HARNOOR KAUR NRO0517381

ICITSS – INFORMATION TECHNOLOGY

PROJECT TOPIC:-
CREDIT CARD FRAUD DETECTION

THE INSTITUTE OF CHARTERED ACCOUNTANTS OF INDIA (ICAI)

NORTHERN INDIA REGIONAL COUNCIL (NIRC), BRANCH

JALANDHAR

(BATCH NO.: ICITSSITT__JALANDHAR_11)

SUBMITTED TO: SUBMITTED BY:

NIRC, BRANCH JALANDHAR HARNOOR KAUR

REG. NO.: NRO0517381

1
HARNOOR KAUR NRO0517381

ACKNOWLEDGEMENT
I am pleased to present "Credit Card Fraud Detection"
project and take this opportunity to express my profound
gratitude to all those people who helped me in completion of this
project.

I am thankful to all the faculties for their aspiring

guidance, invaluably constructive criticism and friendly advice
during project work. I am sincerely grateful to them for sharing
their truthful and illuminating views on number of issues related to
project. I would record my gratitude to family, friends and
colleagues for being with me during all my success and failures in
the course of this project.

I express my warm thanks to THE INSTITUTE OF

CHARTERED ACCOUNTANTS OF INDIA (ICAI) for conducting this
course and making it extremely convenient for the students to
obtain knowledge from a very renowned Institute. I would like to
thank the Northern India Regional Council of ICAI having this
platform created for the students helping them gain new heights in
the field of professionalism.

2
HARNOOR KAUR NRO0517381

TABLE OF CONTENTS
ACKNOWLEDGEMENT …………………………………………………………………02

INTRODUCTION……………………………………………………………………………04

TYPES OF CREDIT FRAUDS…………………………………………………………05-06

MODULES AND THEIR DESCRIPTION………………………………………………07

PROPOSED SYSTEM……………………………………………………………………08-09

PROJECT DESIGN:

a) E-R DIAGRAM…………………………………………………………………10
b) USE CASE DIAGRAM………………………………………………………10
c) SEQUENCEDIAGRAM……………………………………………………..11
d) ACTIVITY DIAGRAM………………………………………………………12
e) CLASS DIAGRAM……………………………………………………………13

DATA FLOW DIAGRAM………………………………………………………………14-16

FEASIBILITY REPORT………………………………………………………………………17

a) TECHNICAL FEASIBILITY…………………………………………………18
b) ECONOMIC FEASIBILITY…………………………………………………19
c) OPERATIONAL FEASIBILITY……………………………………………20

TESTING…………………………………………………………………………………….....21

LEVELS OF TESTING…………………………………………………………………………22

THE STEPS INVOLVED IN TESTING………………………………………………23-24

ADVANTAGES OF PROJECT………………………………………………………………25

TOP CREDIT CARD SCAMS………………………………………………………………26

CONCLUSION………………………………………………………………………………..27

BIBLOGRAPHY……………………………………………………………………………….28

3
HARNOOR KAUR NRO0517381

INTRODUCTION
Credit card fraud detection refers to the set of policies, tools,
methodologies, and practices that credit card companies and
financial institutions use to prevent fraudulent purchases, both
online and in-store. It involves using various techniques and
technologies to identify potentially fraudulent transactions in real-
time or post-transaction analysis. The goal is to minimize financial
losses for both cardholders and card issuers by quickly identifying
and stopping unauthorized or suspicious transactions.

For some time, there has been a strong interest in the ethics of
banking (Molyneaux, 2007; George, 1992), as well as the moral
complexity of fraudulent behavior (Clarke, 1994). Fraud means
obtaining services/goods and/or money by unethical means, and is a
growing problem all over the world nowadays. Fraud deals with
cases involving criminal purposes that, mostly, are difficult to
identify.
Credit cards are one of the most famous targets of fraud
but not the only one; fraud can occur with any type of credit
products, such as personal loans, home loans, and retail.
Furthermore, the face of fraud has changed dramatically during the
last few decades as technologies have changed and developed. A
critical task to help businesses, and financial institutions including
banks is to take steps to prevent fraud and to deal with it efficiently
and effectively, when it does happen (Anderson, 2007).

