Fraud Graph: Visualizing and Detecting Fraud Through Graph Analysis

Fraud affects organizations of all sizes. It can appear in many forms including credit card scams, identity theft, insurance fraud and money laundering. Traditional rule based detection methods are increasingly outsmarted by sophisticated fraudsters who adapt to circumvent these defenses. In today's fast evolving landscape, businesses need innovative strategies to detect and prevent fraud effectively.

To perform graph analysis on your data to detect fraud, you'll need the data in a graph format. A fraud graph can help to analyze and visualize the complex data that is part of detecting fraud, showing the connections between different entities involved in fraudulent activity. These entities can be people, organizations, or events. By analyzing those connections, businesses can spot patterns and anomalies that may be fraud more accurately.

In this post, we will cover everything you need to know about fraud graphs, from the benefits of graph analytics for fraud detection to examples of how graphs can be used to detect fraud. We’ll also introduce PuppyGraph, a graph analytics platform that can help with building fraud graphs more easily than traditional methods.

Let’s get started by understanding more about what a fraud graph is and why it’s essential for fraud detection.

What is a Fraud Graph?

A fraud graph is a visual representation of data that shows the connections between different entities involved in fraudulent activity. These entities can be people, organizations, events, or even digital attributes like IP addresses or device IDs. Think of it like a map: instead of roads connecting cities, a fraud graph uses lines to connect suspect entities.

These connections are important. By visualizing how the puzzle pieces that make up fraudulent activity fit together, investigators can spot hidden patterns and anomalies that would otherwise go undetected. For example, a fraud graph might show that two seemingly unrelated accounts share the same IP address or that a group of people use the same pattern to open fraudulent accounts. In short, fraud graphs transform complex data into a clear, actionable picture that helps organizations detect and understand fraudulent behavior more effectively.

Why Do You Need Fraud Graphs?

Traditional fraud detection methods often rely on rule based systems that treat each data point on its own. These systems check individual transactions against a fixed set of criteria. However, modern fraud is rarely isolated. Fraudsters typically operate in networks, linking several accounts, devices, or transactions to mask their activity. Fraud graphs capture these relationships, providing a view of how data points connect.

Using fraud graphs helps build a broader context. They reveal hidden links among accounts and transactions that might otherwise go unnoticed. This additional layer of information complements rule based methods by showing the underlying network structure. In effect, fraud graphs serve as a foundation for further analysis and investigation by exposing the web of interactions behind fraudulent behavior.

Key reasons to adopt fraud graphs include:

• Providing Context: They display the network of connections among accounts, devices, and transactions.
• Exposing Networks: They reveal the hidden links that can indicate coordinated fraud.
• Supplementing Traditional Methods: They add an extra perspective that isolated analysis may miss.
• Establishing a Foundation: They serve as a basis for more in depth investigation.

These graphs give you a visual framework that can guide further analysis.

Advantages of Graph Analytics in Fraud Detection

Graph analytics offers a set of tools that explore the relationships within fraud graphs. This approach goes beyond simply mapping connections. It helps reveal hidden links and detect unusual patterns that may signal fraud. The benefits of applying graph analytics to fraud detection include:

• Uncover hidden relationships: Fraudsters operate in networks, using multiple accounts, identities, and transactions to hide their activity. Graph analytics can show these hidden relationships, the connections between seemingly unrelated entities.
• Detect anomalies and outliers: Graph algorithms can find unusual patterns and behaviors that deviate from the norm, such as sudden spikes in activity, unusual connections between accounts, or suspicious transaction patterns.
• Predict future fraud: By analyzing historical data and finding patterns that precede fraudulent activity, graph analytics can predict future fraud and take action to prevent it.
• Faster and more accurate: Graph analytics can automate many of the manual tasks in fraud detection, like data analysis and pattern recognition, so you get faster and more accurate results.
• Reduce false positives: By giving you a broader view of the data, graph analytics can help reduce false positives, free up resources, and make fraud investigations more efficient.

