Fraud Detection Patterns in Indian Fintech: 7 We've Shipped
Indian fintech fraud has its own taxonomy. Some patterns are universal (synthetic identity, mule accounts); some are specific to India (Aadhaar-based identity collisions, UPI-mediated mule rings, semi-formal lending fraud). Here are seven patterns we've actually shipped detection for.
Key takeaways
- Fraud detection is rarely one model, it's a stack of rules, scores, and human review.
- Most fraud signals are weak individually and strong in combination.
- The right metric is "fraud caught with acceptable false positive rate at this approval rate", not raw accuracy.
- Build observability into fraud decisions so you can debug why a real user was blocked.
Why this matters
Indian fintech operates at thin margins; a 2% fraud loss rate can wipe out profitability. Equally damaging: aggressive fraud rules reject good customers and tank your approval rate. The win is precision-recall balance, not maxing one metric.
The 7 patterns
1. Synthetic identity
A user presents Aadhaar + PAN + bank account that all individually verify but don't belong to a real person. Signal: cross-checking the trio's consistency, plus device-history signal.
2. Mule accounts
A real account being used by a third party to receive fraudulent funds. Signal: rapid in-out flow, beneficiary pattern, login geography drift.
3. Velocity fraud
Same device or IP attempting multiple applications in short windows. Signal: device fingerprinting + temporal clustering.
4. Document fraud
OCR'd documents that pass surface checks but show signs of tampering. Signal: image-level model trained on real-vs-fake documents.
5. Device farms
Coordinated fraud rings using rooted devices, emulators, or automated tooling. Signal: app integrity checks + behavioral biometrics + IP reputation.
6. KYC bypass
Liveness video that's actually a deepfake or replay. Signal: liveness model + cross-modality consistency (face match + voice match + behavioral).
7. Repayment fraud
Strategic default after disbursal, borrowers gaming the cooling-off period or coordinated default rings. Signal: post-disbursal behavioral analysis + early-warning models.
What works in production
For most of these, we use a layered approach: rule-based prefilter (cheap, catches obvious) → ML-based scoring (more expensive, catches subtle) → human review for borderline cases. Layered systems beat any single model.
Evaluation rubric
Every fraud feature should have:
- A labeled dataset of confirmed fraud and confirmed-good cases
- Precision and recall at multiple thresholds
- False positive rate per population segment (so you don't bias against legitimate users)
- A way to capture and re-train on missed cases
Without these, you're flying blind.
Common pitfalls
Over-trusting one model. Fraud is adversarial; no single model holds up forever.
Ignoring false positives. Blocked good customers stop using your app. CAC is wasted; LTV is lost.
No appeal path. Build a manual review queue and an appeal mechanism. Compliance and trust depend on it.
What we recommend
Start with rules for top 3-4 patterns; add ML where rules under-perform. Build an analyst-facing dashboard from day one, fraud is human-in-the-loop work. Measure everything; iterate quarterly.
FAQs
Build vs buy? Commercial fraud tools (Bureau, IDfy, HyperVerge fraud) are strong for KYC-stage detection. In-product fraud (mule accounts, velocity) is usually in-house.
Can AI hallucinate fraud? Yes, false positives are the way models fail. Manual review safety net is non-negotiable.
ROI of fraud spend? Typical Indian fintech spends 1-3% of revenue on fraud tooling and team; net savings 4-10× that.
