BUILDING A MODEL TO DETECTION AND WARNING ANOMALIES TRANSACTIONS ON E-WALLET

Abstract

The rapid development of e-commerce and online transaction services has made e-wallets an increasingly popular payment tool due to their convenience and flexibility. Users commonly utilize e-wallets for personal spending management, transactions, and accessing various ecosystem utilities. However, the quick growth in the volume and value of transactions also brings heightened safety risks, ranging from fraud and scams to account/device takeover, all of which often involve anomalous transactions characterized by typical user behavior patterns. To address this issue, this paper focuses on developing a dedicated model to detect and alert anomalous transactions on e-wallets, presenting it as an essential solution for the current landscape. The proposed architecture features two security layers to enhance the safety of e-wallet transactions: the first layer is the Device Takeover Detection (DTO) layer, which functions to detect and prevent device control compromise; the second layer is an unsupervised machine learning (ML) model integrated into the model to detect and warn against anomalous transactions. Due to limitations in collecting large-scale, real e-wallet transactions data in Vietnam, this study utilizes the reputable simulated dataset Paysim, published at the "28th European Modeling and Simulation Symposium 2016." The ROC-AUC criterion is used to evaluate the effectiveness of the unsupervised machine learning model. After refinement, the model is deployed via an API and integrated into a simulated e-wallet application to test its ability to detect anomalous transactions. The research results demonstrate the model’s positive effectiveness. Specifically, the Isolation Forest machine learning model, trained on the simulated dataset of 6,362,621 transactions, achieved a ROC-AUC score of 0.9160. The two-layer security architecture, combined with the machine learning model, proves highly effective in preventing device takeover and in detecting and alerting anomalous transactions using the reliable simulated Paysim dataset. With these results, this study not only demonstrates the feasibility of applying machine learning models in the field of e-wallet transaction security but also opens directions for developing multi-layered security solutions capable of adapting to increasingly complex transaction threats in the future.