Inspiration
With the rapid growth of UPI in India, we noticed that even small mistakes or fraudulent attempts can instantly move money from one account to another. We kept hearing stories from friends and family about scam calls, fake payment requests, and suspicious UPI links. Most of them realized it after the money was gone.
This inspired us to think: What if we could build an intelligent system that flags suspicious UPI transactions in real time and warns the user before the money is transferred?
That idea became the starting point for our Fraud Detection for UPI Payments project.
What it does
Our project is a fraud-detection engine for UPI transactions that:
Analyzes each transaction in real time based on features like amount, time of day, device ID, location, transaction frequency, and past user behavior.
Assigns a risk score (0–100) to every transaction.
Classifies transactions as Safe, Suspicious, or High Risk (Potential Fraud).
Triggers alerts for suspicious transactions, such as:
Warning pop-ups to the user (“This looks unusual. Are you sure?”)
Flags in the backend dashboard for the bank / payment provider.
Stores flagged transactions for further analysis and model improvement.
In short, our system works like a smart security layer between the user and the actual UPI payment.
How we built it
- Problem Understanding & Design
We studied common UPI fraud patterns: sudden high-value transfers, unusual hours, new payees, multiple failed attempts, etc.
Designed the pipeline: Data → Feature Engineering → Model Training → Risk Scoring API → Frontend Dashboard.
- Data & Feature Engineering
Used a combination of publicly available transaction datasets (for card/digital payments) and synthetic UPI-like data that we generated to respect privacy.
Created features such as:
Transaction amount and deviation from user’s usual amount
Time of transaction (normal vs odd hours)
Number of transactions in the last X minutes/hours
New vs known beneficiary
Device / IP / location changes
Handled class imbalance (fraud cases are rare) using techniques like oversampling.
- Model Development
Used Python (Pandas, NumPy, Scikit-learn).
Trained models like Logistic Regression, Random Forest, and XGBoost and compared them.
Selected the model with the best precision–recall balance, to minimize both false positives and false negatives.
- Backend & API
Built a REST API using Flask / FastAPI that:
Accepts transaction details as JSON.
Runs the trained ML model.
Returns the risk score and prediction label.
- Frontend & Dashboard
Simple web interface (HTML/CSS/JavaScript or React) where:
A transaction can be simulated/entered.
The system shows the risk result instantly.
Admin can view a table of recent suspicious transactions.
- Deployment (Prototype Level)
Packaged the model and API.
Used dummy/simulated transactions to demo how a bank or UPI app could integrate our system before the final payment step.
Challenges we ran into
Lack of real UPI transaction data: Due to privacy and security reasons, real data is not publicly available. We solved this by creating realistic synthetic data and carefully designing fraud scenarios.
Class imbalance: Fraud cases are very few compared to genuine transactions. This made the model biased towards “non-fraud.” We had to use resampling techniques and tune thresholds instead of using default 0.5.
Choosing the right evaluation metric: Accuracy alone was misleading. A model with 99% accuracy could still miss almost all fraud cases. We switched to precision, recall, F1-score, and ROC-AUC, focusing especially on recall for fraud class.
Real-time constraint: Fraud detection must be very fast. We optimized our model and features so that predictions are returned in milliseconds, making it suitable for real-time UPI flows.
Accomplishments that we’re proud of
Built a working end-to-end prototype: from data preprocessing and ML model to an API and UI demo.
Achieved a significant improvement in fraud recall compared to a basic rules-based approach.
Designed a clear risk-scoring system that is easy to explain to non-technical stakeholders (e.g., “above 80 = high risk”).
Implemented a modular architecture so that new features or models can be plugged in without rewriting the entire system.
As students, we understood a real, high-impact fintech problem and converted it into a practical technical solution.
What we learned
How fraud detection systems work in financial technology: risk scoring, anomaly detection, and trade-offs between blocking genuine users and catching fraud.
Practical experience with machine learning for highly imbalanced data.
Importance of data quality, feature engineering, and domain knowledge—they matter as much as the model itself.
How to design APIs and connect ML models with real applications, not just Jupyter notebooks.
Team skills: splitting tasks, version control, debugging under time pressure, and presenting a technical idea in a simple way.
What’s next for fraud detection for UPI payments
Integration with real UPI systems: Connect our engine as a pre-transaction check inside a real or sandbox UPI app to test it with live-like data.
User behavior profiling: Build a profile for each user over time so the model can detect personal anomalies (for example, a user who usually pays ₹200 suddenly sending ₹40,000 at 2 AM).
Graph-based fraud detection: Use graph techniques to detect fraud rings (multiple accounts linked to the same device, IP, or beneficiary chain).
Explainable AI (XAI): Show reasons like “High amount + New payee + Odd time” so that users and banks understand why a transaction was flagged.
Continuous learning: As new fraud patterns appear, periodically retrain the model using newly flagged transactions so the system keeps improving.
Our long-term vision is to make UPI transactions safer and more trustworthy by giving banks and users a smart, AI-driven shield against fraud
Built With
- base44
Log in or sign up for Devpost to join the conversation.