Log In Sign Up

A Comprehensive Survey on Machine Learning Techniques and User Authentication Approaches for Credit Card Fraud Detection

With the increase of credit card usage, the volume of credit card misuse also has significantly increased. As a result, financial organizations are working hard on developing and deploying credit card fraud detection methods, in order to adapt to ever-evolving, increasingly sophisticated defrauding strategies and identifying illicit transactions as quickly as possible to protect themselves and their customers. Compounding on the complex nature of such adverse strategies, credit card fraudulent activities are rare events compared to the number of legitimate transactions. Hence, the challenge to develop fraud detection that are accurate and efficient is substantially intensified and, as a consequence, credit card fraud detection has lately become a very active area of research. In this work, we provide a survey of current techniques most relevant to the problem of credit card fraud detection. We carry out our survey in two main parts. In the first part,we focus on studies utilizing classical machine learning models, which mostly employ traditional transnational features to make fraud predictions. These models typically rely on some static physical characteristics, such as what the user knows (knowledge-based method), or what he/she has access to (object-based method). In the second part of our survey, we review more advanced techniques of user authentication, which use behavioral biometrics to identify an individual based on his/her unique behavior while he/she is interacting with his/her electronic devices. These approaches rely on how people behave (instead of what they do), which cannot be easily forged. By providing an overview of current approaches and the results reported in the literature, this survey aims to drive the future research agenda for the community in order to develop more accurate, reliable and scalable models of credit card fraud detection.


page 1

page 2

page 3

page 4


Credit card fraud detection using machine learning: A survey

Credit card fraud has emerged as major problem in the electronic payment...

A Survey of Credit Card Fraud Detection Techniques: Data and Technique Oriented Perspective

Credit card plays a very important rule in today's economy. It becomes a...

CreditPrint: Credit Investigation via Geographic Footprints by Deep Learning

Credit investigation is critical for financial services. Whereas, tradit...

A Survey of Online Card Payment Fraud Detection using Data Mining-based Methods

Card payment fraud is a serious problem, and a roadblock for an optimall...

Fraud Detection using Data-Driven approach

The extensive use of the internet is continuously drifting businesses to...

Machine Learning for Temporal Data in Finance: Challenges and Opportunities

Temporal data are ubiquitous in the financial services (FS) industry – t...

Ensemble and Mixed Learning Techniques for Credit Card Fraud Detection

Spurious credit card transactions are a significant source of financial ...

1 Introduction

Credit card fraud is perpetrated in many different shapes and forms, but can be broadly categorized into the following: ‘application’, ‘electronic or manual card imprint’, ‘mail non-receipt’, ‘lost or stolen’, ‘counterfeit’ and ‘card not present’ fraud. Application fraud generally happens when other people apply for and obtain new credit cards using false personal information. This typically arises in conjunction with identify theft, as fraudsters usually steal supporting document needed to substantiate fraudulent applications. Electronic or manual card imprint fraud is usually committed through skimming information on the magnetic strip of the card and then using it to perform a fraudulent transaction. Mail non-receipt is when credit cards in the post are intercepted by fraudsters before they reach the card holder. Another type of fraud can happen though lost or stolen cards, in which the credit card is taken from the card holder’s possession, either through theft or misplacement. The criminals then use the card to make payments. Counterfeit card fraud is done by skimming a fake magnetic swipe card, which holds all the details of the card. An exact copy of the card then will be created using the fake strip.

The most common form of credit card fraud is when the card is not present (i.e. phone, mail, internet transactions). In this type of fraud, the fraudulent transaction does not involve the presentation of a tangible card, and it is performed remotely, through phone, mail, or internet, where retailers are unable to physically check the card or the identity of the card holder. In such type of fraud, the details of the credit card are obtained without the card holder’s knowledge, either by a skimming process ( when employees use an unauthorized ‘swiper’ that downloads the encoded information), or from receipts thrown away by the customer. One of the most striking factors about this form of fraud is that fraudsters may be able to even assume the actual identity of the victim. This enables fraudsters to obtain access to the victim’s bank account and ask the bank for a change of address so that all correspondence from the bank will go to a fake address. This increases the time that fraudsters have to fraudulently make charges on their victims’ credit cards. This form of fraud occurs through hacking online databases, which allow fraudsters to take control of peoples’ bank accounts, and let assume false identities. By cold calling and pretending to be from the bank or the police, fraudsters may obtain complete information of their victims needed to purchase goods or services in the name of the card holder.

1.1 Preliminaries

1.1.1 Machine Learning

With an ever-increasing amount of data, it is almost impossible for a human programmer or specialist to detect a meaningful pattern in data and translate it for the future use. For this reason, the application of machine learning has widely spread throughout computer science domains, where information extraction from large data sets is required. These applications include but are not limited to spam filtering, web searching, ad placement, face and voice recognition, recommender systems, credit scoring, drug design, fraud detection, and stock trading. In this section, we provide some background on the main concepts underlying machine learning.

Learning covers a wide range of processes, which are difficult to define precisely. Consequently, machine learning has waded into several branches, each of which deals with a different type of learning task. However, the shared features of all machine learning models is that they automate the process of an inductive inference including, observe a phenomenon, build a model based on the observed phenomenon, and make predictions using the constructed model. Formally, there are several types of learning frameworks such as supervised, semi-supervised, unsupervised, reinforcement, transduction, and learning to learn. The two most widely adopted machine learning methods are supervised learning, which trains the algorithm on predefined labeled datasets, and unsupervised learning, which provides the algorithm unlabeled training data to allow learning the patterns and relationships in the input data. In the following, we explore these two learning frameworks in more detail.

1.1.2 Supervised Learning

Supervised learning is commonly used to use historical data to predict statistically likely future events. In this framework, the phenomenon is defined as some instance-label pairs. The learning model is then constructed as a mapping function from the instances to the labels. For example, consider an input space as the set of objects we want to label. Also, assume that the output space denotes the set of possible labels. We then assume that the training data are identically and independently drawn from an unknown distribution defined on . Now, given the training data, the objective of a learning algorithm is to choose a function among the functions in the hypothesis class . In other words, the objective of a learning algorithm is to choose a function from the hypothesis space that minimizes the empirical risk, and quantify the consistency of function with the training data as


The learning algorithm, which is called Empirical Risk Minimization, is based on the idea of choosing a predictor function which minimizes (1). However, in practice, a regularizer is usually imposed on to prevent overfitting. This leads to regularized empirical risk minimization algorithms, which solves the following problem:


where is the regularization function, and is the parameter associated to .

Regression and classification are the two most common supervised approaches. Recommendation and time series prediction are two popular examples of problems built on top of classification and regression, respectively.

1.1.3 Unsupervised Learning

Unlike supervised learning, in unsupervised frameworks, we only observe the instances , which are not associated with any labels. The goal of an unsupervised learning algorithm is then to model the underlying structures, patterns, similarities, and differences in the data that can be used for decision making or predictions about future inputs.

A big challenge associated to unsupervised learning is that it’s almost impossible to come up with a reasonable objective measure of the algorithm’s accuracy, since there is no gold standard (like a target output or label). Therefore, choosing an appropriate measure to asses the similarity of the instances or to compare different structures in the data is always challenging in this learning framework.

Dimensionality reduction and clustering are two classic examples of unsupervised learning. Dimensionality reduction creates/extracts a smaller number of variables (features) from the original variables (features) that describe the data sufficiently. Since dimensionality reduction is not relevant or applicable to our study here, we will not elaborate further on these methods.

Clustering is about partitioning of data into groups (clusters) such that the objects in each group share some common characteristics among each other. A popular clustering model that minimizes the clustering error is known as the

-means algorithm. K-means clustering aims to partition the given data into

clusters with minimal variation within each cluster, and maximal variation across the clusters. The idea is to initialize the cluster by randomly selecting points as cluster centers. The algorithm then assigns a data point to their nearest center and updates the clustering centers by calculating the average of the members belonging to the clusters. This process repeats the relocating-and-updating steps until the algorithm converges. The convergence criteria is typically set based on a predefined number of iterations and/or the difference on the value of the distortion function. Besides the challenge of selecting an appropriate similarity/dissimilarity measure, other limitations of clustering approaches in general are 1) choosing the right number of clusters along with the initial centers of the clusters, as these two initial starting conditions heavily affect the performance of the algorithm; 2) numerical data is required as the -means clustering algorithm works only with numerical data, limiting its application to real world problems.

2 Literature Review

We carried out our survey in two main parts. In the first part, we focused on studies addressing the problem of credit card fraud detection using classical ML (ML) models. These approaches typically employ traditional transnational features (such as type of the card, type of the transaction, place of the transaction, etc.) to make fraud predictions. All these methods are based on user authentication or identification models, which rely on some static physical characteristics, such as what the user knows (knowledge-based method), or what he/she has access to (object-based method). All these knowledge or object based authentication approaches suffer from an obvious disadvantage: tokens can be stolen, misplaced or guessed by fraudsters. Therefore, this type of models is not capable of distinguishing an authorized user from an impostor, who fraudulently acquire the token or knowledge of the authorized person. To achieve a more satisfactory level of security, more advanced techniques have been proposed for user authentication/identification, which use behavioral biometrics to identify an individual based on his/her unique behavior while he/she is interacting with his/her electronic devices. The main advantage of these approaches is that the security relies on how people behave (instead of what they do), which cannot be easily forged.

