Credit Card Fraud Detection Using

baasopchoppyΑσφάλεια

5 Νοε 2013 (πριν από 3 χρόνια και 10 μήνες)

110 εμφανίσεις






Credit Card Fraud Detection Using

Hidden Markov Model







Abstract



Now a day the usage of credit cards has dramatically increased. As credit card becomes
the most popular mode of payment for both online as well as regular purchase,

cases of fraud
associated with it are also rising. In this paper, we model the sequence of operations in credit
card transaction processing using a Hidden Markov Model (HMM) and show how it can be used
for the detection of frauds. An HMM is initially trai
ned with the normal behavior of a
cardholder. If an incoming credit card transaction is not accepted by the trained HMM with
sufficiently high probability, it is considered to be fraudulent. At the same time, we try to ensure
that genuine transactions are
not rejected. We present detailed experimental results to show the
effectiveness of our approach and compare it with other techniques available in the literature.



TABLE OF CONTENTS



CHAPTER NO TITLE

PAGE NO





ABSTRACT

1. INTRODUCTION



2. SYSTEM STUDY







2.1


FEASABILITY STUDY


2.2

EXISTING SYSTEM






2.3

PROPOSED SYSTEM

3




SYSTEM SPECIFICATION




3.1 SOFTWARE REQUIREMENTS


3.2 HARDWARE REQUIREMENTS

4





LANGUAGE SPECIFICATI
ON



4.1 FEATURES OF ASP .NET








4.2 FEATURES OF
SQL SERVER
2000

5





SYSTEM DESIGN












5.1 INPUT DESIGN






5.2 OUTPUT DESIGN






5.3 DATABASE DESIGN







5.5 UML DIAGRAMS


6




SYSTEM TESTING AND MAINTENANCE

7




SYSTEM IMPLEMENTATION










7.1 SCOPE FOR FUTURE DEVELOPMENT

8





CONCLUSION







9





BIBLIOGRAPHY








APPENDIX



SCREEN SHOT



SAMPLE CODING





Scope of the project


To detect and block from fraud transactions using a credit card.



Introduction

Credit
-
card
-
based purchases can be categorized into two types: 1) phys
ical card and 2) virtual
card. In a physical
-
card based purchase, the cardholder presents his card physically to a merchant
for making a payment. To carry out fraudulent transactions in this kind of purchase, an attacker
has to steal the credit card. If th
e cardholder does not realize the loss of card, it can lead to a
substantial financial loss to the credit card company. In the second kind of purchase, only some
important information about a card (card number, expiration date, secure code) is required to
make the payment. Such purchases are normally done on the Internet or over the telephone. To
commit fraud in these types of purchases, a fraudster simply needs to know the card details. Most
of the time, the genuine cardholder is not aware that someone els
e has seen or stolen his card
information. The only way to detect this kind of fraud is to analyze the spending patterns on
every card and to figure out any inconsistency with respect to the “usual” spending patterns.
Fraud detection based on the analysis
of existing purchase data of cardholder is a promising way
to reduce the rate of successful credit card frauds. Since humans tend to exhibit specific
behaviorist profiles, every cardholder can be represented by a set of patterns containing
information abou
t the typical purchase category, the time since the last purchase, the amount of
money spent, etc. Deviation from such patterns is a potential threat to the system.










Modules


1.

New card

2.

Login

3.

Security information

4.

Transaction

5.

Verification


Module Description


New card

In this module, the customer gives there information to enroll a new card. The information is all
about there contact details. They can create there own login and password for there future use of
the card.

Login

In Login Form module presents site visitors
with a form with username and password fields. If
the user enters a valid username/password combination they will be granted access to additional
resources on website. Which additional resources they will have access to can be configured
separately.

Securi
ty information

In Security information module it will get the information detail and its store’s in database. If
the card lost then the Security information module form arise. It has a set of question where the
user has to answer the correctly to move to
the transaction section. It contain informational
privacy and informational self
-
determination are addressed squarely by the invention affording
persons and entities a trusted means to user, secure, search, process, and exchange personal
and/or confidentia
l information.

Transaction

The method and apparatus for pre
-
authorizing transactions includes providing a communications
device to a vendor and a credit card owner. The credit card owner initiates a credit card
transaction by communicating to a credit card

number, and storing therein, a distinguishing piece
of information that characterizes a specific transaction to be made by an authorized user of the
credit card at a later time. The information is accepted as "network data" in the data base only if
a corr
ect personal identification code (PIC) is used with the communication. The "network data"
will serve to later authorize that specific transaction. The credit card owner or other authorized
user can then only make that specific transaction with the credit c
ard. Because the transaction is
pre
-
authorized, the vendor does not need to see or transmit a PIC.

Verification

Verification information is provided with respect to a transaction between an initiating party and
a verification
-
seeking party, the verificati
on information being given by a third, verifying party,
based on confidential information in the possession of the initiating party. In verification the
process will seeks card number and if the card number is correct the relevant process will be
executed.