Anderson (2007) has identified and explained the different

types of fraud, which are as many and varied as the financial
institution's products and technologies, as shown in below figure.

4
HARNOOR KAUR NRO0517381

The main aims are, firstly, to identify the different types of

credit card fraud, and, secondly, to review alternative techniques
that have been used in fraud detection. The focus here is in Europe,
and so ethical issues arising from other cultures are not taken into
account; but for a discussion of these the reader is referred to
Chepaitis (1997) and Gichure (2000).

Indeed, transaction products, including credit cards, are

the most vulnerable to fraud. On the other hand, other products
such as personal loans and retail are also at risk, and have serious
ethical issues.

5
HARNOOR KAUR NRO0517381

TYPES OF CREDIT CARD FRAUD

Card-not-present (CNP) fraud:

Scammers steal a cardholder's credit card and personal

information - and then use it to make purchases online or by
phone. CNP fraud is difficult to prevent because there is no
physical card to examine and the merchant can't verify the buyer's
identity.

A. Credit card application fraud:

Criminals use stolen personal information (name, address,
birthday, and social security number) to apply for credit cards. This
type of fraud can go undetected until the victim applies for credit
themselves or checks their credit report. While the victim will
typically not be responsible for any purchases made with
fraudulent credit card accounts due to protection offered by the
cards, this type of fraud can damage the victim's credit score.
6
HARNOOR KAUR NRO0517381

B. Account takeover:
After stealing personal information, scammers contact credit card

companies pretending to be the cardholder. They then change

passwords and PIN numbers so they can take over the account.
This type of credit card fraud will likely be detected when the
cardholder tries to use their card or log in to their account online.

C. Lost or stolen cards:

One of the most basic credit card fraud schemes is to simply steal
someone's credit card or use a card someone has lost. Thieves also
intercept credit cards sent to cardholders in the mail.

7
HARNOOR KAUR NRO0517381

MODULES AND THEIR DESCRIPTION

This system is having 6 Modules:

Description:
1. Registration:
- Here, user first need to registration themselves with details to
access the system.

2. Login:
- After a successful registration, user then need to login into the
system by inputting their credentials into the system.

3. Payment:
- User can select payment mode to perform transactions by
providing the card details like card no., CVV code, Expiry Date and
Holders name.

4. Verification:
- If the user performs a huge transaction then for security purpose,
the system will automatically redirect to the verification page to
verify the user and to prevent from misuse of card incase lost.

5. Feedback:
- Here, the user may provide feedback to the admin regarding the
working of the system.

6. Logout:
- After a successful transaction, user may logout from the system.

8
HARNOOR KAUR NRO0517381

PROPOSED SYSTEM
• In proposed system, I present a behavior and Location
Analysis (BLA).
• Which does not require fraud signatures and yet is able to
detect frauds by considering a card holder's spending habit.
• Card transaction processing sequence by the stochastic
process of a BLA.
• The details of items purchased in Individual transactions are
usually not known to any Fraud Detection System (FDS) running at
the bank that issues credit cards to the cardholders.
• Hence, I feel that BLA is an ideal choice for addressing this
problem.
• Another important advantage of the BLA - based approach is
a drastic reduction in the number of False Positives transactions
identified as malicious by an FDS although they are actually
genuine.
• An FDS runs at a credit card issuing bank. Each incoming
transaction is submitted to the FDS for verification.
• FDS receives the card details and the value of purchase to
verify, whether the transaction is genuine or not.
• The types of goods that are bought in that transaction are
not known to the FDS.

• It tries to find any anomaly in the transaction based on the

spending profile of the cardholder, shipping address, and

• It tries to find any anomaly in the transaction based on the

spending profile of the cardholder, shipping address, and billing
address, etc.
• If the FDS confirms the transaction to be of fraud, it raises an
alarm, and the issuing bank declines the transaction.
9
HARNOOR KAUR NRO0517381

The credit card fraud detection features uses user

behavior and location scanning to check for unusual patterns.
These patterns include user characteristics such as user spending
patterns as well as usual user geographic locations to verify his
identity. If any unusual pattern is detected, the system requires re-
verification.

