DESIGN AND IMPLEMENTATION OF A CREDIT CARD FRAUD

DETENTION SYSTEM
[A CASE STUDY OF FIRST BANK NIGERIA PLC.]

BY

IHEANACHO CHIZARAM CLINTON

COMMUNICATION CONSULTANT
INFORMATION AND COMMUNICATION CENTER ENUGU STATE
MINISTRY OF NATURAL.
UNIVERSITY COMMUNICATION CENTER - FUTO

PAPER PRESENTATION TO
FINTECH ASSOCIATION OF NIGERIA

MARCH, 2023.

1
 ABSTRACT
All over the world, the most accepted payment mode is via credit card for both
online and offline payments in today’s world, it helps implement the cashless
policy for shopping at every shop across the country. It is the most convenient
method to do shopping on the internet, and also for paying utility bills etc. Hence,
increasing the risks of credit card fraud transaction. In the existing manual credit
card fraud detection business processing system, fraudulent transaction will be
detected after transaction is done. It has become very difficult to find out
fraudulent and regarding loses will be barred by issuing authorities. In this
research, the researcher has proposed to design and implement a credit card fraud
detection system developed using HTML, CSS and PHP.

2
1.1 Background of the Study
In our day-to-day life, online transactions are increased to purchase goods and
services. According to Nielsen study conducted in 2007-2008, 28 of the world’s
total population has been using internet.85 of these people has used internet to
make online shopping and the rate of making online purchasing has increased by
40 from 2005 to 2008. The most common method of payment for online purchase
is credit card. in developed countries and also in developing countries to some
extent, credit card is most acceptable payment mode for online and offline
transaction. It can give financial loses to issuing authorities. In the second method
purchasing i.e., online, these transactions generally happen on telephone or internet
and to make this kind of transaction, the user will need some important information
about a credit card (such as credit card number, validity, CVV number, name of
card holder).
In our daily lives, credit cards are used for purchasing goods and services with the
help of virtual card for online transaction or physical card for offline transaction. In
a physical-card based purchase, the cardholder presents his card physically to a
merchant for making a payment. To carry out fraudulent transactions in this kind
of purchase, an attacker has to steal the credit card. If the cardholder does not
realize the loss of card, it can lead to a substantial financial loss to the credit card
company. In online payment mode, attackers need only little information for doing
fraudulent transaction (secure code, card number, expiration date etc.). In this
purchase method, mainly transactions will be done through Internet or telephone.
To commit fraud in these types of purchases, a fraudster simply needs to know the
card details. Most of the time, the genuine cardholder is not aware that someone
else has seen or stolen his card information. The only way to detect this kind of
fraud is to analyze the spending patterns on every card and to figure out any
inconsistency with respect to the “usual” spending patterns. Fraud detection based
3
on the analysis of existing purchase data of cardholder is a promising way to
reduce the rate of successful credit card frauds. Since humans tend to exhibit
specific behaviorist profiles, every Card holder can be represented by a set of
patterns containing information about the typical purchase category, the time since
the last purchase, the amount of money spent, etc.
Deviation from such patterns is a potential threat to the system

1.2 Statement of the Problem

It has already been mentioned that the losses of a credit card fraud can affect all
consumers, merchants and issuing banks. Therefore, it is important to establish
techniques for detecting and preventing credit card fraud. This research contains a
variety of techniques which can be used to build fraud detection systems.
Understanding the characteristics of all those techniques can be a tedious task. A
technique which promises a high predictive accuracy may be an appealing
candidate to be used in the fraud detection system. However, there are various
different parameters that need to be considered before deciding which technique
best suits the needs of a particular situation. And also, as all the transaction is
maintained in a log. And also, now a day’s lot of online purchase are made so we
don’t know the person how is using the card online, we just capture the IP address
for verification purpose. So, there is a need to develop a system to fight cyber-
crime and to aid in investigating the fraud. To avoid the entire above disadvantage,
we propose the system to detect the fraud in a best and easy way.

1.3 Aims and Objective of the Study

This research aims at the Design and Implementation of a credit card fraud
detection system to prevent credit card fraud.
4
The following are the objectives of the study:
1. Develop a system to keep record of every fraudulent credit card transaction
online.
2. A system to easily detect a stolen credit card.
3. To easily track and report fraudulent transactions to relevant agency.

1.4 Significance of the Study

This project work will enhance the security or the customer’s account and
transaction. It makes customer to access their bank account in order to cash
withdrawal and check their account balance as well as entering into the bank hall.

1.5 Scope of the Study

The scope of the research is focused on implementing a credit card fraud detection
system to compact the increasing cyber-crimes faced by our country.

These are the point that limit the case of this study

 Effective bank security

 Lack of fund
 Limited time
 Unable to leave the school premises for further search;

1.6 Background of the Case Study

5
 First Bank of Nigeria Limited [ First Bank], is the premier bank in West Africa
with its impart woven into the fabric of the society. The bank has been sustaining
its development-oriented society for over 128 years as the regions foremost
financial institution service provider. First Bank offers a comprehensive range of
retails and co-operative financial services through more than 800 branches and
over 19,000 Agent Banking location branches for over 46 million accounts.

As a National Icon and International player, First Bank is one of the most
enduring financial institution brands in Africa with International footprints
extending through its subsidiaries, FBN Bank [UK] limited in London and Paris.
FBN Bank in Republic of Congo, Ghana, Gambia, Guniea, Sierra Leone and
Senegal as well as representative office in Beijing

ORGANOGRAM OF FIRST BANK

MARKETING MANAGER

OPERATING MANAGER

CONTROLLERS

ACCOUBTANT

MARKETERS TELLERS

SECURITIES

MESSENGERS

CLEANERS

Fig 1.6 Organogram of First Bank

1.7 Definition of Terms

6
- Credit Card - A credit card is a thin rectangular slab of plastic issued by a
financial company, that lets cardholders borrow funds with which to pay for
goods and services.
- Fraudulent - Obtained, done by, or involving deception, especially criminal
deception.
- Verification - The process of establishing the truth, accuracy, or validity of
something.
- Consumer- A person who purchases goods and services for personal use.
- Transaction- An instance of buying or selling something.
- Purchase- Acquire (something) by paying for it; buy.