In the second part of our survey, we review some of the recent studies addressing the problem of user authentication using behavioral biometrics. It is worth pointing out that since there have not been enough studies that use behavioral biometrics for fraud detection, we focused our review on general user authentication approaches employing behavioral biometrics to identify authorized users from impostors. We would also like to mention that with regard to the second part of the survey, we were mainly concerned about the different authentication schemes used in different works; meaning that we reviewed and compared studies in terms of different behavioral features, rather than approaches that they used for user authentication.

2.1 Fraud Detection Approaches Based on Traditional Ml Models

Searched through “Google Scholar” for recent scientific papers published in the context of credit card fraud detection using ML models. “Credit Card Fraud Detection” and “Machine Learning” were the most useful keywords to findrelevant articles. In this stage, by reviewing the abstract and title of the collected papers, we identified articles, which use ML approaches to address the problem of credit card fraud detection. In the next stage, we considered and reviewed only recently published or highly-cited papers among all collected ones.

This section presents a review of the ML approaches adopted for credit card fraud detection. According to literature, both supervised and unsupervised algorithms can be used for credit card fraud detection. In the following, we will present an overview of relevant studies using these two approaches to address the problem at hand.

2.1.1 Supervised Ml Algorithms for Credit Card Fraud Detection

Assuming the availability of annotated transactional data, supervised techniques can be used to discover patterns associated to genuine and fraudulent classes of transactions. The main advantage of these methods is that they have low false positive (normal transactions considered as frauds) rates, since the model can learn existing fraud signatures and patterns in the available data. However, one shortcoming of the supervised approach is that the model’s learning (classier) is based on limited available fraud records; therefore, it might not be successful in predicting novel fraudulent behaviors that may not have been seen in the past. This might lead to a high false negative (fraudulent transactions considered legitimate) rate in the fraud detention system. These methods also need to deal with the challenge of unbalanced class sizes, as genuine transactions generally far outnumber the fraudulent ones.

Many studies exploited the strength of supervised ML algorithms to predict fraudulent credit card activities. LR (LR) is a broadly utilized technique that has been heavily used in initial fraud detection studies. Although these methods are well-understood, easy to implement, and have a well established history with fraud detection, they have limited power when dealing with non-linear data, which makes them unsuitable for complex fraud detection problems. For example, the authors in (Jha et al., 2012) use a LR to show the improved performance of a transaction aggregation strategy in creating suitable derived attributes, which help detect credit card fraud. Using real-life data of transactions from an international credit card operation, they evaluate the performance of their proposed model. The results show the importance of transaction types, product types, and/or merchant types as discriminator features to identify credit card fraud. Another study in (Sahin and Duman, 2011) compares the performance of LR and ANN (ANN) in credit card fraud detection with a real data set. The empirical results of this study illustrated the advantage of ANN over LR on the test data, and it shows an equal performance of these two models over training data. Another interesting observation in this work is that the LR model overfits the training data, and its overfitting behavior becomes even more remarkable as the number of training data increases. Also, (Rushin et al., 2017)

’s research compares the predictive power of logistic regression against gradient boosted trees and deep learning. Using a real dataset—containing

million account-level transactions with attributes collected in an eight-month time period—this study demonstrates the advantage of deep learning as the most accurate model in fraud prediction. Also, it indicates that LR has the worst performance among all models, which could be due to its inability in finding hidden relationships.


s are other popular methods that have been applied for supervised credit card fraud detection. Neural networks are highly adaptive for complex data structures, however, they require high computational power for training, and they are prone to local minima, overfitting, and noise. One study in

(Patidar and Sharma, 2011)

addresses the problem of credit card fraud detection using neural networks. In their study, a genetic algorithm is applied to design the network and make decisions about the network topology, number of hidden layers, and number of nodes. The authors in

(Kim and Kim, 2002)

propose an aggregated framework based on neural networks and a fraud density map. In this approach, a neural classifier generates a fraud ratio from the feature vector, which is then combined with a a fraud density generated from a fraud density map. The transactional data from

from a credit company in Korea has been used to evaluate this model, and the results indicate the high effectiveness of this model compared to the plain neural network classifier. Another study (Wang et al., 2018) developed a privacy-preserving distributed deep neural network algorithm, which enables banks and other entities to share their data without revealing sensitive information. Using a real-world fraud detection data set containing multi-million transactions, the study in (Wang et al., 2018) achieves performance (measured by AUC) comparable to the non-private baseline.

SVM (SVM) is another popular method that has been widely applied to detect frauds in the credit card industry. SVMs have been proven to be successful in a variety of classification tasks, including fraud detection. The strength of SVMs comes from two unique features: first, their capability to work in high dimensional feature spaces without any additional computational complexity, achieved by using kernel functions to map the data from their original input space to a high dimensional feature space, wherein the instances are more likely to be linearly separable. This property of SVMs enables non-linear classification problems like the ones arising in fraud detection to be solved. Another distinctive attribute of SVMs is the way they achieve global solutions with good generalization performance. This property is due to the fact that the optimization problem in this framework minimizes an upper bound of the generalization error. This property makes SVM more robust in its prediction task. In one study (Chen et al., 2005), the performance of SVM has been compared against ANN in investigating the time-varying fraud problem. The results indicate that SVM and ANN are comparable in training. However, ANN tends to overfit training data, and therefore shows worse performance for future data prediction. Another study in (Lu and Ju, 2011) developed a detection model based on class weighted SVM

, which is expected to more effectively handle the imbalance nature of the credit card transnational data. Using a real dataset from a Chinese bank, it is illustrated that their proposed model is effective in solving the credit card fraud detection problem leading to higher precision compared to the C-SVM, Back Propagation Neural Network (BPNN), Decision Tree, and Naive Bayes classifier. Moreover, with the application of a real data set, the authors in

(Sahin and Duman, 2011) compare the performance of SVM and Decision Tree in credit card fraud detection.The results of this study show that with a large number of training samples the performance of SVM-based models is comparable to that of generated from decision tree approaches. Although, the Classification and Regression Trees have a higher true positives (fraudulent) rate. Another study in (Chen et al., 2006) developed a SVM-based model, which is shown to be effective in predicting the positive (fraudulent) samples more accurately. Their proposed approach has been shown to outperform two other approaches, namely the over-sampling (replicating the data in the minority class) and the adding-sampling (adding the data in the minority class), which both are commonly used to moderate the problem of imbalance in the data set. Another work (Dheepa and Dhanapal, 2012) also shows the effectiveness of SVMin credit card fraud detection. The study in (Dheepa and Dhanapal, 2012) proposes a SVM

model, which uses the spending behavior of users to detect fraudulent transactions. Principle Component Analysis has been employed for feature selection and it has been shown to be effective in achieving lower false alarm rate.

DT (DT) is another type of classifier which has been adopted by researchers to build fraud detection models. These methods are easy to implement, display, and understand with a low computational power requirement. Despite the flexibility and interpretability of DT

s, they can be unstable and highly sensitive to skewed class distributions. Also, the selection of splitting criteria can significantly affect the tree’s classification performance. The study in

(Shen et al., 2007) compares the prediction accuracy of ANN, DT, and LR in credit card fraud detection. Using a real-world data set, this work demonstrates the advantages of neural networks and logistic regression over decision tree in solving the problem under investigation. Using real credit card data from a bank, the authors in Sahin et al. (2013) evaluate the performance of their cost-sensitive DT-based approach in identifying fraudulent credit card transactions. The results show that the proposed model outperforms the traditional models in fixed-cost DT, ANN, and SVM not only in terms of accuracy and true positive rate, but also with respect to a newly defined performance metric—suitable for the credit card fraud detection problem—which is the Saved Loss Rate (SLR). This is the saved percentage of the potential financial loss calculated with the available usable limits of the cards from which fraudulent transactions are committed. In a similar study in (Bahnsen et al., 2015), an example-dependent cost-sensitive decision tree algorithm was developed. The effectiveness of this model was examined using three real-world data sets including one provided by a large European card processing company. Using a newly defined cost-based impurity measure, they compared the performance of their proposed model against classical DT, LR

, and Random Forest algorithms. The results indicate that the model outperforms the alternatives in terms of saving. Also, it has been shown that compared to classical

DT algorithm, their algorithm leads to a smaller tree with less complexity, which is easier to interpret and analyze.

