Rules-Based vs Pattern-Based Detection
Rules-Based Detection: Uses explicit thresholds and conditions. Fast, deterministic, and explainable ("flagged because amount > $500"). However, rules are rigid and fraudsters can learn to stay just below thresholds.
Pattern-Based Detection: Uses machine learning to identify anomalies based on the user's historical behavior. More adaptive and catches subtle fraud, but harder to explain ("flagged because pattern analysis suggests anomaly").
Best Practice: Modern fraud systems use BOTH methods together. Rules catch obvious fraud quickly, while patterns catch sophisticated attempts that avoid triggering simple rules. Toggle them on/off to see how each performs!
β‘ Velocity Detection: The "High velocity" rule flags more than N transactions within some short period of time (in this case we set it to >7 in 10 sec; in real systems these numbers will be different!)- a classic sign of card testing attacks. The "Rapid Fire" button injects 3 legitimate purchases to show normal rapid shopping doesn't trigger fraud. Click it 2-3 times quickly to see velocity detection activate on the 8th+ transaction!
π‘ Try This: Adjust the customer's spending habits and travel frequency sliders, then watch how the same transactions get flagged differently! A $300 purchase might be normal for a luxury spender but suspicious for a budget-conscious customer. Similarly, a transaction from Japan is expected for a world traveler but alarming for someone who rarely leaves the USA.
π² Realistic Timing: Transaction timing uses an Erlang distribution (commonly used in telecommunications) to model realistic, variable arrival times. Transactions appear naturally spaced rather than at fixed intervals, just like real shopping behavior.