7
 LITERATURE REVIEW

This chapter details the information found in the literature. It starts with a reference
to the different fraud types of credit industry. Then a discussion on the existing
techniques for detecting and preventing credit fraud is made. There is also a brief
discussion on the technologies which were used during this project. Finally, other
fraud types and crimes are discussed.
2.1 Credit Fraud
There are three main types of credit fraud in the literature. These are credit card
fraud, bankruptcy fraud and credit application fraud. A detailed explanation of
each fraud type follows.
2.1.1 Credit Card Fraud
This is the most common fraud type that occurs in credit industry. A fraudster uses
a legitimate card to undertake illegitimate transactions. The cardholder is not aware
of the fact that their card is being used without their permission. The fraudster
takes advantage of cardholder’s ignorance by undertaking as much transactions as
possible before the cardholder realizes and reports the fraud to their bank.
According to Laleh et al. (2009) credit card fraud can be committed either offline
or online. These two ways are discussed below.
Offline Credit Card Fraud
Offline fraud occurs when a fraudster steals the physical card and uses it at the
actual stores. Although offline fraud is still popular nowadays; it is less common
because there is a higher probability to fail. More precisely, the cardholders tend to
realize the loss of the physical card and report that to their bank before the
fraudster manages to undertake any illegitimate transactions with it. As soon as the
stolen card is reported to the bank, the latter will lock the card so as it cannot be
8
used anymore. It is particularly useful to notice that if the cardholder does not
realize the loss of their card, a significant financial loss can occur. As mentioned in
the introduction chapter, the policies of some banks enforce cardholders to pay for
the losses which occur due to an unreported credit card theft. Notice that most of
the UK banks tend to send the newly created cards via the post office. This is
extremely dangerous because the cards may be stolen while they are on the way to
cardholder’s destination address.

Online Credit Card Fraud

During online fraud only the details of the card are stolen and not the card itself.
This is also known as virtual card theft. The details of the card can be used in
places where the card need not be physically present like internet or phone
purchases. This type of credit card fraud is very dangerous and more difficult to
prevent because fraudsters can hold credit card’s information for a long period of
time before they use it. There is no way for the cardholder to know in advance that
their credit card information is stolen. Therefore, this type of fraud may only be
detected after one or more illegitimate transactions are taken place.
There are various ways that fraudsters adapt in order to steal the information of
credit cards. Some of these ways are briefly discussed below.

Skimming
Patidar et al. (2011) define skimming as the “process where the actual data on a
card’s magnetic stripe is electronically copied onto another”. Fraudsters use
special-purpose devices – also known as skimmers – to capture the information of
credit cards that are encapsulated inside their magnetic stripes. They can use the
stolen card information to create counterfeit physical cards in order to use them at
actual shops or simply supply the card information at online shops. Skimming can
9
be committed by an unfaithful employee, who may swipe customer’s card using
the skimmer device, while the customer is at the point of sale. In the past, skimmer
devices have also been introduced on ATM cash machines. In addition to that,
micro-cameras have been used to record the PIN code of a cardholder during ATM
transactions.
Site Cloning
Fraudsters clone a legitimate website to deceive customers into placing an order
with them. Since the fraudulent website seems identical to the legitimate one, the
unsuspecting customers provide their credit card information to complete their
order. Consequently, fraudsters who obtained the customer’s credit card
information can commit credit card fraud whenever they wish to.
False Merchant Sites According to Patidar et al. (2011) there are various websites
that ask for credit card information in order to confirm customer’s age. These
websites will never charge the credit cards directly but they may sell their
information to fraudsters who will commit credit card fraud.

Credit Card Generators

These are automated programs which make use of banks’ algorithms to generate
credit card numbers. Fraudsters can generate an arbitrary sequence of candidate
numbers and then use other techniques – like trial and error – to figure out which
numbers correspond to real credit card accounts.

Phishing
Refers to the spam emails that are sent by fraudsters in order to deceive their
victims and obtain their personal information. Fraudsters can impersonate a service
provider or institute that victims collaborate with. In their email, fraudsters can
make use of a convincing excuse to ask for victim’s personal information including
10
credit card details. The spam emails may also include links to fraudulent websites
which again can deceive victims into revealing their personal information. Taking
into account the enormous amount of spam emails that we receive at a daily basis,
anyone can conclude that this type of fraud is still popular nowadays; although it
has been out for many years.

2.1.2 Bankruptcy Fraud

Bankruptcy fraud occurs when consumers use their credit cards to spend more
money than they can actually pay. Credit cards can be seen as a way for consumers
to borrow money from their banks. Normally consumers will use their credit cards
to carry out daily transactions. At a regular basis – for instance once every month –
the bank will send a bill to their customers in order to request a payment for their
credit card transactions. Customers, who plan to commit bankruptcy fraud, will
overdraft their credit card accounts and then declare themselves as being in a
position of a personal bankruptcy. In such a case the bank will have to pay for all
the losses. Xiong et al. (2013) state that bankruptcy fraud increases expeditiously
and can cause serious losses to issuing banks. In addition to that, they suggest the
evaluation of credit card applications in order to verify the creditworthiness of
applicants. Such an evaluation can usually reveal the possibility of a customer to
go bankrupt in the future. Xiong et al. (2013) also state that the abovementioned
evaluation is not enough because customers with initial good creditworthiness can
still be proved insolvent at a later stage. Therefore, even if an applicant, who
satisfies the desirable levels of creditworthiness, is provided with a credit card
account, the latter should keep being inspected by the bank in order to predict any
possibility of future insolvency.

11
2.1.3 Credit Application Fraud
Credit application fraud occurs when a fraudster applies for a credit card using
false information. The credit application fraud is associated with another serious
fraud, the identity fraud.
Identity Fraud Identity fraud occurs when a fraudster uses a false identity with
intension to commit another fraud. Identity fraud can be perpetrated by inventing
an identity which does not belong to a real person or by stealing the actual identity
of a real person – also known as identity theft. Inventing an identity is easy
because there is no need for fraudsters to look for valid information of a real
person. Nevertheless, this type of identity fraud is very difficult to succeed
nowadays because financial institutions tend to check whether the applicant’s
information corresponds to a physical person or not.

2.2 Data Mining and Detection Techniques

This section describes the concept of data mining and the techniques which are
found in the literature for detecting credit fraud. The main reason why these
techniques are reviewed is that they form the basis of the credit fraud detection
ontology and they are reported as an implementation advice by the expert system.