The instability and sensitivity of DTs have been addressed by adopting ensemble methods to create a forest of random trees. RF (RF) is an ensemble of decision trees, which is more robust to overfitting and noise in the data. Also, they are computationally efficient, as each tree is generated independently. However, the performance of these models highly depend on the strength of each tree as well as the correlation between trees. Overfitting can easily occur when using these type of models. Also, RFs have limited interpretability power due to the multitude of decision trees that make up the ensemble. Several studies have evaluated the performance of RF against other ML approaches. For example, using real-world data of transactions from an international credit card operation, the study in (Bhattacharyya et al., 2011) shows the performance advantages of RF in capturing more fraud cases, with fewer false positives. Also, the authors in (Dal Pozzolo et al., 2015) have used and compared several RF-based models to address the problem of concept drift ( customers’ habits evolve). Their experiments on two real-world credit card data sets indicate that alert precision can be substantially improved by their proposed approach. Another study in (Dal Pozzolo et al., 2014) shows the superiority of RF over NN (NN) and SVM on a real credit card dataset provided by a payment service provider in Belgium. Using a real credit card data set and several performance measures such as AP, AUC, and PrecisonRank, they aim to address the challenging problem of learning with unbalanced data in credit card detection. In another work in (Van Vlasselaer et al., 2015), the authors compare the predictive power of RF against LR and NN. Their experiments on a data set with more than three million transactions indicate that RF outperforms its competitors in terms of accuracy and AUC. Moreover, RF were found to outperform SVM, LR and KNN (KNN) in another comparative study in (Whitrow et al., 2009). Using two real-life data sets and a cost performance measure, they show that RF gives the best results on both data sets, especially with aggregated data. They experiments also indicate that transaction aggregation technique has a major impact on the performance of classifiers for fraud detection.


classifiers are other commonly used fraud detection techniques, which use probabilistic classifiers based on Bayes conditional probability to classify each sample into the class that it is most likely to belong to. They are easy to interpret and effective, especially with high dimensional input data. Moreover, they allow the integration of expert knowledge to uncertain statements. However, the predictive power of these models is highly affected by the assumption of conditional independency among features in the data, which leads to reduced accuracy in the presence of redundant attributes. A study in

(Mohammed et al., 2018) investigates the the suitability of several ML algorithms including NB classifier to detect credit card fraud with highly imbalanced massive data sets. With the help of two real world data sets, it has been show in (Mohammed et al., 2018) that NB technique is comparatively faster than the RF and Balanced Bagging Ensemble (BBE) classifier in detecting fraud. It should be noted that the precision rate is too low, which leads to many false alarms. Another research paper in (Mahmud et al., 2016) investigates the performance of various machine learning algorithms in detecting credit card fraud. Some measurements such as classification accuracy and fraud detection rate were used to evaluate different models. The results show that DT-based models outperform NB algorithm in terms of classification accuracy. Also, in order to build a cost sensitive detection system, a Bayes minimum risk approach was proposed in Bahnsen et al. (2013), which takes into account the real financial costs of credit card fraud detection. Using a real transactional data set, this study shows that the proposed framework is capable of reducing the cost compared to state-of-the-art techniques such as LR, DT C4.5 and RF. In another study in (Mahmoudi and Duman, 2015), the authors evaluate the performance of linear Fisher discriminant analysis against NB, ANN, and DT. Using a real-world datad set taken from an anonymous bank in Turkey, they show that their proposed approach outperforms alternatives based on not only on classical performance measures but also saved total available limit.

KNN algorithms have been successfully used in credit card fraud detection. Based on this technique, a new instance query is classified based on its nearest neighbors. The effectiveness of this model is influenced by the distance metric used to locate the nearest neighbors, and also the parameter which determines the number of neighbors needed to classify the new sample. Therefore, these algorithms are extremely sensitive to noise. In a comparative study in (Yeh and Lien, 2009), using real data from a bank (a cash and credit card issuer) in Taiwan, the authors compared the predictive performance of several data mining methods including KNN, ANN, DT, and NB classifiers, as well as LR, and discriminant analysis. Based on their results, KNN classifiers have the lowest error rate. However, they show that KNN does not perform better than the NB classifier, ANN, and DT, if as the performance measure. Also, the work in (Pun and Lawryshyn, 2012) proposes a meta classifier based on KNN, NB, and DT to address the problem of fraud detection. Using months of transactional data collected from a Canadian bank, the proposed algorithm shows significant improvement over NN-based methods used by the bank to score fraudulent transactions. Also, the savings improvement evaluation was employed to assess the predictive performance of algorithms in fraud detection. Using UCSD Data Mining Contest 2009 Dataset (anonymous and imbalanced), the authors in (Seeja and Zareapoor, 2014) compared the performance of their proposed frequent pattern mining algorithm (based on frequent itemset mining) against KNN and a few other ML techniques. For this comparison, they used 4 classification metrics: fraud detection rate, false alarm rate, balanced classification rate, and Matthews correlation coefficient. The results of this study show the performance improvement of the proposed model over KNN, NB, SVM, and RF in terms of all 4 metrics. Also, it has been shown that KNN performs better than SVM on fraud detection rate (sensitivity), and it outperforms RF and SVM in terms of balanced classification rate. Interestingly, the results of the study in (Seeja and Zareapoor, 2014) indicate that KNN is very competitive with the proposed frequent pattern mining approach in terms of false alarm rate.

2.1.2 Unsupervised Ml Algorithms for Credit Card Fraud Detection

The second type of approach deals with unsupervised techniques, which detect changes in behavior or unusual transactions. In these approaches, the legitimate user behavioral model is learned, then activities with enough departure from the norm are detected as frauds. An advantage of unsupervised methods is that they are more powerful than supervised approaches in detecting previously unseen types of frauds. Also, since they do not need labeled data, these methods can be useful in applications where no prior knowledge is available.

One of the most known unsupervised algorithms used in fraud detection is clustering. For example, KM (KM) is a simple and efficient clustering method that partitions unlabeled samples into disjoint clusters such that the square of distance between the points and centroid of that cluster is minimized. Although KM clustering algorithms are simple and easy to implement, they are very sensitive to the initial cluster centers, which are randomly selected. This makes KM

algorithms vulnerable to outliers, which are especially relevant in fraud detection contexts. Moreover, similar to

KNN methods, in KMs the parameter should be chosen appropriately, which requires input from domain experts. If not, it bears the burden of additional computation to find the optimal value of . Another disadvantage of the clustering methods, including KMs, is the difficulty of choosing an appropriate metric to measure the distance between observations. For example, it is not an easy task to combine categorical and numerical attributes in a good clustering metric, since samples may group differently on some subsets of attributes than they do on others. This may lead to instability problems in clustering-based methods. A K-means clustering algorithm is used in (Vaishali, 2014) to detect fraudulent transactions. They generated an artificial data set including transaction ID, transaction amount, transaction country, transaction date, credit card number, merchant category ID, and cluster ID.

clusters were used to group credit card transactions into low, high, risky, and high risk. The results of their experiments showed that in most cases, the fraudulent activities could be correctly identified, although there were a few cases wherein a non-fraudulent activity was incorrectly detected as fraud. Also, a combination of Hidden Markov Model (HMM) and K-Means algorithms was used in

(Kumari and Choubey, 2017) to identify the fraudulent activities on credit cards. In their proposed framework, a K-means clustering algorithm is first applied on the historical data to categorize customers based on their spending behavior in terms of having high, medium, and low transactions. Then the HMM produces an output in the form of the probability of a transaction being fraudulent. In another study in (Chang and Chang, 2014), an X-means algorithm (a variant of K-means) was developed to cluster fraudsters as Aggressive, Classical, Luxury, or Low-profile. A fraud detection method was then performed to classify suspects into legitimate users or fraudsters in different classes, which was showed it could lead to improved overall detection accuracy. Also, the authors in (Behera and Panigrahi, 2015) used a KM-based clustering approach to address the problem of credit card fraud detection. Using the clustering algorithm, the transactions were grouped based on the spending patterns of the cardholders. A transaction is considered suspicious if its distance to the center of the cluster exceeds a pre-set threshold. The suspicious transactions are kept for further analysis and classification using a feed forward NN. The statistical analysis of the results on a simulated data set yielded up to 93.90% True Positive and less than 6.10% False Positive. The study in (Jiang et al., 2018) used a KM clustering method to cluster cardholders to three different groups: low, medium and high transaction. Then, they utilized a window-sliding strategy to aggregate the transactions in each group, and then extracted a collection of specific behavioral patterns for each cardholder based on this. At the end, they applied a set of classifiers to detect fraudulent transactions in each group. The results of their experiments on simulated data showed improvement over LR- and RF-based models.

SOM (SOM) is an unsupervised neural network learning model, which has been used to form customer profiles and visualize fraudulent patterns. In SOM

, the transaction data is grouped into genuine and fraudulent sets through the process of self-organization, which is an iterative tuning in the weights of neurons in the network. A new sample is then fed into

SOM; if it is similar to all previous instances from a genuine set, it is considered legitimate, or if it is similar to past examples of fraudulent sets, it is classified as fraud. SOMs are very efficient and can handle large and high dimensional datasets, due to its visualization facilities. However, the lack of a real objective function makes it difficult to compare the solution of various SOM models against each other. Besides that, like other neural network based models, choosing the optimal size of the SOM requires expert knowledge and/or extensive computational evaluations. A fraud detection method based on SOM is proposed in (Olszewski, 2014). In the first step of their algorithm, a SOM

visualization was performed on the multidimensional data of the user accounts. Then, a threshold-type binary classification algorithm was applied to detect fraudulent accounts. Their experimental study on a real data set demonstrates the benefits of data visualization, which transforms the input high-dimensional information into a 2-dimensional image, which is more interpretable even by non-experts. The study in

(Agaskar et al., 2017) proposed a fraud detection model which detected fraudulent transactions using records of the amount and location details of previous transactions carried out by customers. After obtaining the clusters from the SOM algorithm, they suggested re-validating the clusters using association rules on each cluster. Another SOM-based fraud detection model was proposed in (Deng and Mei, 2009), wherein a KM clustering algorithm is applied on the results of SOM to avoid unclear clustering boundaries of nodes of SOM. Also, 100 financial statements of Chinese listed companies were used as experimental samples.

