Tools: Power BI, DAX, Power Query
Dataset Scale: 6.4 Million Transactions
Domain: FinTech / Banking Security
This project involves the development of an advanced fraud detection system for a mobile payment provider, analyzing 6.4 million transactions to identify patterns in financial crime.
The dashboard successfully isolated $12 Billion in fraudulent transactions and revealed critical security vulnerabilities, including a "Night Owl" attack pattern (2 AM - 6 AM) and a specific loophole allowing massive transfers from empty accounts.
The financial institution was facing significant unverified losses and lacked visibility into where and when fraud was occurring. The goal of this analysis was to solve four key problems:
- The "Leakage" Problem: Identify which of the 5 transaction channels (Transfer, Payment, etc.) are vulnerable to fraud.
- The "Account Drain" Pattern: Distinguish between legitimate customers emptying their accounts vs. criminals draining funds.
- Operational Blindspots: Determine if fraud follows a time-based pattern (e.g., weekends, nights) to optimize monitoring shifts.
- System Integrity: Detect "Bypass" exploits where transactions occur despite zero account balance.
Dataset Link: Synthetic Financial Datasets For Fraud Detection (Kaggle)
The dataset consists of 6,362,620 rows of synthetic mobile money transaction logs.
| Column Name | Description |
|---|---|
| step | Maps a unit of time in the real world (1 step = 1 hour). Total steps = 744 (30 Days). |
| type | Type of transaction: CASH-IN, CASH-OUT, DEBIT, PAYMENT, TRANSFER. |
| amount | The amount of the transaction in local currency. |
| nameOrig | Customer ID who started the transaction. |
| oldbalanceOrg | Initial balance before the transaction. |
| newbalanceOrig | New balance after the transaction. |
| nameDest | Customer ID who is the recipient of the transaction. |
| oldbalanceDest | Initial balance of recipient before the transaction. |
| newbalanceDest | New balance of recipient after the transaction. |
| isFraud | Target Variable: 1 if the transaction is fraudulent, 0 if legitimate. |
Despite high volumes in PAYMENT and CASH_IN, fraud is exclusively concentrated in two transaction types:
- TRANSFER: $6.06 Billion Loss (0.77% Fraud Rate)
- CASH_OUT: $5.98 Billion Loss (0.18% Fraud Rate)
- Insight:
PAYMENT,DEBIT, andCASH_INare secure channels with Zero ($0) financial loss.
Fraudsters deliberately attack when bank monitoring is lowest.
- Observation: Fraud rates spike by 400% between 2:00 AM and 6:00 AM.
- Action: Security teams must implement automated "Step-Up Authentication" (OTP/Biometrics) during these off-hours.
- Observation: Fraud remains consistent for the first 29 days of the month but shows a vertical spike on Day 30.
- Implication: This indicates a coordinated "Exit Scam" or monthly quota-driven attack vector.
- Finding: The analysis uncovered transactions as large as $92 Million where the
oldbalanceOrgwas $0.00. - Conclusion: Criminals are bypassing the balance check validation logic, allowing them to transfer money that does not exist.
The project utilized advanced Data Analysis Expressions (DAX) to go beyond simple counts.
1. Account Drain Logic:
- Detects when a user empties their entire wallet (a high-risk behavior).
2. Fraud Rate Calculation:
- Quantifies risk percentage per channel.
1.Immediate Block: Implement a hard-block on any TRANSFER exceeding $200,000 between 02:00 AM - 06:00 AM.
2.Algorithm Update: Remove PAYMENT transactions from the high-priority fraud queue to reduce false positives by 1.1 Million.
3.Patch the Glitch: Fix the backend validation logic that permits transfers from accounts with $0 balance.
This dashboard successfully transformed raw transactional logs into actionable risk intelligence. By moving beyond simple counts and using advanced filtering (Account Drains, Z-Scores), we identified $12 Billion in losses that were highly concentrated in specific channels and time windows. Implementing the recommended targeted blocks could reduce future fraud losses by an estimated 99%.