Hidden Markov Model For Credit Card Fraud Detection

Home»Hidden Markov Model For Credit Card Fraud Detection

In day to day life credit card used for purchasing good and services by the help of virtual card for online transaction or physical card for offline transaction. According to an ACNielsen study conducted in 2005 one-tenth of the world’s population is shopping online in same study it is also mentioned that credit cards are most popular mode of online paymentGermany and Great Britain have the largest number of online shoppers, and credit card is the most popular mode of payment (59 percent). About 350 million transactions per year were reportedly carried out by Barclaycard, the largest credit card company in the United Kingdom, toward the end of the last century.

As usage of credit card increases worldwide, chances of attacker to steal credit card details and then, make fraud transaction are also increasing. Credit card can be used to purchases goods and services using online and offline transaction mode. Credit-card-based purchases can be categorized into two types:
1) physical card and
2) virtual card.
In a physical-card based purchase, the cardholder presents his card physically to a merchant for making a payment. To carry out fraudulent transactions in this kind of purchase, an attacker has to steal the credit card. If the cardholder does not realize the loss of card, it can lead to a substantial financial loss to the credit card company. In the second kind of purchase, only some important information about a card (card number, expiration date, secure code) is required to make the payment. Such purchases are normally done on the internet or over the telephone. To commit fraud in these types of purchases, a fraudster simply needs to know the card details. Most of the time, the genuine cardholder is not aware that someone else has seen or stolen his card information. The only way to detect this kind of fraud is to analyze the spending patterns on every card and to figure out any inconsistency with respect to the “usual” spending patterns. Fraud detection based on the analysis of existing purchase data of cardholder is a promising way to reduce the rate of successful credit card frauds. Since humans tend to exhibit specific behavioristic profiles, every cardholder can be represented by a set of patterns containing information about the typical purchase category, the time since the last purchase, the amount of money spent, etc. Deviation from such patterns is a potential threat to the system.


Credit card fraud detection has drawn a lot of research interest and a number of techniques, with special emphasis on neural networks, data mining and distributed data mining have been suggested. Ghosh and Reilly have proposed credit card fraud detection with a neural network. They have built a detection system, which is trained on a large sample of labeled credit card account transactions. These transactions contain example fraud cases due to lost cards, stolen cards, application fraud, counterfeit fraud, mail-order fraud, and no received issue (NRI) fraud. Recently, Syeda. have used parallel granular neural networks (PGNNs) for improving the speed of data mining and knowledge discovery process in credit card fraud detection. A complete system has been implemented for this purpose. Stolfo suggest a credit card fraud detection system (FDS) using meta learning techniques to learn models of fraudulent credit card transactions.


Markov Model: Let’s assume a simplified model of weather prediction: we’llcollect statistics on what the weather was like today based on what the weather was like yesterday, the day before, and so forth. We want to collect the following probabilities[13]:

P(w | wn-1,wn-2,………..,w1)

Using above expressions, we can give probabilities of   types of weather for tomorrow and the next day using n days of history. Here’s the problem: the larger n is, the more statistics we must collect. Suppose that n = 5, then we must collect statistics for 3^5=243 past histories. Therefore,we  make a simplifying assumption, called the Markov Assumption:

     In a sequence {w1,w2,…………....,wn}:

P(w | wn-1,wn-2,………….,w1) ≈ P(w | wn-1)

Hidden Markov Model: Suppose you were locked in a room for several days, and you were asked about the weather outside. The only piece of evidence you have is whether the person who comes into the room carrying your daily meal is carrying an umbrella or not.

Let’s suppose the following probabilities:



Remember, the equation for the weather Markov process before you were locked in the room was:

P(w1,w2,………,wn) = ∏ni=1P(wi | wi-1)

Now we have to factor in the fact that the actual weather is hidden from you. We do that by using Bayes’ Rule:

P(w1,w2,……..wn | u1,u2,……,un) = P(w1,w2,……..wn|u1,u2,……,un)P(w1,w2,…….wn)/P(u1,u2,…….un)     

whereui is true if your caretaker brought an umbrella on day i, and false if the caretaker

didn’t.  The probability P(w1,w2,…….wn) is the same as the Markov model from the last section, andthe probability P(u1,u2,…….un) is the prior probability of seeing a particular sequence of umbrellaevents (e.g {True, False, True}). The probability P(w1,w2,……..wn | u1,u2,……,un)P(w1,w2,…….wn)can be estimated asni=1P(wi | ui) if you assume that, for all i, given wi, ui is independent of all ujand wj for all j ≠ i.

All the information about credit card (Like Credit card number, credit card CVV number, credit card Expiry month and year, name on credit card etc.) will be checked with credit card database. If User entered database is correct then it will ask Personal Identity number (PIN). After matching of Personal 

Identity number (PIN) with database and account balance of user’s credit card is more than the purchase amount, the fraud checking module will be activated. The verification of all data will be checked before the first page load of credit card fraud detection system. If user credit card has less than 10 transactions then it will directly ask to provide personal information to do the transaction. Once database of 10 transactions will be developed, then fraud detection system will start to work. By using this observation, determine users spending profile. The purchase amount will be checked with spending profile of user. By transition probabilistic calculation based on HMM, it concludes whether the transaction is real or fraud. If transaction may be concluded as fraudulent transaction then user must enter security information. This information is related with credit card (like account number, security question and answer which are provided at the time of registration). If transaction will not be fraudulent then it will direct to give permission for transaction. If the detected transaction is fraudulent then the Security information form will arise. It has a set of question where the user has to answer them correctly to do the transaction.