The system analyses user credit card data for various

characteristics. These characteristics include user country, usual
spending procedures. Based upon previous data of that user the
system recognizes unusual patterns in the payment procedure. So
now the system may require the user to login again or even block
the user for more than 3 invalid attempts.

10
HARNOOR KAUR NRO0517381

PROJECT DESIGN

USE CASE DIAGRAM

11
HARNOOR KAUR NRO0517381

SEQUENCE DIAGRAM

12
HARNOOR KAUR NRO0517381

ACTIVITY DIAGRAM

13
HARNOOR KAUR NRO0517381

CLASS DIAGRAM

14
HARNOOR KAUR NRO0517381

DATA FLOW DIAGRAM

A data flow diagram is graphical tool used to describe
and analyze movement of data through a system. These are the
central tool and the basis from which the other components are
developed. The transformation of data from input to output,
through processed, may be described logically and independently
of physical components associated with the system. These are
known as the Logical data flow diagrams. The physical data flow
diagrams show the actual implements and movement of data
between people, departments and workstations. A full description
of a system actually consists of a set of data flow diagrams. Using
two familiar notations Yourdon, Gane and Sarson notation
develops the data flow diagrams. Each component in a DFD is
labeled with a descriptive name. Process is further identified with
a number that will be used for identification purpose. The
development of DFD's is done in several levels. Each process in
lower level diagrams can be broken down into a more detailed
DFD in the next level. The lop-level diagram is often called context
diagram. It consists a single process bit, which plays vital role in
studying the current system. The process in the context level
diagram is exploded into other process at the first level DFD.

The idea behind the explosion of a process into more

process is that understanding at one level of detail is exploded into
greater detail at the next level. This is done until further explosion
is necessary and an adequate amount of detail is described for
analyst to understand the process.

Larry Constantine first developed the DFD as a way of

expressing system requirements in a graphical from, this lead to
the modular design.

15
HARNOOR KAUR NRO0517381

A DFD is also known as a "Bubble Chart" has the

purpose of clarifying system requirements and identifying major
transformations that will become programs in system design. So it
is the starting point of the design to the lowest level of detail. A
DFD consists of a series of bubbles joined by data flows in the
system.

DFD SYMBOLS:

In the DFD, there are four symbols:

1. A square defines a source (originator) or destination of system

data

2. An arrow identifies data flow. It is the pipeline through which

the information flows

3. A circle or a bubble represents a process that transforms

incoming data flow into outgoing data flows.

4. An open rectangle is a data store, data at rest or a temporary

repository of data.

16
HARNOOR KAUR NRO0517381

CONSTRUCTING A DFD:
Several of Rules Thumb are used in drawing DFD's:
1. Process should be named and numbered for an easy reference.
Each name should be representative of the process.
2. The direction of flow is from top to bottom and from left to
right. Data traditionally flow from source to the destination
although they may flow back to the source. One way to indicate
this is to draw long flow line back to a source. An alternative way is
to repeat the source symbol as a destination. Since it is used more
than once in the DFD it is marked with a short diagonal.

3. When a process is exploded into lower level details, they are

numbered.

4. The names of data stores and destinations are written in capital

letters. Process and dataflow names have the first letter of each
work capitalized.

A DFD typically shows the minimum contents of data store. Each

data store should contain all the data elements that flow in and
out.

Questionnaires should contain all the data elements that flow in

and out. Missing interfaces redundancies and like is then
accounted for often through interviews.

SAILENT FEATURES OF DFD's:

1. The DFD shows flow of data, not of control loops and decision
are controlled considerations do not appear on a DFD.
2. The DFD does not indicate the time factor involved in any
process whether the data flows take place daily, weekly, monthly
or yearly.
3. The sequence of events is not brought out on the DFD.
17
HARNOOR KAUR NRO0517381

FEASIBILITY REPORT
Feasibility Study is a high level capsule version of the entire
process intended to answer a number of questions like: What is
the problem? Is there any feasible solution to the given problem?
Is the problem even worth solving? Feasibility study is conducted
once the problem clearly understood. Feasibility study is necessary
to determine that the proposed system is Feasible by considering
the technical, Operational, and Economical factors. By having a
detailed feasibility study the management will have a clear-cut
view of the proposed system.