2.2.1 Data Mining

Data mining refers to a family of machine learning techniques capable to analyze
and extract non-trivial patterns from data. Data mining is also known as knowledge
discovery because it can reveal previously unknown information which was hidden
in the data of various databases. The mined information can be proved very useful
for the organizations who apply data mining. Based on the results, organizations
may make important decisions which can help them survive in the competitive
environment. For instance an organization can analyze the sale records of its
12
customers in order to send attractive offers on the most popular products. Hormozi
et al. (2004) state that “data mining enables an organization to focus on the most
important information in the database, which allows managers to make more
knowledge decisions by predicting future trends and behaviours”. Given that
databases are too large; it is very inconvenient and impractical to look manually for
hidden patterns on the data. Therefore, data mining can be introduced to facilitate
the discovery of useful knowledge. Forrester Research firm reported that 52%, of
1000 companies in total, decided to employ data mining techniques in 2001 to
improve their marketing strategies; an increase of 34% comparing to 1999.
Data mining can also be used to detect fraudulent credit card transactions, predict
which customers are more likely to default their contractual obligations by going
bankrupt as well as identify fraudulent credit applications. Srivastava et al. (2008)
state that the only way to detect credit card fraud is by analyzing the spending
behavior of customers using data mining techniques. Customers tend to follow a
standard spending profile and therefore any transaction which deviates from that
standard can be considered as suspicious. Suspicious transactions can be examined
in detailed by bank officers to determine whether they are indeed fraudulent or not.

2.2.2 Detection Techniques

This subsection provides a brief discussion on various data mining techniques
which can be used to detect credit fraud. It is particularly useful to notice that the
algorithmic details of these techniques are out of the scope of this report. What is
more important for this project is to understand the techniques at a higher level of
abstraction and extract useful characteristics which can be used to build the
knowledge base. Here, there is a general discussion over the detection techniques.

13
Artificial Neural Networks (ANNs)
An artificial neural network imitates the way that human brain works. It consists of
a number of nodes – which are called neurons – and edges which interconnect
those neurons. Neurons are computational units which process some input
information and produce some output. The output of one neuron is passed as input
to another. A neuron of human brain is activated if and only if the received signal
is sufficiently strong. Likewise an artificial neuron receives not only some input
signals but also a weight which determines whether the input signals are
sufficiently strong or not. If the signals are strong enough, an activation function
will start executing to produce the output.

Support Vector Machines (SVMs)

Support Vector Machines is a binary classification methodology. This means that
an input sample can be classified into one out of two possible classes. It is suitable
for credit card fraud detection because only two classes are needed; namely the
“legitimate” and “fraudulent” class. SVM tries to calculate an optimal hyper plane
which will separate the samples of the two classes. There are various hyper planes
which can do that job but an optimal hyper plane will also maximize the margins
between the samples of the two classes. Blue and black bullets correspond to the
samples of the two distinct classes. Support vectors define the boundaries of each
class by taking into account the sample which is closest to the hyper plane. Clearly
the separating hyper plane lies in the middle of support vectors by maximizing the
margin between them. A new sample is classified by measuring its distance from
the hyper plane.
According to Wu et al. (2007), SVM “has a sound theoretical foundation” which
makes it a robust classification technique. Nevertheless, an optimal hyper plane
which separates linearly the samples of the two classes is not always possible to be
14
found. In that situation a kernel function can be used to map the non-linearly
separable data into a higher dimension in which an optimal hyper plane can be
found. The main issue with kernel functions is that they increase the
implementation complexity of SVMs.

2.3 Related Work

This section provides a brief reference to the literature articles which suggest the
techniques of subsection 2.2.2 for detecting credit fraud. It is split into further
subsections based on the different types of credit fraud. The implementations
described in these articles are encapsulated in the credit fraud detection.

2.3.1 Related Work for Credit Card Fraud

The literature work which is related to credit card fraud is described below. This is
done by categorizing the work based on the detection techniques.
Using ANN
Wiese et al. (2009) suggest an implementation of ANNs for detecting credit card
fraud. Their implementation takes into account a sequence of transactions that have
occurred at some time in the past, in order to determine whether a new transaction
is legitimate or fraudulent. They believe that “looking at individual transactions”
only is misleading since it cannot face any periodical changes in spending behavior
of a customer. They call their approach as “Long Short-term Memory Recurrent
Neural Network (LSTM)”.
Guo et al. (2008) suggest a different implementation of ANNs by converting the
training samples into confidence values using a specific mathematical formula and
then supply these values to train the ANN – instead of the original training
samples. They call their approach as “confidence-based neural network” and they
claim that it can achieve promising results in detecting credit card fraud.
15
Using SVM
Chen et al. (2006) suggests an implementation of SVM which they call “Binary
Support Vector System (BSVS)”. One of the main problems of data mining
techniques arises in situations where the training samples have an imbalanced
distribution – also known as skewed distribution. In such a case the
misclassification rate is increased whereas the predicting accuracy of the classifier
is reduced. The approach of Chen et al. (2006) is insensitive to skewed distribution
of training samples. An innovative implementation of SVMs for detecting credit
card fraud is also suggested by Chen et al. (2004). They suggest from the issuing
banks to ask their new customers to fill some questionnaires that can help them
understand the spending habits of the customers. This is particularly useful since
there is no any prior history on the spending behaviour of new customers and
therefore the detection techniques cannot spot fraudulent transactions at the initial
stage. Therefore, the answers to the questionnaires can be used in a similar manner
to the historical information of each customer. They call their approach as
“Questionnaire-Responded Transaction Model” (QRT Model).

2.4 Summary of Literature Review

In this chapter the background research – which has been undertaken during the
project – was presented. The chapter started from the different fraud types that
occur in credit industry. It then moved to a general description of the various
techniques which can be used to detect the above fraud types. The related articles
concerning these detection techniques were also mentioned.

16
3.1 Research Methodology
In the existing credit card fraud detection business processing system, fraudulent
transaction will be detected after transaction is done. It is difficult to find out
fraudulent and regarding loses will be barred by issuing authorities. Hidden
Markov Model is the statistical tools for engineer and scientists to solve various
problems. In this paper, it is shown that credit card fraud can be detected using
Hidden Markov Model during transactions. Hidden Markov Model helps to obtain
a high fraud coverage combined with a low false alarm rate.