2.2 User Authentication Approaches

Designing secure and reliable user authentication systems has become an important task to protect users’ private information and data. Thus, it is relevant and articles studying this topic in the literature should be discussed. In order to do so, we did a through research on the recent articles from “Google Scholar” and ”science direct” resources. In this phase, we identified relevant studies published recently for deeper analysis. This selection was done based on if the research paper is pursuing a novel, interesting, or relevant approach which can be extended to the case of credit card fraud detection. Other recent surveys in user authentication task can be addressed by Meng et al. (2015), Kunda and Chishimba (2018), Barkadehi et al. (2018), and Neal and Woodard (2016).

2.2.1 Password-Based Authentication

Password-based authentication approaches such as the Personal Identification Number (PIN) and Graphical passwords (Dunphy et al. (2010)) are broadly used for user authentication. A recent study by Meng et al. (2016a) on recalling multiple password interference on touch screen patterns and text passwords shows that with three accounts, users in the unlock pattern condition can perform better than users in text password condition.

However, several articles discussed that these user authentication schemes are usable and convenient but highly insecure (De Luca et al. (2012)). This is because users are more likely to choose simple passwords due to long-term memory limitations. As a result, passwords are usually easy to guess and remember (Yan et al. (2004) and Florencio and Herley (2007)). Additionally, authentication credentials can be easily stolen via shoulder surfing (Tari et al. (2006) and Kim et al. (2010)), in which hackers can use direct observation techniques to infer users’ data. Finally, graphical passwords can be recovered through side channel attacks (Aviv et al. (2010)), i.e., Android unlock patterns can be identified via a smudge attack, where attackers can extract recently touched locations by inspecting smudges.

Due to the aforementioned issues of password-based authentication, research has discussed using a new approach based on the measurements of human actions called biometric-based authentication. The following subsection addresses biometric-based authentication methods.

2.2.2 Biometrics-Based Authentication

Here, we will discuss biometric-based authentication approaches for user authentication, which can be broadly classified into the two categories: Physiological Authentication and Behavioral Authentication schemes.

Physiological Authentication: Approaches that use measurements from the human body and its physical characteristics, such as a fingerprint (Maio et al. (2002), Numabe et al. (2009)), face (Wallace et al. (2012), Cardinaux et al. (2006), Wallace et al. (2011)), voice, iris/retina (Pillai et al. (2016), Mansour (2016)) and hand/palm (Zhou et al. (2009), Huang et al. (2008)) to classify users, are known as physiological authentication approaches. Gunson et al. (2011) discusses voice recognition authentication in detail, in which they address the problem of using customer voices and comparing sentences versus digits for authentication in an automated telephone banking system. They compared voice print authentication types in an experiment consisting of telephone banking customers, and found that using voice print authentication based on digits is more convenient and makes a significant impact in customer acceptance. Dai and Zhou (2011)

proposed a novel recognition algorithm using several features such as density, orientation, and principal lines for high resolution palmprints and designed an estimation algorithm. They performed their algorithm on a database containing

full palmprints and discovered that density is very useful for palmprint recognition.

Despite the uniqueness of physiological biometrics, which enables reliable authentication system construction, they usually require additional and special hardware to scan and/or recognize physiological features. Another limitation of this approach it allows access during for the whole session after the initial verification (Meng et al. (2012)). This may provide the opportunity for an impostor to gain access to a session in progress and retrieve sensitive information. Additionally, environmental factors (such as different viewing angles, poor illumination, and background noises) can diminish the accuracy and reliability of physiological based authentication schemes (Zheng et al. (2014) and Phillips et al. (2011)). In addition, some of the features such as iris and retina scanning are very expensive (Meng et al. (2018a)).

Due to these limitations of physiological approaches, this part of our survey is geared towards investigating the studies that employ behavioral biometrics for user authentication purposes. It is noteworthy that some researchers consider only physical characteristics as part of biometric authentication schemes (such as Kunda and Chishimba (2018)), while in this survey, we consider biometric based authentication schemes as including both physiological and behavioral biometrics.

Behavioral Authentication: The second type of biometric approache, known as behavioral authentication, uses human actions to authenticate users. It is shown that there is a significant difference between user’s behavior while interacting touch screen surfaces. In a study by (Sharma and Enbody (2017)) on mobile devices it is shown that ”As long as the user interface for a mobile application remains consistent, user behavior while interacting with the user interface also remains consistent”. As a result, several studies in the literature address behavioral authentication schemes, which may use different features to authenticate users and in general can be categorized as one of the following:

  • Keystroke Dynamics (Based on typing characteristics of the user)

    Keystroke dynamics are considered one of the most important features of behavioral biometrics (Jiang et al. (2007)) due to its dependence on the time and the typing skill of the user (Chudá and Ďurfina (2009)). As a result, several studies have been published in this area. As one of the early researches in the area, Bergadano et al. (2002) describe a new biometric measure of the typing characteristics of users that controls the instability of keystroke dynamics. They test their method on a data set of 154 individuals and achieved an average False Alarm Rate. Clarke and Furnell (2007) addresses the problem of mobile phone users’ authentication using keystroke analysis. A feasibility study to demonstrate the ability of neural network classifiers based on users’ keystroke and typing dynamics is presented. It is shown that the performance of the technique used can differ due to two reasons: users with large variations in handset interactions, and users who do not use their mobile handset keypad.

    Zahid et al. (2009) demonstrate that keystroke dynamics can be translated to authenticate users. They collected data from different smart phone users considering six distinguishing keystroke features and demonstrated that these features can be used as a matter of user authentication. In , Darabseh and Namin (2014) studied the influence of four keystroke features and their combinations including key duration, flight time latency, diagraph time latency, and word total time duration. Their computational results on eight users data set confirms that holding time of the key press (F1) is an important feature, among others.

  • Touch Dynamics

    With the increased popularity, usage, and capabilities of touch-screen devices (such as smart-phones, computers, and tablets), users tend to store their personal and sensitive information (such as online banking transactions, PINs, credit card numbers, online transaction credentials, and email communications) on them. Despite its convenience, the stored data is easily attacked by cyber criminals. Therefore, the need for sufficient user authentication schemes to protect both users and companies is increasing. One of the recent approaches for properly authenticating users utilizes touch dynamics and characteristics of the user. Touch dynamic authentication has some advantages, such as that it is an inherent feature of a many smart-phone and computer devices already (Teh et al. (2015)). Furthermore, touch dynamic schemes use the internal sensors of the touch screen device and does not require any extra hardware (Inoue and Ogawa (2018)). Due to the advantages of touch dynamic schemes mentioned in the literature, recent studies of touch dynamics are further described and addressed in this section.

    In the literature, machine learning methods are the main tool for addressing and constructing user authentication schemes based on behavioral biometrics. In 2012, Meng et al. (2012)

    proposed a novel user authentication approach based on 21 features related to the touch dynamics of a user such as touch duration and direction. To validate the performance of their method, they used 20 Android phone users and the results show that the neural network machine learning classifier effectively authenticated users. It is also shown that with the usage of Particle Swarm Optimization (PSO), the average error rate of variations in users’ usage patterns was reduced to


    One year later, Frank et al. (2013) investigated the usage of touchscreen input as a behavioral biometric for continuous user authentication and developed a touch behavioral authentication scheme called Touchalytics

    . By considering 30 touch dynamic features and using k-nearest neighbour classifier as well as a Gaussian rbf kernel support vector machine on data collected from

    users, they show that classifiers achieve robust results with an error rate between and . Sae-Bae et al. (2014) proposed a user authentication scheme which considered 22 different features of multi-touch behavior gestures. These gestures could be extracted from both hand and figure gestures including pinch, drag, and swipe. Also, a multi-touch gesture classifier was developed.

    A study by Meng et al. (2014) addresses a novel lightweight touch dynamic based user authentication system, considering features such as the number of touch movements, the average time duration of single-touch, and the average touch pressure. They also maintain the accuracy of classifiers by designing an adaptive mechanism and measuring the performance of classifiers with a cost-based metric. An experiment considering users using Android phones was conducted and it was shown that the proposed authentication scheme can achieve an average error rate of .

    In a more recent article studied by Gong et al. (2016), a new touch-based continuous authentication system, secure against forgery attacks, is proposed. The authors consider some random ”secret” in a user’s touch characteristics that an attacker cannot be aware of even if the user’s touch characteristics were already obtained. To illustrate the results, data from users was collected, and it was shown that the proposed model was able to achieve a smaller equal error rate than previous touch dynamic authentication schemes. Sharma and Enbody (2017)’s study on user authentication and identification from user interface interactions shows that some features are not particularly useful, such as the difference in coordinates, distance, finger pressure, finger size, and direction of touch. They collected data from users and found that the SVM-based classifier outperformed the other two techniques used and achieved a mean equal error rate of for user authentication. The results also demonstrate that the median accuracy of was achieved for user identification.

    Although machine learning methods are widely used for user authentication schemes, the performance of a classifier may not be stable. A recent study by Meng et al. (2018a) addresses this instability performance of the machine learning techniques used for the user authentication and proposes a cost-based intelligent mechanism to choose the least costly mechanism while maintaining the performance of the user authentication scheme. To achieve this goal, they design a lightweight touch dynamics based authentication scheme that includes gesture-related features such as the the number of touch movements, the average time duration of touch movements, the average speed of touch movement, touch size, and touch pressure. The computational results on data collected from Android phone users demonstrate that the proposed cost-based authentication scheme achieves a higher and more stable level of authentication accuracy.