By using graph analytics, you can gain an edge in the fight against fraud. Graph-based approaches give you a more complete and deeper view of the data so you can detect, prevent, and respond to fraud better.

Methods for Developing Fraud Graphs

In order to get the benefits of graph analysis, you have to build the graph against which you can run your queries and visualizations. Building fraud graphs requires a structured approach that combines data preparation, relationship modeling, and graph analysis. Here are the steps you'll need to follow to develop a fraud graph.

1. Data Collection and Preparation

First, you'll need to identify all of the data sources that will feed into your fraud graph. This could be transaction records, customer profiles, device information, network logs, social media data, etc. Once the data is selected, you'll need to apply various methods of data cleaning and transformation. This step requires you to clean and transform the data so it’s ready for graph analysis. This might involve handling missing values, standardizing formats, and resolving inconsistencies.

2. Entity and Relationship Modeling

With your data ready to go, now you'll need to figure out how to map it into your graph model. For this, you'll need to determine your entities (or nodes) and relationships (or edges). Here are some basic guidelines for how to divide up this data:

• Entities: Define the entities in your fraud detection use case. This will include mapping in data such as customers, accounts, devices, transactions, or IP addresses.
• Relationships: Define the relationships between the entities you've created. For example, a customer "owns" an account, a transaction "occurs on" an account, and an account "is accessed from" a device.

3. Graph Construction

With your data and graph model mapping complete, it's time for the real magic. Now, you'll need to bring the data into your graph database (or graph query engine, in the case of PuppyGraph). At this step, you'll need to bring up an instance of a graph database or connect a graph query engine like PuppyGraph to your SQL data store(s). Then, you'll begin loading in the data based on your mapping from step 2.

4. Graph Analysis

With your graph constructed, you can now dive into graph analysis to uncover fraud patterns. Graph analysis encompasses querying, visualization, and the application of various algorithms. For instance, you might use community detection to identify clusters that could indicate fraud rings, pathfinding to trace the flow of transactions between entities, centrality measures to pinpoint influential nodes, and similarity algorithms to detect coordinated behavior. This broader analysis approach helps reveal hidden relationships and abnormal patterns that may signal fraudulent activity.

By following these steps, you can build fraud graphs that give you valuable insights into fraudulent activity and help you develop prevention strategies. Although this simplifies the steps required to get started, we will show you later in this blog how you can use PuppyGraph to expedite this process and create a fraud graph in minutes. First, let's look at further examples of how a fraud graph can be used and what types of activities it can spot.

Examples of Using Graphs to Detect Fraud

Although we often think of fraud graphs as being mainly applicable in finance, fraud graphs have been used in various industries and scenarios. Here are a few examples of how graph analytics can be used to detect and prevent fraud across industries:

E-commerce Fraud

• Fake accounts: By looking at connections between accounts, shared IP addresses, email domains, or shipping addresses, graphs can help you identify fake accounts created for fraudulent purposes.
• Fraudulent transactions: Analyzing transaction patterns, unusual purchase amounts, frequent returns, or suspicious shipping addresses can help flag potential fraudulent transactions.

Financial Fraud

• Money laundering: Graphs can trace the flow of money through multiple accounts and transactions to reveal complex laundering schemes designed to hide the origin of illegal funds.
• Credit card fraud: By analyzing card usage patterns, unusual spending behavior, location anomalies, or connections to known fraudulent accounts, graphs can help detect and prevent credit card fraud.

Insurance Fraud

• False claims: Graphs can help you identify suspicious connections between claimants, witnesses, medical providers, and other parties involved in an insurance claim, which may indicate organized fraud rings.
• Premium fraud: By analyzing policyholder data, inconsistencies in application information, connections to fraudulent brokers, or suspicious claims history graphs can help you detect premium fraud.

Healthcare Fraud

• Fraudulent billing: Graphs can analyze billing patterns, patient records, and provider networks to detect suspicious billing practices, upcoding, phantom billing, or unnecessary procedures.
• Prescription drug abuse: By analyzing prescription data, patient records, and pharmacy networks, graphs can find suspicious prescribing patterns and potential drug diversion schemes.