3.2 Method of Data Collection

There are two main sources of data collection in carrying out this study,
information was basically obtained from the two sources which are:
(a) Primary source and
(b) Secondary source

3.2.1 Primary Source

Primary source refers to the sources of collecting original data in which
the researcher makes use of empirical approach such as personal interview,
questionnaires or observation.
In my research I used the interview method for my primary source of
Information; this is done by asking question from the banks. I also used a
method of observation were I was attentive to all the activities of the department,
studying their activities and recording them down on daily basis or as required.

3.2.2 Secondary Source

17
The need for the secondary sources of data for this kind of project cannot be
over emphasized. The secondary data were obtained by me from magazines,
Journal, newspapers, library source and most of the information from the library
research has been covered in my literature review in the previous chapter of this
project.

3.2.3 Application

 The detection of the fraud use of the card is found much faster than the
existing system.
 The Transactions of the account holder never stopped as this system allows
the user to use the virtual card Using the virtual ID and password, until he
gets the new card.
 The user can easily block the card by him when he finds that the card is
being stolen.
 In this system we have used the ONE TIME PASSWORD for the security to
get the virtual ID and Password securely.
 We can find the most accurate detection using this technique.

18
3.3 System Investigation

The system investigation is the transaction limit and card information Form. It
contains detail information of the cards. This form shows the input to the system
and what it contains:

TRANSACTION LIMIT FORM

Transaction Limit: …………………………………………….

Update

CARD INFORMATION FORM

Your card number: …………………………………………….

Your Pin: …………………………………………….

Withdraw

FIG 3.3 System Investigation

3.4 System Analysis

Credit and debit card fraud is a serious issue that affects millions of people
worldwide every year. Fraudsters use various tactics to steal people's card
information and use it to make unauthorized purchases. To combat this problem,

19
financial institutions have developed sophisticated fraud detection systems that use
machine learning algorithms and other techniques to identify and prevent fraud.
System Architecture: The credit/debit fraud detection system consists of several
components that work together to detect and prevent fraud. These components
include:
1. Data Collection: This component collects data from various sources such as
bank transactions, point-of-sale systems, and online purchases. The data is
collected in real-time to detect fraudulent activity as soon as possible.
2. Data Processing: This component processes the collected data using various
algorithms and techniques to identify patterns and anomalies that may indicate
fraudulent activity. The processing includes data cleaning, feature engineering, and
modeling.
3. Machine Learning Models: These models use various algorithms such as
logistic regression, decision trees, and neural networks to analyze the processed
data and predict whether a transaction is fraudulent or not.
4. Rules Engine: This component applies predefined rules to the transaction data
to identify suspicious activity. For example, if a transaction is made from a
location that is far from the cardholder's usual location, the system may flag it as
suspicious.
5. Alert Generation: When the system detects a fraudulent transaction, it generates
an alert that is sent to the bank's fraud department. The alert includes details about
the suspicious transaction, such as the transaction amount, location, and time.
6. Fraud Investigation: The fraud department reviews the alerts generated by the
system and investigates the suspicious transactions. If the transaction is confirmed
to be fraudulent, the bank may block the card and initiate a chargeback.
System Performance: The performance of the credit/debit fraud detection system is
measured by its accuracy, precision, and recall. The accuracy measures how often
the system correctly identifies fraudulent transactions. The precision measures how
often the system flags a transaction as fraudulent when it is actually fraudulent.
The recall measures how often the system flags a fraudulent transaction when it is
present in the data.
To improve the performance of the system, financial institutions continuously
collect and analyze data to identify new patterns and trends in fraudulent activity.
20
They also update the machine learning models and rules engine to improve their
accuracy and reduce false positives.
Conclusion: The credit/debit fraud detection system is a critical component of
financial institutions' efforts to combat fraud. By collecting and analyzing
transaction data in real-time, the system can identify and prevent fraudulent
activity before it causes significant financial harm. However, the system is not
foolproof, and fraudsters are continually developing new tactics to evade detection.
Therefore, financial institutions must continuously update and improve their fraud
detection systems to stay one step ahead of the fraudsters.

3.5 Problem of Existing System

Although credit/debit fraud detection systems have become increasingly
sophisticated over the years, there are still some problems with the existing system
that financial institutions need to address. Here are some of the common problems
associated with the existing credit/debit fraud detection systems:
1. False Positives: One of the main problems with credit/debit fraud detection
systems is that they may generate false positives, which are transactions that are
flagged as fraudulent but are, in fact, legitimate. False positives can be a major
headache for both customers and banks, as they can lead to declined transactions
and customer frustration.
2. Lack of Real-Time Detection: Some fraud detection systems are not designed to
detect fraud in real-time. Instead, they may rely on batch processing, which means
that transactions are analyzed in batches at the end of the day. This can lead to
delays in identifying fraudulent transactions, giving fraudsters more time to carry
out their activities.
3. Inability to Detect New Types of Fraud: Fraudsters are constantly coming up
with new tactics to evade detection, and some fraud detection systems may not be
able to keep up with these evolving tactics. As a result, financial institutions may
need to continuously update and improve their systems to stay ahead of fraudsters.
4. Limited Data Sources: Fraud detection systems rely on transaction data to
identify fraudulent activity. However, some systems may not be able to access data
from all sources, such as mobile payments or e-commerce platforms. This can

21
make it more difficult to detect fraudulent activity that occurs outside of traditional
banking channels.
5. Complex and Expensive: Developing and maintaining a fraud detection system
can be complex and expensive. Financial institutions may need to invest significant
resources in data infrastructure, machine learning algorithms, and skilled personnel
to design and operate a robust fraud detection system.
In conclusion, while credit/debit fraud detection systems have come a long way in
recent years, they still face several challenges that need to be addressed. Financial
institutions need to continuously improve their systems to stay ahead of fraudsters
and provide better protection to their customers.

3.6 Information Flow Chart

An information flow chart is a visual representation of flow of data and
information within a system. In the case of a credit/ debit fraud detection system,
an information flow chart could help illustrate to the various steps involved in
identifying and preventing fraudulent transaction
Here are basic examples of what an information flow chart for a credit / debit fraud
detection system might look like
1. Transaction data is collected from the merchants and sent to the payment
processor
2. The data payment processor checks the transaction data for any red flag such
unusually large purchases or purchases from high risk countries
3. If the transaction data raises any red flag, it is sent to the fraud detection
system for further analysis
4. The fraud detection analyzes the transaction data using various algorithms
and machine learning models to determine the likelihood of fraud
5. If the system determines the transaction is likely fraudulent. It sends an alert
to the payment processor or the cardholder to take appropriate action

Of course, the exact step and components of a credit/ debit fraud detection
system will vary depending on the specific system and the organization using it,
but an information flow chart can help provide a clear overview of how data
and information move through the system which can be useful for

22
 understanding the systems over all functionality and identifying areas for
improvement.