    Rehman et al. (2017) analyzes the distinctness of gestures in touchscreen Android mobile devices to measure the accuracy, distinctness of user’s fingers, and time response of the Android mobile device. The results show that the accuracy of finger gestures can be increased by a user’s right index fingers, left index finger, left thumb, and right thumb. In addition, the phone’s position, orientation, screen size, and the dominant hand of the user and the number of hands used can affect the accuracy.

    Moreover, in another study by Meng et al. (2018b), TouchWB, a novel touch gesture-based authentication scheme consisting of touch features, is introduced. Features of the study are extracted from web browsing gestures and behaviors of the users on smart-phones and can be mainly categorized in four types: single-touch (such as tap), multi-touch (such as zoom, pinch, and rotate), touch-movement (such as swipe up and swipe down), and no-touch. In addition, authors consider different directions to describe and define touch movements. In order to investigate the touch behavioral deviation between web browsing and freely using the smart-phone, data from

    Android phone users divided in two groups was collected. The results demonstrate that the deviation of user’s touch behavioral during web browsing is smaller than the scenario of free touches and the combined classifier of PSO and radial basis Function Network (RBFN) adopted from

    Meng et al. (2012) could achieve a mean error rate of .

    The study of Inoue and Ogawa (2018) challenges the limit of usability in touch dynamic authentications and addresses a novel user authentication scheme, called TapOnce. It is designed to authenticate users with only one tap, while previous works required at least four taps for touch dynamic authentication (Inoue and Ogawa (2017)). Authors discuss that among the three indispensable factors of security, usability, and system efficiency, usability is considered the key factor; their proposed scheme, considering features, is able to enhance the usability of mobile device authentications. Their experimental results based on users and unauthorized users show an average error rate of without overfitting.

2.2.3 Combined Authentication

As described in previous sections, common user authentication schemes vary from password-based to biometric-based methods. Under such an approach, users are authorized based on only one of the aforementioned methods. However, some recent studies have shown that the combination of two or more above authentication schemes can be utilized to authenticate users and enhance the accuracy of authentication system. Some of the combination methods include face and touch authentication; signature and touch , authentication; PIN and touch authentication; and unlock pattern and movement-based touch authentication. In this section, some of the recent studies in combined authentication methods will be discussed.

De Luca et al. (2012) introduce a two-factor authentication scheme by using both the unlock screen password pattern and the touch dynamics performed to perform that pattern. It investigates the use of touch dynamics to improve the security of the login process and decrease the chance of a shoulder surfing attack. Their results on a lab and a long-term study provided the first proof that the security of password patterns can be increased by considering the touch dynamics. Similarly, Meng et al. (2016b) show that after several trials, users perform the same pattern somewhat stably. Due to this behavioral biometric, they develop a new touch movement-based user authentication scheme that authenticate users by combining users’ touch movements and Android unlock patterns called TMGuard. The authors evaluate the proposed scheme by collecting data from users, and show that TMGuard can enhance the security of Android unlock patterns while maintaining its usability. Meng (2016) evaluates the effect of multi-touch behaviours on the creation of Android unlock patterns. The author designs two user studies with a total of users and shows that multi-touch movements have an impact on creating unlock patterns and graphical passwords.

Pasenchuk and Volkov (2016) introduced SignToLogin, a two-factor biometric authentication scheme that solves some drawbacks of the previous two-factor authentication approaches. It uses login ID and a push notification to authenticate users in two stages. The push notification is sent to users and asks them to enter their biometric as a second factor. This new push notification replaces the need for text messages which was used in insecure channels. Experimental results show that SignToLogin achieves an equal error rate of .

Later on, Van Nguyen et al. (2017) proposed the DRAW-A-PIN user authentication method in which the touch behavior of a user while drawing a PIN is used to authenticate the user. DRAW-A-PIN asks users to draw their PIN instead of typing it on a keypad on touch screens to analyze user touch behavior. To evaluate the performance of DRAW-A-PIN, data from volunteers over days and imitation samples from attackers was collected; the results indicate that in the scenario where the attacker knows the PIN, DRAW-A-PIN achieves an equal error rate of . Moreover, in the scenario where the attacker knows how to reproduce the exact same drawn PIN, DRAW-A-PIN rejects attackers at a rate of .

The study of Zheng et al. (2014) found that a user’s tapping signature combined with their PINs can reduce the chance of any possible attacks and increases the accuracy of user authentication. In this manner, based on collected data from over users and exploiting the combination of four features, they show that the proposed authentication scheme has high accuracy with average error rate of . In a similar study, Sun et al. (2014) introduces a two-factor authentication approach using both the geometric properties of a user’s drawn curves and its behavioral and physiological characteristics. The proposed method, TouchIn, achieved high security, efficiency, and usability. the next year, Chen et al. (2015) introduced RhyAuth, a two-factor authentication scheme based on the performance of users on a sequence of rhythmic taps and/or slides on touch screen devices. RhyAuth uses the user-chosen rhythmic and touch biometrics while inputting that rhythm. Using collected data from users, the authors show that their proposed method is highly secure against attackers.

Researchers from IBM (Trewin et al. (2012)) conducted research to examine user time, effort, error, and task disruption on password entry and three biometric authentication schemes, i.e., voice, face, and gesture. Their results in a laboratory study show that face and voice authentication schemes were faster than password entry, while voice was less usable than the other three.

Shahzad et al. (2017) propose a novel authentication scheme, called BEAT, that considers behavioral biometrics and certain actions, i.e., a gesture or a signature. A gesture can be an interaction of a user with the touch screen while a signature is a unique handwritten depiction of the user’s name. This authentication method helps in preventing attacks such as shoulder surfing while the attackers cannot reproduce the touch behavior of the user. To perform the computational results, data from users are collected, and it is shown that BEAT with seven types of features (i.e., velocity magnitude, device acceleration, stroke time, inter-stroke time, stroke displacement magnitude, stroke displacement direction, and velocity direction) achieves an average equal error rate of with three gestures and with a single signature.

In a similar study, Buriro et al. (2015) proposes a new combined authentication scheme for touch-typing behavior of the user called ”Touchstroke”. They specifically use data from how the user holds their phone and how the -digit text-independent PIN is entered. The holding scheme is determined by built-in sensors including orientation, gravity and gyroscope. Random Forest and BayesNET are used to test the data collected from users. The results show highly accurate user authentication.

Recently, Buschek et al. (2018) propose a filtering concept to log typing biometrics of users without recording a text’s content. They released an Android keyboard app to implement the concept they proposed. With this free text entry study, in three weeks, authors presented the first analyses of both keyboard use and typing biometrics based on unfiltered real world evidence. Some of the biometric features considered are speed, posture, apps, auto correction, and word suggestions. They finally concluded that free and unconstrained studying of typing biometrics of users on a daily basis can produce different results than inside lab experiments.

In 2014, Kang et al. (2014)

proposed a two-factor identification scheme based on username/password and face recognition authentication schemes. Following the same idea, the study of

Smith-Creasey and Rajarajan (2016) presented a novel stacked classifier approach to implement a user authentication framework considering both face and touch authentication schemes. Authors use a public data set of face and touch-gesture modalities for users, and the results show that the proposed multi model framework reduces the false acceptance risk and achieves an equal error rate of for a single sample.

Song et al. (2017) conducted research on authenticating users based on both hand geometry and behavioral characteristics. Specifically, users are asked to perform specially designed multi-touch gestures (TEST gestures which require users to stretch their fingers and put them together) with one swipe on multi-touch screens devices. To evaluate the results, authors analyze data collected from users and show that the proposed method achieves an average error rate of with training samples and with enough training samples.

This year, Buriro et al. (2018) introduced a user authentication scheme that uses both user tapping/touching behavior and hand micro-movements while entering a text-independent 10-digit number, called DIALERAUTH. Experimental results on data collected from users prove the resilience of DIALERAUTH against random and mimic attacks while achieving usability and acceptance by a mean score of .

A study by Neal and Woodard (2017) addresses a user authentication scheme using associative classification. As a matter of behavioral biometrics, they provide a performance analysis of applications, Bluetooth, and Wi-Fi usage data and collect data from

users. Named association rules are extracted and combined as a feature extraction technique to demonstrate the effectiveness of associative classification. Results indicate the accuracy of applications and Bluetooth traffic with an accuracy rate of


Regarding a more novel topic, implicit authentication, Shen et al. (2018) addressed a continuous and implicit user authentication scheme using motion sensors inside smart-phones to monitor users’ daily activities. They establish a data set collected from users while considering five typical human daily activities and five phone placements. Authors present the average error rate of their proposed method and show that their proposed approach is feasible only in some real scenarios. Another article to address is presented by Akhtar et al. (2017), which presents an unconstrained and implicit smart-phone multimodel biometric system. Micro-movements of the smart-phone, movements of the user’s finger during typing on the touchscreen, and the user’s face features are the phone movements, touch strokes, and face patterns that the article uses to authenticate users. Computational results on the data collected from users show high accuracy while increasing the security and usability.

