Skip to content

Devanshu11976/RiskRadar

Repository files navigation

RiskRadar โ€” Real-Time Fraud Detection



Score every transaction. Catch fraud before it settles.

A real-time fraud detection system that streams financial transactions through a weighted risk-scoring engine and surfaces alerts on a live dashboard.




๐Ÿ›ฐ๏ธ What is RiskRadar?

Fraud doesn't announce itself โ€” it hides in velocity spikes, impossible travel, mismatched verification codes, and devices that don't quite look right. RiskRadar watches every transaction as it streams through Kafka, scores it against more than a dozen weighted risk factors, and raises an alert the moment something crosses the line.

It's built for the workflow financial teams actually need: ingest โ†’ score โ†’ alert โ†’ review โ€” with a dashboard that turns raw fraud signals into something a human can act on in seconds.


โœจ Features

โšก Real-Time Processing

  • Apache Kafka ingestion
  • Continuous transaction scoring
  • Microservices-based, horizontally scalable

๐Ÿง  Fraud Detection

  • Weighted ML-style scoring
  • Velocity & impossible-travel detection
  • Device fingerprinting
  • Geographic risk analysis

๐Ÿ“Š Dashboard & Monitoring

  • Live transaction feed
  • Alert triage & status tracking
  • Historical analytics
  • Risk score visualization

๐Ÿงฌ Risk Factors RiskRadar Watches

Category Signals
๐Ÿš€ Velocity High-frequency transaction bursts
๐ŸŒ Geography Impossible travel distance between transactions
๐Ÿช Merchant Risk Suspicious merchants & high-risk categories
๐Ÿ“ฑ Device Security VPN, Tor, emulators, rooted devices
๐Ÿ” Verification CVV and AVS mismatch monitoring
๐Ÿ‘ค Account Behavior New-account risk, decline patterns
๐ŸŒ™ Timing Unusual late-night transaction activity

๐Ÿ—๏ธ Architecture

RiskRadar system architecture


๐Ÿ”„ How a Transaction Flows Through

  1. Ingestion โ€” Transactions arrive (generated or external) and are published to the Kafka transactions topic, with full metadata: location, device, amount, and more.
  2. Real-time processing โ€” A Kafka consumer picks up each transaction immediately and extracts scoring features: velocity, geo-distance, timing, verification status.
  3. Fraud scoring โ€” A weighted algorithm computes a fraud probability between 0 and 1, then maps it to a risk level: LOW โ†’ MEDIUM โ†’ HIGH โ†’ CRITICAL.
  4. Alerting โ€” Any transaction scoring โ‰ฅ 0.4 automatically generates an alert with reason codes explaining exactly why it was flagged.
  5. Dashboard โ€” The frontend polls the backend for live updates; alerts can be reviewed, assigned, and resolved in real time.
  6. Persistence โ€” Every transaction and alert is stored in MongoDB, building behavioral profiles over time.

๐Ÿงฎ Scoring Weights

const weights = {
  velocityCount:        0.15,  // Transaction frequency
  amountDelta:           0.10,  // Amount pattern deviations
  geoDistance:           0.18,  // Geographic anomalies
  isNightTime:           0.08,  // Unusual timing
  isSuspiciousMerchant:  0.15,  // Risky merchants
  isSuspiciousCategory:  0.12,  // Risky categories
  isHighAmount:          0.08,  // Large transactions
  isVPN:                 0.05,  // VPN detection
  isTor:                 0.10,  // Tor network detection
  cvvFail:               0.12,  // CVV verification failure
  avsFail:               0.08,  // Address verification failure
  suspiciousDevice:      0.10,  // Device fingerprinting
  cardTesting:           0.12,  // Card testing patterns
  newAccount:            0.07   // New account risk
};

Thresholds live in backend/server.js:

const CRITICAL_THRESHOLD = 0.7;
const HIGH_THRESHOLD     = 0.5;
const MEDIUM_THRESHOLD   = 0.3;
const ALERT_THRESHOLD    = 0.4; // Alerts fire above this score

Both are tunable โ€” turn the dial up or down depending on how aggressive you want detection to be.


๐Ÿš€ Quick Start

With Docker (recommended)

git clone <repository-url>
cd FraudDetectionApp-main

Set up backend environment variables in backend/.env:

MONGODB_URI=mongodb://localhost:27017/fraud_detection
KAFKA_BROKERS=localhost:9092
KAFKA_BROKER=localhost:9092
PORT=5000

Start everything:

docker-compose up -d

This brings up Zookeeper, Kafka, MongoDB, and the backend API. Then start the frontend:

npm install
npm run dev

App available at http://localhost:5173

Local development (no Docker for app code)

cd backend && npm install        # backend deps
cd .. && npm install             # frontend deps
docker-compose up zookeeper kafka mongodb -d   # infra only
cd backend && npm run dev        # start backend
npm run dev                      # start frontend (new terminal)

๐Ÿ“ก API Reference

Transactions

POST   /api/transactions
GET    /api/transactions

Alerts

GET    /api/alerts
PUT    /api/alerts/:alertId

Stats & System

GET    /api/stats
GET    /api/health
DELETE /api/cleanup/all   (password protected)

๐Ÿงช Testing It Out

Fire a synthetic high-risk transaction straight at the API:

curl -X POST http://localhost:5000/api/transactions \
  -H "Content-Type: application/json" \
  -d '{
    "id": "TEST001",
    "accountId": "ACC001",
    "amount": 75000,
    "merchant": "UNKNOWN_MERCHANT",
    "category": "CRYPTO",
    "location": {"city": "Mumbai", "country": "IN"},
    "cvvMatch": false,
    "avsMatch": false,
    "isVPN": true
  }'

This combination โ€” unknown merchant, crypto category, failed CVV, active VPN โ€” should land solidly in HIGH or CRITICAL territory.


๐ŸŽฏ Where This Fits

  • Financial institutions โ€” real-time payment fraud detection, automated alerting, audit trails
  • E-commerce platforms โ€” order fraud prevention, account takeover detection
  • Banking applications โ€” transaction monitoring, card fraud, AML compliance

๐Ÿฉบ Troubleshooting

Symptom Check
Kafka won't connect Zookeeper must be running before Kafka; verify KAFKA_BROKERS and that port 9092 is free
MongoDB won't connect docker ps to confirm the container is up; verify MONGODB_URI in backend/.env; confirm port 27017 is reachable
Frontend can't reach API Confirm backend is running on port 5000; check CORS config; rule out a local firewall


Built by Devanshu Sharma ยท provided for educational and development purposes.

About

No description, website, or topics provided.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

 
 
 

Contributors