Classification Adaptive
Credit card Identify Machine Evaluation Comparative

Fraud and Issues and Learning Metrics Study

Committed Challenges Techniques

methods

Supervised

Unsupervised Out comes

Analysis of
Send supervised
Datasets

Fig 2.6 Information Flow Chart

23
4.1 System Design

The design of a credit/ debit fraud detection system involves different steps and
component. Here is a high level over view of the system design;

1. Data Collection; The system needs to collect data from various sources
such as transaction history, User profiles, behavior pattern, etc.
2. Data Processing; The collected data needs to be cleaned. transformed and
processed to remove any inconsistences or errors.
3. Feature Extraction; Relevant features such as time, location, transaction
amount and user behavior needs to be extracted from the preprocessed data
4. Model Department; Various machines learning algorithms such as logistics
regression, decision tree, and random forest are used to develop model
based on historical data
5. Model Evaluation; The developed model need to be tested and evaluated
based on accuracy, precision, recall, and f1 score
6. Threshold Setting; Appropriate thresholds need to be set to determine the
likelihood of fraud based on the output of the model.
7. User Notification; Based on the determined likelihood of fraud, appropriate
actions need to be taken to notify users or fraud prevention team.

The system needs to be continuously updated and improved based on new data and
trends to increase its accuracy and effectiveness in detecting and preventing credit/
debit fraud

24
4.2 Scope of Design

The scope of the design of a credit/debit fraud detection system includes

identifying fraudulent transaction made using credit/debit cards. The system should
be able to detect any suspicious activity and prevent fraudulent transactions,
analyzing data pattern and identifying unusual activity or trends that may indicate
fraud. The scope of design includes the following aspects

1. Data Collection; Collect and store data related transaction, account number
information, and other relevant data points.
2. Machine Learning and Artificial Intelligence; Use machine learning
algorithms and artificial intelligence to analyze data patterns, identify fraud
patterns and improve the systems ability to detect fraud
3. Real-Time Alerts; Set up real-time alerts, so that any fraudulent activity can
be detected and prevented from being processed.
4. Fraud Detection Rules; Establish rules and procedures to detect and prevent
credit card from fraudulent transactions.
5. Security Measures; Ensure that the system is secured and sensitive account
information is protected from unauthorized access.
6. Reporting; Provide clear and concise reporting of fraudulent activity to
relevant stakeholders such as financial institutions. Merchants and
customers.

4.3 Input/Output Design

The input design of a credit/debit fraud detection system will depend on the
specific requirement of the system, but generally, it would involve collecting
various types of information related to a cardholder’s account activity including

25
transaction history, purchased amounts, locations and overall spending patterns.
This data can then be analyzed using machine learning algorithms and other
advanced techniques

The output design of such a system will typically involve generating alerts or
notifications whenever potentially fraudulent transactions are identified. This could
include notifying the cardholder themselves or flagging the transaction for review
by a fraud detection team, who can then take appropriate action to investigate and
address any suspicious activity

In terms of implementation, a credit/debit fraud detection system would typically

require access to a large and diverse data set of transaction data, as well as
advanced analytical tools and techniques for detecting potential fraud. The system
may also need to integrate with other financial system and tools such as payment
gateway and banking systems in order to share data and identify potential fraud
across multiple channels.

Overall, the system should be designed with security and scalability in mind, as it
will likely need to process large volume of data and quickly adapt to new types of
fraud over time.

4.4 System Requirement

The system requirement for a credit/debit fraud detection system may vary
depending on the specific needs of the organization or business, some general
system requirements for this type of system could include;

26
 1. Data Collection and Management; The system should be able to collect and
analyze data from various sources such as credit/debit card transaction,
online shopping patterns and customer behavior.
2. Machine Learning and Data Analytics; The system would have machine
learning algorithms and data analytics tools to detect patterns and identify
potential fraudulent activities in customers data.
3. Real-Time Alert System; The system should be ale to detect fraud in real-
time and send alerts to appropriate parties such as customers, banks and
regulatory authorities
4. Integration with Exiting System; The system should be able to integrate with
existing banking and financial systems such as payments gateways,
scorecards and loan management system.
5. Security Features; The system should have strong security features such as
encrypt[on and access controls to ensure customer privacy and prevent
unauthorized access.
6. Scalability; The system should be scalable to handle large volumes of data
and growing customer bases.
7. Regulatory Compliance; The system should comply with relevant laws and
regulations related to privacy, data protection and fraud detection.

4.5 System Implementation

The implementation of a credit/debit fraud detection system involves the

combination of data analysis and machine language techniques. Here, are the steps
for implementing such a system;

27
 1. Collect Data; First, you need to collect data on credit/debit card transactions.
This data may include the transactions amount, time of the transaction,
location of the transaction and other relevant details
2. Preprocessed and Clean Data; Next, you need to preprocess the data and
clean it, removing any any irrelevant or duplicated data points. This is an
important step to ensure that the data is accurate and can be used for
analysis.
3. Feature Extraction; In this step, you extract features [transaction frequency,
transaction amount, location, etc.] from each transaction.
4. Apply Machine Learning Algorithms; Once the features have been
extracted, you can app[y various machine learning algorithms such as
decision trees, random forests, or neutral networks to detect fraudulent
transactions,
5. Train and Validate the Model; After selecting an appropriate algorithms; you
need to train and retrain the model for improved accuracy.
6. Integration; Once the model is refined, it can be deployed as part of a
credit/debit card payment infrastructure, where it can continuously monitor
transactions and flag any suspicious activity.

Overall, the design implementation of a credit/debit card detection system

requires a combination of data science, machine learning and integration with
payment infrastructure by implementing such a system, you can help improve
payment security and prevent against fraud

4.6 Program Design

The program design of a credit/debit fraud detection system typically involves the
following steps;

28
 1. Data Collection; Collection data from various payment system including
card issues, card network and merchants.
2. Data Preprocessing; Preprocessing the data by cleaning, transforming the
data by integrating it in a usable format.
3. Feature Extraction; Extracting relevant features from the preprocessed data
set, which could include transaction amounts, transaction frequency,
geographical location, timing and more.
4. Model Selection; Selecting appropriate machine learning, deep learning or
statistical model to analyze the data and identify potential fraudulent
transactions.
5. Model Training; Training the selected model using labeled data, which
contains information on whether a transaction is fraudulent or not.
6. Fraud Investigation; Once a transaction has been flagged as potential
fraudulent, the system will initiate an investigation which may include
additional verification steps and alert the relevant authorizes.
In conclusion, the program design of a credit/debit fraud detection system involves
a complex combination of data collection, cleansing, analysis and monitoring
which requires a large level of technical expertise and a thorough understanding of
fraud detection system and prevention.

