al., 1999). Similarly, FDSCC is an anomaly detection
      system which sets apart fraudulent credit card transactions from genuine ones. The input for the
      FDSCC is financial transactions (i.e., source, destination and amount) in the form of a Growth of
      e-commerce has been deterred by online frauds. Credit card fraud is the most reported crime.
      In this article we propose the development of a fraud detection system for credit card (FDSCC)
      that is based on artificial immune system (AIS). AIS in turn inspired by the concepts of
      biological immune system (BIS). In this article we demonstrate the analogy between FDSCC
      transactions based on AIS and BIS.
       FDSCC will help promote e-commerce as it will effectively minimize losses due to card not
      present (CNP) and other online credit card frauds. We propose that FDSCC can be made more
      robust by incorporating BIS features such as affinity maturation and somatic hyper mutation in
      the future. Binary string (Hofmeyr and Forrest et al., 1999, Wong et al., 2011).
      BIS in turn can be equated to a parallel adaptive information-system (IS) which works on the
      principle of simple and, localized rules. BIS interacts with pathogens in a localized fashion.
      Surfaces of BIS cells are covered with receptors, which chemically bind to (i) pathogens, and (ii)
      other immune system cells or molecules. Also BIS cells circulate around the body via the blood
      and lymph systems, forming a dynamic system of distributed detection and response. BIS has no


 Department of CSE, Sun College of Engineering and Technology
National Conference on Role of Cloud Computing Environment in Green Communication 2012                          590


      centralized control, and hierarchical organization. Similarly, FDSCC detectors can be mobile
      agents that migrate across networks linking banks, financial institutions, etc.
      2.0 Mapping FDSCC and BIS components
      FDSCC like human BIS will comprise of two steps (i) detection and (ii) response. In step 1,
      detectors will be trained to discriminate between true and fraudulent transactions. In step 2,
      based on the training the FDSCC will classify a given transaction. It will also memorize the rule
      for subsequent detection.
      2.1 Detectors
      The mobile detectors of FDSCC are analogous to the receptors on lymphocytes (B-cell receptor
      i.e. antibody or T-cell receptor). The receptors on lymphocytes bind to antigenic determinants
      (epitopes) on pathogens. Non-self detection results in the activation of the lymphocytes which
      trigger a series of reactions that can lead to elimination of the pathogens.
      A lymphocyte will only be activated when the number of its receptors binding to epitopes
      exceeds a threshold. Similarly, FDSCC detector matches the binary string inputs by using r-
      contiguous bit algorithm and confirms whether it is genuine or fraud transaction. The specificity
      of the detector is governed by the length of r-contiguous bits. If the input string is of length l, and
      if r=l, then the detector is very specific but if r=0, the detector is general because detector will
      match every string of length l. The detectors will only get activated if there is a fraud transaction.
       Activation threshold (τ) is modeled such that a detector must match at least τ strings within a
      given time period to be activated (Hofmeyr and Forrest et al., 1999).In BIS; lymphocytes during
      development are trained to react only against non-self peptides and tolerate self peptides. This
      process is known as tolerization. If the lymphocytes react very strongly to self proteins during
      development, they are killed by negative selection.
       FDSCC use the negative selection algorithm, whereby, each detector is represented by a
      randomly generated bit string (analogous to a receptor) and remains immature during the
      tolerization period. The detector is exposed to self and nonself strings- if it matches self string
      (genuine transaction) it is eliminated and if the detector matches a non-self (fraud transaction) it
      is converted into a mature detector (Hofmeyr and Forrest et al., 1999).When a credit card
      transaction occurs, FDSCC detector (receptor in BIS) matches the bit string (peptide), and it
      waits for a subsequent signal from the operator (i.e., co stimulation signal). If it is a fraudulent
      transaction the operator responds with a signal to FDSCC. This is analogous to co stimulation in
      BIS. The second signal is needed BIS for lymphocyte activation in addition to binding to epitope
      (signal one). Both the signals are essential for the proper activation of the cell.
      2.2 Response
      BIS has a variety of response mechanism to eliminate different pathogens that attack the human
      body. One very important response (effector function) is mediated by soluble receptors called
      antibodies secreted by plasma cell (matured B lymphocytes). Antibody molecule has 2 parts-
      variable region and constant region. Variable region binds to the pathogen and the constant
      region is responsible for the effectors response. This is analogous to the FDSCC detector.
      Selection of effectors in FDSCC is determined by mathematical models (Segel et al., 1997).BIS
      always keeps a memory response that enables it to recognize those structures it has encountered.
      First encounter with the pathogen by BIS mounts a primary response and subsequent encounter
      to the same type of pathogens mount a secondary response.
      Memory cells remain in the body even after the infection is eliminated which have a high affinity
      for the pathogen (affinity maturation). FDSCC use a similar form of memory-based detection. A
      memory detector is created when there is an anomaly in transaction and it exceeds the activation


 Department of CSE, Sun College of Engineering and Technology
National Conference on Role of Cloud Computing Environment in Green Communication 2012                    591


      threshold with a costimulatorysignal coming from the human operator. Those detectors that have
      the closest match (under r-contiguous bits) will be selected to become memory
      detectors(Hofmeyr and Forrest et al., 1999).Subsequent transactions with similar fraud bit string
      input will more efficiently be dealt with by the memory detectors.

      3.0 Conclusion

      FDSCC is BIS based anomaly detection and response system, which augments its performance
      through self learning. FDSCC will be an effective mechanism to detect and eliminate online
      credit card fraud transactions. This will help promote e-commerce as it will effectively minimize
      losses due to CNP and other online credit card frauds.

      FDSCC can be made more robust by incorporating BIS features such as affinity maturation and
      somatic hyper mutation.

      4.0 References

      [1] APACS. (2003) Stop and Spot: Card-Not-Present Fraud, APACS,
      [http://www.cardwatch.org.uk/publications.asp?sectionid=&pid=97&gid=]

      [2] APACS, (2004) Stop and Spot: Card-Not-Present Fraud: A Guide to Protecting Your
      Business against Card Not Present fraud, APACS.
      [http://www.cardwatch.org.uk/publications.asp?sectionid=&pid=99&gid=]

      [3] APACS. (2006a) Fraud: The Facts 2006, APACS, April.
      [http://www.apacs.org.uk/resources_publications/documents/FraudtheFacts2006.pdf]

      [4] APACS. (2006b) Plastic Card News: Recent Developments in the Plastic Card Industry–
      May 2006, [http://www.apacs.org.uk/resources_publications/documents/
      PlasticCardNews13May2006.pdf]

      [5] APACS (2009) Card Payment
      Statistics[http://www.ukpayments.org.uk/documents/2009Q1StatisticalReleaseFinal-
      15.05.09.pdf]

      [6] Hofmeyr A S., Forrest S. (1999) Architecture for an Artificial Immune System, Evolutionary
      computation, v. 7(1), pp. 45-68.

      [7] Segel. A.L. (1997). the immune system as a prototype of autonomous decentralized systems.
      In Proceedings of the IEEE Conference on Systems, Man and Cybernetics.

      [8] Wong N, Ray P, Stephens G, Lewis L(2011)Artificial immune systems for the detection of
      credit card fraud: an architecture, prototype and preliminary results, Information Systems




 Department of CSE, Sun College of Engineering and Technology

				
DOCUMENT INFO
Shared By:
Categories:
Tags:
Stats:
views:9
posted:7/26/2012
language:English
pages:3