3 Conclusion

In this section, we present some of the key findings of our survey. During this survey, we noticed that supervised learning techniques have been used more frequently than unsupervised methods. To be more specific, the most commonly used fraud detection techniques are LR, ANN, DT, SVM and NB. As a matter of fact, according to the study by Albashrawi (2016), among the most applied methods in a period ranging from to , LR seems to be the leading technique in detecting financial fraud with usage frequency, followed by both ANN and DT, with . SVM and NB are represented by and frequency, respectively. Moreover, these techniques have been used alone or combined with an ensemble technique to build strong detection classifiers.

Though the frequency of using supervised methods could be due to the fraud context and the availability of labeled data, it could also be also based on the performance of these methods. In other words, supervised learning techniques might be better-performing tools than the unsupervised ones in detecting financial frauds. Another reason for under-employment of unsupervised learning methods could be the challenge of coming up with a reasonable objective measure of the algorithm’s accuracy, since there is no set standard (like a target output or a label). Therefore, choosing an appropriate measure to assess the similarity of the instances or to compare different structures in the data is always challenging in this learning framework. This a limitation of unsupervised methods in general and not specific to the problem of fraud detection. Therefore, in the availability of annotated transactional data, it is recommended to use a supervised method, due to its advantages.

We also discussed some of the most recent and relevant articles in the field of user authentication. In general, the articles in this area can be categorized as one of the following:

4 Future Directions

Recent research suggests that the inclusion of contextual information— collected along side of the behavioral profiles—leads to more stable and accurate profile-based intrusion detection systems (Yampolskiy and Govindaraju, 2008; Kim et al., 2006; Sommer and Paxson, 2003)

. However, obtaining biometric data in sufficient quantity is always challenging, due to the privacy of individuals providing the data. One solution to this problem could be generating large quantities of high quality synthetic yet realistic biometric data, which would lead to the development of more robust anomaly detection models. The main focus and goal for such a simulation would be to yield a completely self-sufficient data set with the goal of having similar statistical properties as the original data set. To yield such results, the simulator must go through several steps. The concepts that are behind the model are based on statistical analysis of large batches of real data.

This data should be generated in such a way that it includes more modalities on the behavior of the users. For example, the data might include a set of features on combination of movement, orientation, touch, and gesture behaviors of users on their smartphones. The expectation is that using more modalities has the potential to reduce error rates of state-of-the-art authentication models that only use touch or phone movement features in isolation. Also, including a more comprehensive set of features enables conducting a feature analysis, which help determine the features that are (more) responsible for a particular decision. Moreover, generating a simulated set of data creates the opportunity to investigate the power of deep learning models when dealing with large-scale context-informed behavioral data.


  • V. Agaskar, M. Babariya, S. Chandran, and N. Giri (2017) Unsupervised learning for credit card fraud detection. International Research Journal of Engineering and Technology (IRJET). Cited by: §2.1.2.
  • Z. Akhtar, A. Buriro, B. Crispo, and T. H. Falk (2017) Multimodal smartphone user authentication using touchstroke, phone-movement and face patterns. In Signal and Information Processing (GlobalSIP), 2017 IEEE Global Conference on, pp. 1368–1372. Cited by: §2.2.3.
  • M. Albashrawi (2016) Detecting financial fraud using data mining techniques: a decade review from 2004 to 2015..

    Journal of Data Science

    14 (3).
    Cited by: §3.
  • A. J. Aviv, K. L. Gibson, E. Mossop, M. Blaze, and J. M. Smith (2010) Smudge attacks on smartphone touch screens.. Woot 10, pp. 1–7. Cited by: §2.2.1.
  • A. C. Bahnsen, D. Aouada, and B. Ottersten (2015) Example-dependent cost-sensitive decision trees. Expert Systems with Applications 42 (19), pp. 6609–6619. Cited by: §2.1.1.
  • A. C. Bahnsen, A. Stojanovic, D. Aouada, and B. Ottersten (2013) Cost sensitive credit card fraud detection using bayes minimum risk. In Proceedings-2013 12th International Conference on Machine Learning and Applications, ICMLA 2013, Vol. 1, pp. 333–338. Cited by: §2.1.1.
  • M. H. Barkadehi, M. Nilashi, O. Ibrahim, A. Z. Fardi, and S. Samad (2018) Authentication systems: a literature review and classification. Telematics and Informatics. Cited by: §2.2.
  • T. K. Behera and S. Panigrahi (2015) Credit card fraud detection: a hybrid approach using fuzzy clustering & neural network. In Advances in Computing and Communication Engineering (ICACCE), 2015 Second International Conference on, pp. 494–499. Cited by: §2.1.2.
  • F. Bergadano, D. Gunetti, and C. Picardi (2002) User authentication through keystroke dynamics. ACM Transactions on Information and System Security (TISSEC) 5 (4), pp. 367–397. Cited by: 1st item.
  • S. Bhattacharyya, S. Jha, K. Tharakunnel, and J. C. Westland (2011) Data mining for credit card fraud: a comparative study. Decision Support Systems 50 (3), pp. 602–613. Cited by: §2.1.1.
  • A. Buriro, B. Crispo, F. Del Frari, and K. Wrona (2015) Touchstroke: smartphone user authentication based on touch-typing biometrics. In International Conference on Image Analysis and Processing, pp. 27–34. Cited by: §2.2.3.
  • A. Buriro, B. Crispo, S. Gupta, and F. Del Frari (2018) DIALERAUTH: a motion-assisted touch-based smartphone user authentication scheme. In Proceedings of the Eighth ACM Conference on Data and Application Security and Privacy, pp. 267–276. Cited by: §2.2.3.
  • D. Buschek, B. Bisinger, and F. Alt (2018) ResearchIME: a mobile keyboard application for studying free typing behaviour in the wild. In Proceedings of the 2018 CHI Conference on Human Factors in Computing Systems, pp. 255. Cited by: §2.2.3.
  • F. Cardinaux, C. Sanderson, and S. Bengio (2006) User authentication via adapted statistical models of face images. IEEE Transactions on Signal Processing 54 (1), pp. 361–373. Cited by: §2.2.2.
  • M. P. Centeno, Y. Guan, and A. van Moorsel (2018)

    Mobile based continuous authentication using deep features

    In Proceedings of the 2nd International Workshop on Embedded and Mobile Deep Learning, pp. 19–24. Cited by: A Comprehensive Survey on Machine Learning Techniques and User Authentication Approaches for Credit Card Fraud Detection.
  • J. Chang and W. Chang (2014) Analysis of fraudulent behavior strategies in online auctions for detecting latent fraudsters. Electronic Commerce Research and Applications 13 (2), pp. 79–97. Cited by: §2.1.2.
  • R. Chen, T. Chen, and C. Lin (2006) A new binary support vector system for increasing detection rate of credit card fraud.

    International Journal of Pattern Recognition and Artificial Intelligence

    20 (02), pp. 227–239.
    Cited by: §2.1.1.
  • R. Chen, S. Luo, X. Liang, and V. C. Lee (2005) Personalized approach based on svm and ann for detecting credit card fraud. In Neural Networks and Brain, 2005. ICNN&B’05. International Conference on, Vol. 2, pp. 810–815. Cited by: §2.1.1.
  • Y. Chen, J. Sun, R. Zhang, and Y. Zhang (2015) Your song your way: rhythm-based two-factor authentication for multi-touch mobile devices. In Computer Communications (INFOCOM), 2015 IEEE Conference on, pp. 2686–2694. Cited by: §2.2.3.
  • D. Chudá and M. Ďurfina (2009) Multifactor authentication based on keystroke dynamics. In Proceedings of the International Conference on Computer Systems and Technologies and Workshop for PhD Students in Computing, pp. 89. Cited by: 1st item.
  • N. L. Clarke and S. M. Furnell (2007) Authenticating mobile phone users using keystroke analysis. International Journal of Information Security 6 (1), pp. 1–14. Cited by: 1st item.
  • J. Dai and J. Zhou (2011) Multifeature-based high-resolution palmprint recognition. IEEE Transactions on Pattern Analysis and Machine Intelligence 33 (5), pp. 945–957. Cited by: §2.2.2.
  • A. Dal Pozzolo, G. Boracchi, O. Caelen, C. Alippi, and G. Bontempi (2015) Credit card fraud detection and concept-drift adaptation with delayed supervised information. In Neural Networks (IJCNN), 2015 International Joint Conference on, pp. 1–8. Cited by: §2.1.1.
  • A. Dal Pozzolo, O. Caelen, Y. Le Borgne, S. Waterschoot, and G. Bontempi (2014) Learned lessons in credit card fraud detection from a practitioner perspective. Expert systems with applications 41 (10), pp. 4915–4928. Cited by: §2.1.1.
  • A. Darabseh and A. S. Namin (2014) The accuracy of user authentication through keystroke features using the most frequent words. In Proceedings of the 9th Annual Cyber and Information Security Research Conference, pp. 85–88. Cited by: 1st item.
  • A. De Luca, A. Hang, F. Brudy, C. Lindner, and H. Hussmann (2012) Touch me once and i know it’s you!: implicit authentication based on touch screen patterns. In Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, pp. 987–996. Cited by: §2.2.1, §2.2.3.
  • Q. Deng and G. Mei (2009)

    Combining self-organizing map and k-means clustering for detecting fraudulent financial statements