29
 Log

Credit card
transaction

Check account
balance

View statement
of account

Change credit
card pin

Log out

Fig; 4.6 Program Design

4.7 Program Testing and Debugging

Program testing and debugging are crucial steps in the credit/debit fraud detection
system. The main objective of testing is to ensure that the implemented system
works as expected and can achieve the desired goal of detecting and preventing
fraud. The testing process should follow a structured approach that involves
various techniques such as unit testing, integration testing, system testing and
acceptance testing. During unit testing, individual component of the system are
tested to ensure that they function correctly, integration testing is performed to
verify that the individual component can interact correctly to produced the desired
output. System testing is then carried out to verify the system as a whole to
perform as expected. Finally acceptance testing is preformed to ensure that the
system is satisfies users requirements. Once testing is completed, any issues found
during testing need to be resolved through debugging. Debugging involves
30
identifying and fixing any errors or bugs in the systems code. This process can
involve using various debugging tools and techniques, such as tracing code
execution, setting break points and analyzing logs. Lastly, testing and debugging
are critical in ensuring that a credit/debit fraud detection system functions correctly
and can provide reliable and accurate results.

4.8 Program Documentation

The program documentation of a credit/debit fraud detection system typically
includes the following;
1. Introduction; This section provides an overview of the system architecture
and the techniques used to compliment it.
2. System Architecture; This section describes the systems architecture and
the technologies used to used to implement it.
3. Data Collection; This section detailed the data sources used to feed the
system, such as transaction data, customer data and device data.
4. Data Processing; This section describes how the system processes,
incoming data. Including data normalization and data transformation.
5. Machne Learning Models; This section details the machine language
models used by the system to detect fraud, such as logistics regression,
decision tree and neutral networks.
6. Detection Rules; This section descries the rules used by the system to
identify fraudulent transaction or patterns, such as velocity checks, location
checks and unusal transaction behavior.
7. Alerts and Reporting; This section explains how the system alerts and
reports on potential fraud events, including email notification, SMS alerts
and dashboards.

31
8. Performance Metrics; This section provides details on the system
performance metrics, such as detection rate, false positive rate and false
negative rate.
9. Deployment and Maintenance; This section explains how the system is
deployed and maintained, including software updates, version control and
monitoring.
10. Conclusion; This section summarizes the key takeaway and highlights the
benefit of using a credit/debit fraud detection system.

4.9 Program Evaluation and Maintenance

The program evaluation of a credit/debit fraud detection system typically
involves analyzing the results of the systems performance in detecting
fraudulent transactions. This can involve monitoring the number of false
positive and false negative and adjusting the systems algorithms and
parameters as necessary to reduce these errors.
Maintaining a credit/debit fraud detection system involves analyzing the
results system up-to-data with the latest security protocols and fraud trends.
This can involve regularly updating the systems algorithms and rules, and
ensuring that the system is compatible with the latest hardware and software
technology.
Maintaining a credit/debit fraud detection system may involve monitoring the
systems performance and alerting the appropriate personnel when the system
detect a potential fraud situation. This can involve working with law
enforcement or other regulatory bodies to investigate and prevent fraudulent
activities.

32
4.10 Training Staff
The training staff of a credit/debit fraud detection system typically consists of
experienced fraud analyst, who have knowledge and expertise in identifying
and preventing fraudulent activity.
These staff members are responsible for training new members of the team on
the systems detection methods, fraud patterns and the latest techniques used
by fraudsters. They may also provide ongoing training to the entire team on
new fraud trends, system updates, and emerging technologies to ensure that
the team stays current and effective in their roles. The training staff plays a
critical role in the success of the fraud detection by ensuring that the team has
the knowledge and skill required to quickly and accurately identify and
prevent fraud. The staff that will be responsible for operating and maintaining
the system will need to receive adequate training.

4.11 Change Over Procedure

The change over procedure of a credit/debit fraud detection system involves
the process of transitioning from the old system to the new one in a way that
minimizes disruptions and ensure a smooth transaction . the following steps
should be taken;
1. Planning; This involves designing a plan that outlines the entire
changeover process, including the timelines, the rules and
responsibilities of team members involved and the communication
plan.
2. Testing; Before the new system goes live, it should be thoroughly
tested to ensure that it is fully functional and able to perform all
necessary tasks.

33
 3. Parallel Operation; During this stage, the new fraud detection system
is run alongside the old system to ensure its accuracy and efficiency.
4. Implementation; Once the new system have been tested and refined,
the implementation phase involves switching over to the new system.
This may involve a phased approach where different segments of the
system are brought online at different times.
5. Follow-up and Maintenance; After the changeover has been
completed, the new system must be monitored to ensure that it is
running properly and to make any necessary notification and updates.
This is an ongoing process that ensures the system remains effective in
detecting and preventing fraudulent transactions.

4.12 Documentation
The documentation of a credit/debit fraud detection system typically includes the
following;
1. Functional Requirement; This document descries the systems functions and
features, including how the system will detect fraud, what data it needs and
how it will be used.
2. Technical Requirement Document; This document descries the technical
infrastructure required to support the fraud detection system, including
software, hardware and network components.
3. Operational Procedure Document; This document outlines the procedures
for operating the fraud detection system, including how to monitor it for
potential fraud and how to respond to detected fraud.
4. User Manuals; This provides information on how to use the system,
including step-by-step instructions for performing specific tasks.
34
5. Testing and Validation Documentation; This includes the test plan, scripts
and test reports used to validate the system’s performance and functionality.
6. Maintaining and Support Document; This includes instructions on how to
maintain and support the system, including troubleshooting guides and
contact information for technical support.

35
5.1 Summary
In summary, this Academic Work project has done a great deal of giving a broad
knowledge of what credit card fraud detection system is all about. It went as far as
highlighting the uses of credit card fraud detection system. This study shows how
to improve the security of credit/debit fraud. In summary, this work shows how to
detect and prevent credit\debit fraud.