The following feasibilities are considered for the project in

order to ensure that the project is variable and it does not have
any major obstructions. Feasibility study encompasses the
following things:

• Technical Feasibility

• Economic Feasibility

• Operational Feasibility

In this phase, we study the feasibility of all proposed systems, and

pick the best feasible solution for the problem. The feasibility is
studied based on three main factors as follows.

18
HARNOOR KAUR NRO0517381

TECHNICAL FEASIBILITY
In this step, we verify whether the proposed systems are
technically feasible or not. i.e., all the technologies required to
develop the system are available readily or not.

Technical Feasibility determines whether the organization

has the technology and skills necessary to carry out the project and
how this should be obtained. The system can be feasible because
of the following grounds:

• All necessary technology exists to develop the system.

• This system is too flexible and it can be expanded further.

• This system can give guarantees of accuracy, ease of use,

reliability and the data security.

• This system can give instant response to inquire.

Our project is technically feasible because, all the technology

needed for our project is readily available.

Operating System : Windows XP, 7(ultimate & enterprise)

Languages : Asp.Net with C# (.Net 2010)

Database System : MS-SQL Server 2008

Documentation Tool : MS-Word 2013

19
HARNOOR KAUR NRO0517381

ECONOMIC FEASIBILITY
Economically, this project is completely feasible because it
requires no extra financial investment and with respect to time, it's
completely possible to complete this project in 6 months.

In this step, we verify which proposal is more economical.

We compare the financial benefits of the new system with the
investment. The new system is economically feasible only when
the financial benefits are more than the investments and
expenditure. Economic Feasibility determines whether the project
goal can be within the resource limits allocated to it or not. It must
determine whether it is worthwhile to process with the entire
project or whether the benefits obtained from the new system are
not worth the costs. Financial benefits must be equal or exceed
the costs. In this issue, we should consider:

• The cost to conduct a full system investigation.

• The cost of h/w and s/w for the class of application being
considered.

• The development tool.

• The cost of maintenance etc.

Our project is economically feasible because the cost of

development is very minimal when compared to financial benefits
of the application.

20
HARNOOR KAUR NRO0517381

OPERATIONAL FEASIBILITY
In this step, we verify different operational factors of the proposed
systems like man-power, time etc., whichever solution uses less
operational resources, is the best operationally feasible solution.
The solution should also be operationally possible to implement.
Operational Feasibility determines if the proposed system satisfied
user objectives could be fitted into the current system operation.

• The methods of processing and presentation are completely

accepted by the clients since they can meet all user requirements.

• The clients have been involved in the planning and

development of the system.

• The proposed system will not cause any problem under any
circumstances.

Our project is operationally feasible because the time

requirements and personnel requirements are satisfied. We are a
team of four members and we worked on this project for three
working months.

21
HARNOOR KAUR NRO0517381

TESTING
As the project is on bit large scale, we always need testing to
make it successful. If each components work properly in all respect
and gives desired output for all kind of inputs then project is said
to be successful. So the conclusion is-to make the project
successful, it needs to be tested.
The testing done here was System Testing checking whether
the user requirements were satisfied. The code for the new system
has been written completely using ASP.NET with C# as the coding
language, C# as the interface for front-end designing. The new
system has been tested well with the help of the users and all the
applications have been verified from every nook and corner of the
user.
Although some applications were found to be erroneous
these applications have been corrected before being
implemented. The flow of the forms has been found to be very
much in accordance with the actual flow of data.

22
HARNOOR KAUR NRO0517381

LEVELS OF TESTING
In order to uncover the errors present in different phases we
have the concept of levels of testing. The basic levels of testing
are:

A series of testing is done for the proposed system before

the system is ready for the user acceptance testing.

23
HARNOOR KAUR NRO0517381

THE STEPS INVOLVED IN TESTING ARE

Unit Testing:

Unit testing focuses verification efforts on the smallest unit

of the software design, the module. This is also known as "Module
Testing". The modules are tested separately. This testing carried
out during programming stage itself. In this testing each module is
found to be working satisfactorily as regards to the expected
output from the module.