If the number is wrong, mail will be sent to the user saying the card no has been block
and he can’t do the further transaction.




Module I/O

New card

Given Input
-

Request from the user for the card
.

Expected Output
-
Assigning an account to requested user.


Login

Given Input
-

Give username and password of particular user.

Expected Output
-

Login to user’s account.


Security information

Given Input
-

Give the security information by answering security qu
estions.

Expected Output
-
Updation of account with the security details.


Transaction

Given Input
-

Give the account details and performs transaction.

Expected Output
-

Updation of database.


Verification

Given Input
-

Checks with user’s stored details like security answers or hidden details.

Expected Output
-
If the verification is success, user can perform transaction, else blocks the card.













Module diagram






















Start


New Card


Login


Transaction


Security Information

Verification


Stop


2.1 FEASIBLITY STUDY



The feasibility of the project is analyzed in this phase and business
proposal is put
forth with a very general plan for the project and some cost estimates. During system analysis the
feasibility study of the proposed system is to be carried out. This is to ensure that the proposed
system is not a burden to the company. Fo
r feasibility analysis, some understanding of the major
requirements for the system is essential.


Three key considerations involved in the feasibility analysis are





ECONOMICAL FEASIBILITY



TECHNICAL FEASIBILITY



SOCIAL FEASIBILITY


ECONOMICAL FEASIBILITY:




This study is carried out to check the economic impact that the system will have on the
organization. The amount of fund that the company can pour into the research and development
of the system is limited. The expenditures mu
st be justified. Thus the developed system as well
within the budget and this was achieved because most of the technologies used are freely
available. Only the customized products had to be purchased.

TECHNICAL FEASIBILITY:




This st
udy is carried out to check the technical feasibility, that is, the technical requirements
of the system. Any system developed must not have a high demand on the available technical
resources. This will lead to high demands on the available technical

esou
rces. This will lead to high demands being placed on the client. The developed system must
have a modest requirement, as only minimal or null changes are required for implementing this
system.


SOCIAL FEASIBILITY:




The aspect of study is to check the level of acceptance of the system by the user. This
includes the process of training the user to use the system efficiently. The user must not feel
threatened by the system, instead must accept it as a necessi
ty. The level of acceptance by the
users solely depends on the methods that are employed to educate the user about the system and
to make him familiar with it. His level of confidence must be raised so that he is also able to
make some constructive critici
sm, which is welcomed, as he is the final user of the system.


2.2 EXISTING SYSTEM:


In case of the existing system each and every system are considered as a trusted
computer. And so the attacker finds it easy to attack the system with fake signals. And al
so in the
emerging network where many are used for some good propos. And in those there a lot of chance
for the attacker to send unwanted information. In case of the fire alarm, if all the system are
considered as trusted they could send false alarm where
it lead to a heavy loss. And so we need a
system to protect it. Hence we develop a new system.


2.3 PROPOSED SYSTEM:



The proposed system we introduce a new technology to protect the network. This is
achieved by the following way. Realizing widespread ado
ption of such applications

Mandates sufficiently trustworthy computers that can be realized at low cost. Apart from
facilitating deployment of futuristic applications, the ability to realize trustworthy computers at
low cost can also addresses many of the
security issues that plague our existing network
infrastructure. Although, at first sight, “inexpensive” and “trustworthy”

May seem mutually exclusive, a possible strategy is to reduce the complexity of the components
inside the trusted boundary. The often

heard statement that “complexity is the enemy of security”
is far from dogmatic. For one, lower complexity implies better verifiability of compliance.
Furthermore, keeping the complexity inside the trust boundary at low levels can obviate the need
for pro
active measures for heat dissipation. Strategies constrained to simultaneously facilitate
shielding and heat dissipation tend to be expensive. On the other hand, unconstrained shielding
strategies can be reliable and inexpensive to facilitate.






3.

SYSTEM
CONFIGURATION


3.1 HARDWARE CONFIGU
RATION


The hardware used for the development of the project is:


PROCESSOR

:

PENTIUM III 766 MHz

RAM



:

128 MD SD RAM

MONITOR


:

15” COLOR

HARD DISK


:

20 GB

FLOPPY DRIVE

:

1.44 MB

CDDRIVE


:

LG 52X

KEYBOARD


:

STANDARD 102 KEYS

MOUSE


:

3 BUTTONS


3.2
SOFTWARE CONFIGURATI
ON


The software used for the development of the project is:


OPERATING SYSTEM


:

Windows 2000 Professional

ENVIRONMENT



:

Visual Studio .NET 2005

.NET FRAMEWORK


:

Version 2.0

LANGUAGE




:

VB.NET

WEB TECHNOLOGY


:

Active Server Pages.NET

WEB SERVER



:

Internet Information Server 5.0


BACK END




:

SQL SERVER 2000

REPORTS





: Web Form Data Grid control