Credit Card Fraud Detection Using HMM

HMM uses cardholder’s spending behavior to detect fraud. Different cardholders  has their different spending behavior (low, medium, high)[1].

In our Implementation, three behavior of cardholder are taken into consideration:

  • Low spending behavior
  • Medium spending behavior
  • High spending behavior

A)Generating Observation:  Symbols For each cardholder, we train and maintain an HMM. To find one of the three observation symbols corresponding to individual cardholder’s transactions, we run K-means clustering algorithm on past transactions. We use random numbers as spending amounts in transactions. With clustering algorithm we get three clusters and clusters represent observation symbols. We then calculate clustering probability of each cluster, which is percentage of number of transaction in each cluster to total number of transactions

Following equation calculates spending profile:

SP = MAX(Pi)

where Pi  percentage of number of transaction those belongs to cluster i, 1 ≤  i ≤ M.

B) An HMM Training :Training of an HMM is an offline process. We use Baum-Welch algorithm to train an HMM. Baum-Welch algorithmuses observation symbols generated at the end of k-means clustering. At the end of training phase we get an HMM corresponding to each cardholder. Baum-Welch algorithm is as follow:

Particular observation sequence is O1 ,O2, O3,…………..,OT.

Initialization: setλ = (A, B, ) with random initial conditions. The algorithm updates the parameters of λ iterativelyuntil convergence, following the procedure below:

The forward procedure: We define: αi (t) = P (O1 ,O2, O3,…………..,Ot,St= i | λ ) which is the probability of seeing thepartial sequence O1 ,O2, O3,…………..,Otand ending up in state i at time t.

We can efficiently calculate αi (t)recursively as:

αi(t) = πibi(O1)

αj(t+1) = bi(Ot+1)∑ni=1 αi (t).aij


The backward procedure: This is the probability of the ending partial sequence O1 ,O2, O3,…………..,OTgiven that we started at state i, at time t. We can efficiently calculate βi(t) as:

βi(T) = 1

βi(t) = ∑nj=1 βj (t+1)aij.bj(Ot+1)

Using α and β, we can calculate the following variables:

having γ and ξ , one can define update rules as follows:

Using the updated values of A, B and π, a new iteration is performed until convergence.

  1. C) Fraud Detection : Let initial sequence of observation symbols of length R up to time t is O1 ,O2, O3,……..,OR. In our implementation wehave taken 50 as length of sequence. We calculate the probability of acceptance of this sequence by HMM, let α1 be the probability of acceptance:

α1 = P (O1 ,O2, O3,…………..,OR| λ )

At time t+1 sequence is O2, O3,……..,OR+1, let α2 be the probability of acceptance of this sequence:

α2 = P (O1 ,O2, O3,…………..,OR+1| λ )

Let ∆α = α1- α2

If ∆α>0, it means new sequence is accepted by an HMM with low probability, and it could be a fraud. The newadded transaction is determined to be fraudulent if percentage change in probability is above threshold, that is Threshold ≤ ∆α / α1

The threshold value can be learned empirically and Baum-Welch algorithm calculates it automatically. If OR+1 ismalicious, the issuing bank does not approve the transaction, and the FDS discards the symbol. Otherwise, OR+1 is added in the sequence permanently, and the new sequence is used as the base sequence for determining the validity of the next transaction. The reason for including new non-malicious symbols in the sequence is to capture the changing spending behavior of a cardholder.


  1. This detection technique is found much faster than the existing system.
  2. The transactions of the account holder never stopped, as it allows the user to use the virtual card until he gets the new one.
  3. The user can easily block the card by himself when he finds that the card is being stolen.
  4. In this system we have used the ONE TIME PASSWORD for the security to get the virtual ID and Password securely[14].

This reduces the tedious work of an employee in the bank


  1. Provide easiness and well security to Online Payments.
  2. Detect Frauds and trace the Location from where the transaction has been made


In our paper we used Hidden Markov Model in detection of credit card frauds. We are detecting the fraud by firstly observing the behavior of the customer in which a High security questions page will be arise. also if the card is stolen we have provided the user with the another profile ID and password and provided the ONE TIME PASSWORD for security purpose along with it we have provided the facility to the user for blocking the card immediately as soon as the card is stolen.


We would like to express our deep regards and profound gratitude to our guide Mr. S.N.Chaturvedi, Head of Dept. (CS/IT)  for his exemplary guidance, monitoring and constant encouragement during the course of the project. We would also like to thank our department for giving us the resources and the freedom to pursue this project.

Posted by: Piyush Pandey. in General | Date: 13/02/2016

Share this article

Other articles

Back to article listing

Find a Great Teacher

Tell us your learning needs in detail and get immediate response from qualified tutors

Terms & conditions agreed
Ask a Question