5.2 Conclusion
From this Academic Work, I have been able to show the application of database
management system (credit card fraud detection system) and how it can be used, it
has achieved the full aim of letting the public know what computer system is all
about.

5.3 Recommendation
I hereby recommend this Academic work to be used by staff and management and
indeed any other Institution with similar structure and organizational framework
for the following reasons:
1. The academic work has been able to solve the problem related to easy access
of credit card information.
2. It has helped the user on how to login and view report, enter credit card for
detection.

36
 REFERENCES

Ghosh, S., and Reilly, D.L., [1994]. Credit Card Fraud Detection with a
Neural-Network, 27th Hawaii International l Conference on Information
Systems, vol. 3 (2003), pp. 621- 630.

Syeda, M., Zhang, Y. Q., and Pan, Y. [2002] Parallel Granular Networks for Fast
Credit Card Fraud Detection, Proceedings of IEE International Conference
on Fuzzy Systems, pp. 572-577.

Stolfo, S. J., Fan, D. W., Lee, W., Prodromidis, A., and Chan, P. K., [2000]. Cost-
Based Modeling for Fraud and Intrusion Detection: Results from the JAM
Project, Proceedings of DARPA Information Survivability Conference and
Exposition, vol. 2 (2000), pp. 130-144.
Aleskerov, E., Freisleben, B., and Rao, B., [1997]. CARDWATCH: A Neural
Network Based Database Mining System for Credit Card Fraud Detection,
Proceedings of IEEE/IAFE: Computational Intelligence for Financial Eng.
(1997), pp. 220-226.

M.J. Kim and T.S. Kim, [2002]. “A Neural Classifier with Fraud Density Map for
Effective Credit Card Fraud Detection,” Proc. Int’l Conf. Intelligent Data
Eng. and Automated Learning, pp.378-383,

37
 APPENDICES

APPENDIX - A

Front End

38
APPENDIX – B

39
APPENDIX - C

Transaction and Blocking History

40
APPENDIX H

SOURCE CODE

1. Transaction.php

<!-- Check for a valid transaction -->

<?php
session_start();

if(isset($_SESSION['account'])) {
// Do something if anything special you need.
}else{
header("Location: index.php");
}
?>

<!DOCTYPE html>
<html>
<head>
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>Credit Card Faurd Detecting System</title>

<!-- Load all static files -->

<link rel="stylesheet" type="text/css"
href="assets/BS/css/bootstrap.min.css">
<link rel="stylesheet" type="text/css" href="assets/css/styles.css">

</head>
<body class="container">
<!-- Navbar included -->
<?php include 'helper/navbar.html' ?>
<!-- Config included -->
<?php include 'helper/config.php' ?>

<div class="row m-r-0 m-l-0">

<!-- After submitting the form -->
<?php
41
 if($_SERVER['REQUEST_METHOD'] == 'POST') {
// get data from form
$amount = $_POST['amount'];
$total_balance = $_POST['total_balance'];
$trans_limit = $_POST['trans_limit'];
$acc_table_id = $_POST['id'];

// Withdrawal business logic

if($amount <= $total_balance) {
if($amount <= $trans_limit) {
$branch_pk = $_SESSION['branch_pk'];
// update will be rest of the amount
$rest_amount = $total_balance - $amount;
$update_query = "UPDATE account SET
balance=".$rest_amount." WHERE id=".$acc_table_id;
$conn->query($update_query);
// Now it's time to add a row on transaction
table
$add_trans_sql = "INSERT INTO
transaction (account_id, branch_id, amount) VALUES (".$acc_table_id.", ".
$branch_pk.", ".$amount.")";
$conn->query($add_trans_sql);
unset($_SESSION["branch_pk"]);

// show success message

echo '<p class="success-
message">Successfully Withdrawn!!</p>';

}else {
// show error message (when maximum
limit)
echo '<p class="error-message">Sorry!!
Maximum limit reached. Try Again!!</p>';
}
}else {
// show error message (When insufficient funds)
echo '<p class="error-message">Not Enough
Fund!!</p>';
}

42
 }
?>
</div>

<!-- This part will show first -->

<div class="row m-r-0 m-l-0">
<?php
if(isset($_SESSION['account'])) {
$account_pk = $_SESSION['account_id'];
// Warning OR Notification about last blocking message
$blocked_sql = "SELECT block_history.account_id,
block_history.branch_id, created_at, branch.id, branch.name as branch_name
FROM block_history, branch WHERE block_history.account_id=".$account_pk."
AND block_history.branch_id=branch.id ORDER BY created_at DESC";

$blocked_last_row = $conn->query($blocked_sql);

if($blocked_last_row->num_rows> 0) {
$blocked_row = $blocked_last_row->fetch_row();
$blocked_timestamp = $blocked_row[2];
$blocked_branch_name = $blocked_row[4];

// Show Warning
echo '<p class="warning-message">You account
was tryng to access from <strong>'.$blocked_branch_name.'</strong> at <strong>'.
$blocked_timestamp.'</strong></p>';
}

$ac_number = $_SESSION['account'];
$account_id = $_SESSION['account_id'];

// Get data from account table

$sql = "SELECT * FROM account WHERE id=".
$account_id;
$result = $conn->query($sql);

if($result->num_rows == 1) {
$row = $result->fetch_row();
echo '

43
 <div class="col-sm-12 col-md-6">
<div class="panel panel-primary">
<div class="panel-heading">
<h3>Transaction</h3>
</div>
<div class="panel-body">
<form method="POST"
action="" class="form-group">
<p>Available
Balance: '.$row[4].'</p>
<label>Enter
Amount</label>
<input
type="number" name="amount" class="form-control" required/>
<input
type="hidden" name="total_balance" value="'.$row[4].'"/>
<input
type="hidden" name="trans_limit" value="'.$row[5].'"/>
<input
type="hidden" name="id" value="'.$row[0].'"/>
<br/>
<input
class="btnbtn-primary btn-block" type="submit" name="submit"
value="Withdraw"/>
</form>
</div>
</div>
</div>
';
}
}
?>
<!-- The clock / time limit will be here -->
<div class="col-sm-12 col-md-4 jumbotron pull-right m-r-15">
<h2 class="alert-message-color">You are running out of
time.</h2>
<div id="s_timer"></div>
<p class="p-t-sm f-16 alert-message-color">
<strong>Note:</strong> You just have 60 seconds to
finish this transaction.
44
 If you missed to finish you have re-enter your AC
number and PIN.
</p>
</div>
</div>