Integration Testing:

Data can be grossed across an interface; one module can

have adverse efforts on another. Integration testing is systematic
testing for construction the program structure while at the same
time conducting tests to uncover errors associated with in the
interface. The objective is to take unit tested modules and build a
program structure. All the modules are combined and tested as a
whole. Here correction is difficult because the isolation of cause is
complicate by the vast expense of the entire program. Thus in the
integration testing stop, all the errors uncovered are corrected for
the text testing steps.

System testing:

System testing is the stage of implementation that is aimed

at ensuring that the system works accurately and efficiently for live
operation commences. Testing is vital to the success of the system.
System testing makes a logical assumption that if all the parts of
the system are correct, then goal will be successfully achieved.

Validation Testing:

24
HARNOOR KAUR NRO0517381

At the conclusion of integration testing software is

completely assembled as a package, interfacing errors have been
uncovered and corrected and a final series of software tests
begins, validation test begins. Validation test can be defined in
many ways. But the simple definition is that validation succeeds
when the software function in a manner that can reasonably
expected by the customer. After validation test has been
conducted one of two possible conditions exists.

One is the function or performance characteristics confirm

to specifications and are accepted and the other is deviation from
specification is uncovered and a deficiency list is created. Proposed
system under consideration has been tested by using validation
testing and found to be working satisfactorily.

25
HARNOOR KAUR NRO0517381

ADVANTAGES OF PROJECT
• The system stores previous transaction patterns for each
user.

• Based upon the user spending ability and even country, it

calculates user's characteristics.

• More than 20-30% deviation of user's transaction (spending

history and operating country) is considered as an invalid
attempt and system takes action.

26
HARNOOR KAUR NRO0517381

TOP CREDIT CARD SCAMS

• Credit card fraud cases jumped to 12,069, involving INR 630
crore, during April- September 2023-24, compared to 2,321 cases
involving INR 87 crore in the same period the previous year.

• Overall, banks reported 14,483 scam cases involving INR

2,642 crore during April- September 2023-24, up from 5,396 cases
involving INR 17,685 crore in the same period a year earlier.

• Reserve Bank of India's data also revealed that banks and

NBFCs added 1.65 crore credit card users during FY24, bringing the
total number of card users to 10.18 crore.

• The value of credit card transactions reached a record INR

164,223 crore in March 2024, up from INR 149,206 crore in
February, with point-of-sale transactions accounting for INR
60,378 crore in March 2024.

27
HARNOOR KAUR NRO0517381

CONCLUSION
Clearly, credit card fraud is an act of criminal dishonesty.
This article has reviewed recent findings in the credit card field.
This paper has identified the different types of fraud, such as
bankruptcy fraud, counterfeit fraud, theft fraud, application fraud
and behavioral fraud, and discussed measures to detect them.
Such measures have included pair-wise matching, decision trees,
clustering techniques, neural networks, and genetic algorithms.
From an ethical perspective, it can be argued that banks and credit
card companies should attempt to detect all fraudulent cases. Yet,
the unprofessional fraudster is unlikely to operate on the scale of
the professional fraudster and so the costs to the bank of their
detection may be uneconomic. The bank would then be faced with
an ethical dilemma. They should they try to detect such fraudulent
cases or should they act in shareholder interests and avoid
uneconomic costs? As the next step in this research program, the
focus will be upon the implementation of a 'suspicious' scorecard
on a real data-set and its evaluation. The main tasks will be to build
scoring models to predict fraudulent behavior, taking into account
the fields of behavior that relate to the different types of credit
card fraud identified in this paper, and to evaluate the associated
ethical implications. The plan is to take one of the European
countries, probably Germany, and then to extend the research to
other EU countries.

28
HARNOOR KAUR NRO0517381

BIBLIOGRAPHY

Websites:

Wikipedia……………….https://en.wikipedia.org.
Synovus………………….https://www.synovus.com/resource-
center/fraud-prevention-and-security-hub/types-of-credit-card-
fraud.
ChatGPT…………………https://chatgpt.com/credit-card-fraud-
detection/design.
ScienceDirect…………https://www.sciencedirect.com/science/articl
e/pii/S1319157822004062#:~:text=Credit%20card%20fraud%20d.

29