    In Granular Computing, 2009, GRC’09. IEEE International Conference on, pp. 126–131. Cited by: §2.1.2.
  • V. Dheepa and R. Dhanapal (2012) BEHAVIOR based credit card fraud detection using support vector machines. ICTACT Journal on Soft Computing 2 (4), pp. 391–397. Cited by: §2.1.1.
  • P. Dunphy, A. P. Heiner, and N. Asokan (2010) A closer look at recognition-based graphical passwords on mobile devices. In Proceedings of the Sixth Symposium on Usable Privacy and Security, pp. 3. Cited by: §2.2.1.
  • T. Feng, Z. Liu, K. Kwon, W. Shi, B. Carbunar, Y. Jiang, and N. Nguyen (2012) Continuous mobile authentication using touchscreen gestures. In Homeland Security (HST), 2012 IEEE Conference on Technologies for, pp. 451–456. Cited by: A Comprehensive Survey on Machine Learning Techniques and User Authentication Approaches for Credit Card Fraud Detection.
  • D. Florencio and C. Herley (2007) A large-scale study of web password habits. In Proceedings of the 16th international conference on World Wide Web, pp. 657–666. Cited by: §2.2.1.
  • M. Frank, R. Biedert, E. Ma, I. Martinovic, and D. Song (2013) Touchalytics: on the applicability of touchscreen input as a behavioral biometric for continuous authentication. IEEE transactions on information forensics and security 8 (1), pp. 136–148. Cited by: 2nd item.
  • N. Z. Gong, M. Payer, R. Moazzezi, and M. Frank (2016) Forgery-resistant touch-based authentication on mobile devices. In Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security, pp. 499–510. Cited by: 2nd item.
  • N. Gunson, D. Marshall, F. McInnes, and M. Jack (2011) Usability evaluation of voiceprint authentication in automated telephone banking: sentences versus digits. Interacting with Computers 23 (1), pp. 57–69. Cited by: §2.2.2.
  • D. Huang, W. Jia, and D. Zhang (2008) Palmprint verification based on principal lines. Pattern Recognition 41 (4), pp. 1316–1328. Cited by: §2.2.2.
  • M. Inoue and T. Ogawa (2017) One tap owner authentication on smartphones. In Proceedings of the 15th International Conference on Advances in Mobile Computing & Multimedia, pp. 22–28. Cited by: 2nd item.
  • M. Inoue and T. Ogawa (2018) TapOnce: a novel authentication method on smartphones. International Journal of Pervasive Computing and Communications 14 (1), pp. 33–48. Cited by: 2nd item, 2nd item.
  • S. Jha, M. Guillen, and J. C. Westland (2012) Employing transaction aggregation strategy to detect credit card fraud. Expert systems with applications 39 (16), pp. 12650–12657. Cited by: §2.1.1.
  • C. Jiang, J. Song, G. Liu, L. Zheng, and W. Luan (2018) Credit card fraud detection: a novel approach using aggregation strategy and feedback mechanism. IEEE Internet of Things Journal. Cited by: §2.1.2.
  • C. Jiang, S. Shieh, and J. Liu (2007) Keystroke statistical learning model for web authentication. In Proceedings of the 2nd ACM symposium on Information, computer and communications security, pp. 359–361. Cited by: 1st item.
  • J. Kang, D. Nyang, and K. Lee (2014) Two-factor face authentication using matrix permutation transformation and a user password. Information Sciences 269, pp. 1–20. Cited by: §2.2.3.
  • H. Khan, A. Atwater, and U. Hengartner (2014) A comparative evaluation of implicit authentication schemes. In International Workshop on Recent Advances in Intrusion Detection, pp. 255–275. Cited by: A Comprehensive Survey on Machine Learning Techniques and User Authentication Approaches for Credit Card Fraud Detection.
  • D. Kim, P. Dunphy, P. Briggs, J. Hook, J. W. Nicholson, J. Nicholson, and P. Olivier (2010) Multi-touch authentication on tabletops. In Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, pp. 1093–1102. Cited by: §2.2.1.
  • M. Kim and T. Kim (2002) A neural classifier with fraud density map for effective credit card fraud detection. In International Conference on Intelligent Data Engineering and Automated Learning, pp. 378–383. Cited by: §2.1.1.
  • Y. Kim, J. Jo, and K. K. Suh (2006) Baseline profile stability for network anomaly detection. In Information Technology: New Generations, 2006. ITNG 2006. Third International Conference on, pp. 720–725. Cited by: §4.
  • R. Kumar, P. P. Kundu, and V. V. Phoha (2018) Continuous authentication using one-class classifiers and their fusion. In 2018 IEEE 4th International Conference on Identity, Security, and Behavior Analysis (ISBA), pp. 1–8. Cited by: A Comprehensive Survey on Machine Learning Techniques and User Authentication Approaches for Credit Card Fraud Detection.
  • S. Kumari and A. Choubey (2017) CREDIT card fraud detection using hmm and k-means clustering algorithm. International Journal of Scientific Research Engineering & Technology (IJSRET) 6. External Links: ISSN ISSN 2278 – 0882 Cited by: §2.1.2.
  • D. Kunda and M. Chishimba (2018) A survey of android mobile phone authentication schemes. Mobile Networks and Applications, pp. 1–9. Cited by: §2.2.2, §2.2.
  • Y. S. Lee, W. Hetchily, J. Shelton, D. Gunn, K. Roy, A. Esterline, and X. Yuan (2016)

    Touch based active user authentication using deep belief networks and random forests