These are just a few examples of how graph analytics can be used to detect and prevent fraud. Graph technology is a versatile tool to fight fraud across industries and domains. Now, let's take a look at just how easy and accessible fraud graphs can be when organizations use PuppyGraph.

Using PuppyGraph to Build a Fraud Graph

The core component of traditional graph solutions is a graph database. Unfortunately, this critical component also leads to a lot of overhead by the time you host your graph database and pipe all of your data into it. Getting the data into the graph database is a major hurdle for many would-be adopters of graph technologies. With PuppyGraph, users can completely circumvent this, connecting directly to the SQL data sources and accessing their data as a graph without any need to replicate the data or host a graph database. This is made possible through the PuppyGraph graph query engine, which delivers graph capabilities without the traditional pain points of a graph database.

Here's a simple demonstration of how you can use PuppyGraph to create a fraud graph. For a more detailed step-by-step tutorial, including all the necessary data and code, please visit our GitHub repository.

Deploy PuppyGraph

It is easy to deploy PuppyGraph, and can currently be done through Docker or an AWS AMI through AWS Marketplace. The AMI approach deploys your instance on your chosen infrastructure with just a few clicks. Below, we will focus on what it takes to launch a PuppyGraph instance on Docker.

With Docker installed, you can run the following command to launch the container in your terminal. 

docker run -p 8081:8081 -p 8182:8182 -p 7687:7687 -d --name puppy --rm --pull=always puppygraph/puppygraph:stable

Launch a PuppyGraph instance locally, in the cloud, or on a server with the command above. Then, open your browser and navigate to localhost:8081 (or your instance's URL) to access the PuppyGraph login screen.

After logging in with the default credentials (username: “puppygraph” and default password: “puppygraph123”) you’ll enter the application itself. At this point, our instance is ready to go, and we can begin connecting to our data sources.

Connect Your Data and Create Your Schema

To connect PuppyGraph to the underlying SQL data, you need to define the graph schema. You can manually add the vertices and edges through the interface, which includes functionality to auto-map your SQL data into the graph, or compose a JSON schema file and upload it. You need to configure the data source and specify the vertices and edges. You can refer to the connecting document for the details of those fields. 

For more details on exactly how this process works, please see the video below!

Once your data has been mapped in, you can submit your schema. After submitting the schema, you will see it nicely displayed in graph format.

With that, you've completed the setup of PuppyGraph and can begin using your data on the platform.

Query and Visualize Your Data

With all of the configuration complete, you can now query the graph using Gremlin or openCypher and visualize the results with the built-in graph visualization tool.

As new data is produced and added to your SQL data sources, your query results in PuppyGraph will update regularly.

PuppyGraph in Action

Want to see it in action? Here is a step-by-step demo showing you exactly how we created a fraud graph in a matter of minutes!

Conclusion

Fraud is a challenging problem that continues to evolve across industries. Traditional methods often miss complex schemes, leading to financial loss and damage to reputation. Graph analytics provides a way to visualize and analyze relationships between data points, helping to reveal hidden patterns and detect fraud more effectively.

A graph based approach enables organizations to better understand how fraudulent activity is connected, identify key players, and adjust to new tactics as they emerge. This method can lead to fewer false alerts and more efficient investigations.

Tools like PuppyGraph further simplify the process of building and analyzing fraud graphs, making this powerful technology accessible to a broader audience. With its user-friendly interface, pre-built algorithms, and interactive visualizations, PuppyGraph enables businesses to harness the power of graph analytics and stay ahead in the fight against fraud. 

PuppyGraph is already used by half of the top 20 cybersecurity companies, as well as engineering-driven enterprises like AMD and Coinbase. Whether it’s multi-hop security reasoning, asset intelligence, or deep relationship queries across massive datasets, these teams trust PuppyGraph to replace slow ETL pipelines and complex graph stacks with a simpler, faster architecture.

Ready to build your own fraud graph?  Download the forever free PuppyGraph Developer Edition, or book a free demo today with our graph expert.