    In Information Communication and Management (ICICM), International Conference on, pp. 304–308. Cited by: A Comprehensive Survey on Machine Learning Techniques and User Authentication Approaches for Credit Card Fraud Detection.
  • Q. Lu and C. Ju (2011) Research on credit card fraud detection model based on class weighted support vector machine. Journal of Convergence Information Technology 6 (1). Cited by: §2.1.1.
  • N. Mahmoudi and E. Duman (2015) Detecting credit card fraud by modified fisher discriminant analysis. Expert Systems with Applications 42 (5), pp. 2510–2516. Cited by: §2.1.1.
  • M. S. Mahmud, P. Meesad, and S. Sodsee (2016) An evaluation of computational intelligence in credit card fraud detection. In Computer Science and Engineering Conference (ICSEC), 2016 International, pp. 1–6. Cited by: §2.1.1.
  • D. Maio, D. Maltoni, R. Cappelli, J. L. Wayman, and A. K. Jain (2002) FVC2000: fingerprint verification competition. IEEE Transactions on Pattern Analysis & Machine Intelligence (3), pp. 402–412. Cited by: §2.2.2.
  • R. Mansour (2016) Iris recognition using gauss laplace filter. American Journal of Applied Sciences. 2016l 13 (9), pp. 962–8. Cited by: §2.2.2.
  • W. Meng, W. Li, L. Jiang, and L. Meng (2016a) On multiple password interference of touch screen patterns and text passwords. In Proceedings of the 2016 CHI Conference on Human Factors in Computing Systems, pp. 4818–4822. Cited by: §2.2.1.
  • W. Meng, W. Li, D. S. Wong, and J. Zhou (2016b) TMGuard: a touch movement-based security mechanism for screen unlock patterns on smartphones. In International Conference on Applied Cryptography and Network Security, pp. 629–647. Cited by: §2.2.3.
  • W. Meng, W. Li, and D. S. Wong (2018a) Enhancing touch behavioral authentication via cost-based intelligent mechanism on smartphones. Multimedia Tools and Applications, pp. 1–19. Cited by: 2nd item, §2.2.2.
  • W. Meng, Y. Wang, D. S. Wong, S. Wen, and Y. Xiang (2018b) TouchWB: touch behavioral user authentication based on web browsing on smartphones. Journal of Network and Computer Applications 117, pp. 1–9. Cited by: 2nd item.
  • W. Meng, D. S. Wong, S. Furnell, and J. Zhou (2015) Surveying the development of biometric user authentication on mobile phones. IEEE Communications Surveys & Tutorials 17 (3), pp. 1268–1293. Cited by: §2.2.
  • W. Meng (2016) Evaluating the effect of multi-touch behaviours on android unlock patterns. Information & Computer Security 24 (3), pp. 277–287. Cited by: §2.2.3.
  • Y. Meng, D. S. Wong, et al. (2014) Design of touch dynamics based user authentication with an adaptive mechanism on mobile phones. In Proceedings of the 29th Annual ACM Symposium on Applied Computing, pp. 1680–1687. Cited by: 2nd item.
  • Y. Meng, D. S. Wong, R. Schlegel, et al. (2012) Touch gestures based biometric authentication scheme for touchscreen mobile phones. In International Conference on Information Security and Cryptology, pp. 331–350. Cited by: 2nd item, §2.2.2, 2nd item.
  • R. A. Mohammed, K. Wong, M. F. Shiratuddin, and X. Wang (2018) Scalable machine learning techniques for highly imbalanced credit card fraud detection: a comparative study. In Pacific Rim International Conference on Artificial Intelligence, pp. 237–246. Cited by: §2.1.1.
  • T. J. Neal and D. L. Woodard (2016) Surveying biometric authentication for mobile device security. Journal of Pattern Recognition Research 1, pp. 74–110. Cited by: §2.2.
  • T. J. Neal and D. L. Woodard (2017) Using associative classification to authenticate mobile device users. In Biometrics (IJCB), 2017 IEEE International Joint Conference on, pp. 71–79. Cited by: §2.2.3.
  • Y. Numabe, H. Nonaka, and T. Yoshikawa (2009) Finger identification for touch panel operation using tapping fluctuation. In Consumer Electronics, 2009. ISCE’09. IEEE 13th International Symposium on, pp. 899–902. Cited by: §2.2.2.
  • D. Olszewski (2014) Fraud detection using self-organizing map visualizing the user profiles. Knowledge-Based Systems 70, pp. 324–334. Cited by: §2.1.2.
  • V. A. Pasenchuk and D. A. Volkov (2016) SignToLogin cloud service of biometrie two-factor authentication using mobile devices. In Micro/Nanotechnologies and Electron Devices (EDM), 2016 17th International Conference of Young Specialists on, pp. 164–167. Cited by: §2.2.3.
  • R. Patidar and L. Sharma (2011) Credit card fraud detection using neural network. In In IJSCE ISSN: 2231-2307, Volume-1, Issue-NCAI2011, Cited by: §2.1.1.
  • P. J. Phillips, J. R. Beveridge, B. A. Draper, G. Givens, A. J. O’Toole, D. S. Bolme, J. Dunlop, Y. M. Lui, H. Sahibzada, and S. Weimer (2011) An introduction to the good, the bad, & the ugly face recognition challenge problem. In Automatic Face & Gesture Recognition and Workshops (FG 2011), 2011 IEEE International Conference on, pp. 346–353. Cited by: §2.2.2.
  • J. K. Pillai, V. Patel, R. Chellappa, and N. Ratha (2016) Robust and secure iris recognition. In Handbook of Iris Recognition, pp. 247–268. Cited by: §2.2.2.
  • J. Pun and Y. Lawryshyn (2012) Improving credit card fraud detection using a meta-classification strategy. International Journal of Computer Applications 56 (10). Cited by: §2.1.1.
  • A. U. Rehman, M. Awais, and M. A. Shah (2017) Authentication analysis using input gestures in touch-based mobile devices. In Automation and Computing (ICAC), 2017 23rd International Conference on, pp. 1–5. Cited by: 2nd item.
  • G. Rushin, C. Stancil, M. Sun, S. Adams, and P. Beling (2017) Horse race analysis in credit card fraud deep learning, logistic regression, and gradient boosted tree. In Systems and Information Engineering Design Symposium (SIEDS), 2017, pp. 117–121. Cited by: §2.1.1.
  • N. Sae-Bae, N. Memon, K. Isbister, and K. Ahmed (2014) Multitouch gesture-based authentication. IEEE transactions on information forensics and security 9 (4), pp. 568–582. Cited by: 2nd item.
  • Y. Sahin, S. Bulkan, and E. Duman (2013) A cost-sensitive decision tree approach for fraud detection. Expert Systems with Applications 40 (15), pp. 5916–5923. Cited by: §2.1.1.
  • Y. Sahin and E. Duman (2011) Detecting credit card fraud by ann and logistic regression. In Innovations in Intelligent Systems and Applications (INISTA), 2011 International Symposium on, pp. 315–319. Cited by: §2.1.1.
  • K. Seeja and M. Zareapoor (2014) FraudMiner: a novel credit card fraud detection model based on frequent itemset mining. The Scientific World Journal 2014. Cited by: §2.1.1.
  • M. Shahzad, A. X. Liu, and A. Samuel (2017) Behavior based human authentication on touch screen devices using gestures and signatures. IEEE Transactions on Mobile Computing 16 (10), pp. 2726–2741. Cited by: §2.2.3.
  • V. Sharma and R. Enbody (2017) User authentication and identification from user interface interactions on touch-enabled devices. In Proceedings of the 10th ACM Conference on Security and Privacy in Wireless and Mobile Networks, pp. 1–11. Cited by: 2nd item, §2.2.2.
  • A. Shen, R. Tong, and Y. Deng (2007) Application of classification models on credit card fraud detection. In Service Systems and Service Management, 2007 International Conference on, pp. 1–4. Cited by: §2.1.1.
  • C. Shen, Y. Chen, and X. Guan (2018) Performance evaluation of implicit smartphones authentication via sensor-behavior analysis. Information Sciences 430, pp. 538–553. Cited by: §2.2.3.
  • M. Smith-Creasey and M. Rajarajan (2016) A continuous user authentication scheme for mobile devices. In Privacy, Security and Trust (PST), 2016 14th Annual Conference on, pp. 104–113. Cited by: §2.2.3.
  • R. Sommer and V. Paxson (2003) Enhancing byte-level network intrusion detection signatures with context. In Proceedings of the 10th ACM conference on Computer and communications security, pp. 262–271. Cited by: §4.
  • Y. Song, Z. Cai, and Z. Zhang (2017) Multi-touch authentication using hand geometry and behavioral information. In Security and Privacy (SP), 2017 IEEE Symposium on, pp. 357–372. Cited by: §2.2.3.
  • J. Sun, R. Zhang, J. Zhang, and Y. Zhang (2014) Touchin: sightless two-factor authentication on multi-touch mobile devices. In Communications and Network Security (CNS), 2014 IEEE Conference on, pp. 436–444. Cited by: §2.2.3.
  • F. Tari, A. Ozok, and S. H. Holden (2006) A comparison of perceived and real shoulder-surfing risks between alphanumeric and graphical passwords. In Proceedings of the second symposium on Usable privacy and security, pp. 56–66. Cited by: §2.2.1.
  • P. S. Teh, N. Zhang, A. B. J. Teoh, and K. Chen (2015) Recognizing your touch: towards strengthening mobile device authentication via touch dynamics integration. In Proceedings of the 13th International Conference on Advances in Mobile Computing and Multimedia, pp. 108–116. Cited by: 2nd item.
  • S. Trewin, C. Swart, L. Koved, J. Martino, K. Singh, and S. Ben-David (2012) Biometric authentication on a mobile device: a study of user effort, error and task disruption. In Proceedings of the 28th Annual Computer Security Applications Conference, pp. 159–168. Cited by: §2.2.3.
  • Vaishali (2014) Article: fraud detection in credit card by clustering approach. International Journal of Computer Applications 98 (3), pp. 29–32. Note: Full text available Cited by: §2.1.2.
  • T. Van Nguyen, N. Sae-Bae, and N. Memon (2017) DRAW-a-pin: authentication using finger-drawn pin on touch devices. computers & security 66, pp. 115–128. Cited by: §2.2.3.
  • V. Van Vlasselaer, C. Bravo, O. Caelen, T. Eliassi-Rad, L. Akoglu, M. Snoeck, and B. Baesens (2015) APATE: a novel approach for automated credit card transaction fraud detection using network-based extensions. Decision Support Systems 75, pp. 38–48. Cited by: §2.1.1.
  • R. Wallace, M. McLaren, C. McCool, and S. Marcel (2011) Inter-session variability modelling and joint factor analysis for face authentication. Cited by: §2.2.2.
  • R. Wallace, M. McLaren, C. McCool, and S. Marcel (2012)

    Cross-pollination of normalization techniques from speaker to face authentication using gaussian mixture models

    IEEE Transactions on Information Forensics and Security 7 (2), pp. 553–562. Cited by: §2.2.2.
  • Y. Wang, S. Adams, P. Beling, S. Greenspan, S. Rajagopalan, M. Velez-Rojas, S. Mankovski, S. Boker, and D. Brown (2018) Privacy preserving distributed deep learning and its application in credit card fraud detection. In 2018 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/12th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE), pp. 1070–1078. Cited by: §2.1.1.
  • Y. Watanabe and L. Kun (2017) Long-term influence of user identification based on touch operation on smart phone. Procedia Computer Science 112, pp. 2529–2536. Cited by: A Comprehensive Survey on Machine Learning Techniques and User Authentication Approaches for Credit Card Fraud Detection.
  • C. Whitrow, D. J. Hand, P. Juszczak, D. Weston, and N. M. Adams (2009) Transaction aggregation as a strategy for credit card fraud detection. Data Mining and Knowledge Discovery 18 (1), pp. 30–55. Cited by: §2.1.1.
  • R. V. Yampolskiy and V. Govindaraju (2008) Generation of artificial biometric data enhanced with contextual information for game strategy-based behavioral biometrics. In Biometric Technology for Human Identification V, Vol. 6944, pp. 69440N. Cited by: §4.
  • J. Yan, A. Blackwell, R. Anderson, and A. Grant (2004) Password memorability and security: empirical results. IEEE Security & privacy 2 (5), pp. 25–31. Cited by: §2.2.1.
  • I. Yeh and C. Lien (2009) The comparisons of data mining techniques for the predictive accuracy of probability of default of credit card clients. Expert Systems with Applications 36 (2), pp. 2473–2480. Cited by: §2.1.1.
  • S. Zahid, M. Shahzad, S. A. Khayam, and M. Farooq (2009) Keystroke-based user identification on smart phones. In International Workshop on Recent Advances in Intrusion Detection, pp. 224–243. Cited by: 1st item.
  • N. Zheng, K. Bai, H. Huang, and H. Wang (2014) You are how you touch: user verification on smartphones via tapping behaviors.. In ICNP, Vol. 14, pp. 221–232. Cited by: §2.2.2, §2.2.3.
  • J. Zhou, F. Chen, N. Wu, and C. Wu (2009) Crease detection from fingerprint images and its applications in elderly people. Pattern Recognition 42 (5), pp. 896–906. Cited by: §2.2.2.