</body>
<footer>
<!-- All the Javascript will be load here... -->
<script type="text/javascript" src="assets/JS/jquery-3.1.1.min.js"></script>
<script type="text/javascript"
src="assets/JS/jquery.countdownTimer.min.js"></script>
<script type="text/javascript" src="assets/JS/main.js"></script>
<script type="text/javascript" src="assets/JS/timer.js"></script>
<script type="text/javascript" src="assets/BS/js/bootstrap.min.js"></script>
</footer>
</html>

2. Settings.php
<?php
include 'helper/config.php';

session_start();

if (isset($_SESSION['username'])) {
// logged in
// Something will happen here....
} else {
// not logged in
header('Location: login.php');
}
?>

<!-- Login view -->

<form class="form-signin"method="POST" action="">
<h2 class="form-signin-heading">SIGN IN</h2>
<label for="inputEmail" class="sr-only">Email address</label>
<input type="email" id="inputEmail" name="email" class="form-control"
placeholder="Email address" required autofocus>
<label for="inputPassword" class="sr-only">Password</label>

45
<input type="password" id="inputPassword" name="password" class="form-
control" placeholder="Password" required>
<button class="btnbtn-lg btn-primary btn-block" type="submit">Sign in</button>
</form>
</body>
<footer>
<!-- All the Javascript will be load here... -->
<script type="text/javascript" src="assets/JS/jquery-3.1.1.min.js"></script>
<script type="text/javascript" src="assets/JS/main.js"></script>
<script type="text/javascript" src="assets/BS/js/bootstrap.min.js"></script>
</footer>
</html>

3. Index.php
<!DOCTYPE html>
<html>
<head>
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>Credit Card Faurd Detecting System</title>

<!-- Load all static files -->

<link rel="stylesheet" type="text/css"
href="assets/BS/css/bootstrap.min.css">
<link rel="stylesheet" type="text/css" href="assets/css/styles.css">
</head>
<body class="container">
<!-- Navbar included -->
<?php include 'helper/navbar.html' ?>
<!-- Config included -->
<?php include 'helper/config.php' ?>

<!-- Let's do something more -->

<?php include 'dashboard.php' ?>
</body>
<footer>
<!-- All the Javascript will be load here... -->
<script type="text/javascript" src="assets/JS/jquery-3.1.1.min.js"></script>
<script type="text/javascript" src="assets/JS/main.js"></script>
<script type="text/javascript" src="assets/BS/js/bootstrap.min.js"></script>
</footer>
46
</html>

4. History.php
<?php
include 'helper/config.php';

session_start();

if (isset($_SESSION['username'])) {
// logged in
// Something will happen here....
} else {
// not logged in
header('Location: login.php');
}
?>

<!DOCTYPE html>
<html>
<head>
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>History | Credit Card</title>

<!-- Load all static files -->

<link rel="stylesheet" type="text/css"
href="assets/BS/css/bootstrap.min.css">
<link rel="stylesheet" type="text/css" href="assets/css/styles.css">
</head>
<body class="container">
<!-- Config included -->
<?php
include 'helper/navbar.html';
?>

<!-- Transaction history -->

<div class="row">
<div class="col-sm-12 col-md-12">
<div class="panel panel-success">
<div class="panel-heading">
<p class="text-22px text-center">Transaction History</p>
47
</div>
<div class="panel-body">
<table class="table">
<?php
$email = $_SESSION['username'];
$user_data_sql = "SELECT id FROM users WHERE email='".
$email."'";
$user_data = $conn->query($user_data_sql);
if($user_data->num_rows == 1){
$user_pk = $user_data->fetch_row()[0];
}
$get_account_sql = "SELECT id from account WHERE
user_id=".$user_pk;
$account_data = $conn->query($get_account_sql);
if($account_data->num_rows == 1) {
$account_pk = $account_data->fetch_row()[0];
}

$sql = "SELECT transaction.account_id, transaction.amount,

transaction.branch_id, created_at, account.id, account.user_id, users.id, users.name
AS user_name, branch.id, branch.name AS branch_name FROM transaction,
account, users, branch WHERE transaction.account_id=".$account_pk." AND
account.user_id=".$user_pk." AND branch.id=transaction.branch_id AND
users.id=".$user_pk." ORDER BY transaction.id";

$transaction_data = $conn->query($sql);

if($transaction_data->num_rows> 0) {
echo '
<thead>
<tr>
<th>User Name</th>
<th>Branch Name</th>
<th>Amount</th>
<th>Transaction Date & Time</th>
</tr>
</thead>
';
while($row = $transaction_data->fetch_assoc()){
echo '
48
<tbody>
<tr>
<td>'.$row["user_name"].'</td>
<td>'.$row["branch_name"].'</td>
<td>'.$row["amount"].'</td>
<td>'.$row["created_at"].'</td>
</tr>
</tbody>
';
}
}else{
echo '<p class="text-center">No data to show</p>';
}
?>
</table>
</div>
</div>
</div>
</div>

<!-- Blocking History -->

<div class="row">
<div class="col-sm-12 col-md-12">
<div class="panel panel-success">
<div class="panel-heading">
<p class="text-22px text-center">Blocking History</p>
</div>
<div class="panel-body">
<table class="table">
<?php
$email = $_SESSION['username'];
$user_data_sql = "SELECT id FROM users WHERE email='".
$email."'";
$user_data = $conn->query($user_data_sql);
if($user_data->num_rows == 1){
$user_pk = $user_data->fetch_row()[0];
}

$get_account_sql = "SELECT id from account WHERE

user_id=".$user_pk;
49
 $account_data = $conn->query($get_account_sql);
if($account_data->num_rows == 1) {
$account_pk = $account_data->fetch_row()[0];
}

$sql = "SELECT block_history.account_id,

block_history.branch_id, created_at, account.user_id, users.id, users.name AS
user_name, branch.id, branch.name AS branch_name FROM block_history,
account, users, branch WHERE block_history.account_id=".$account_pk." AND
block_history.branch_id=branch.id AND account.user_id=".$user_pk." AND
users.id=".$user_pk." ORDER BY created_at";

$blocking_history = $conn->query($sql);

if($blocking_history->num_rows> 0) {
echo '
<thead>
<tr>
<th>Branch Name</th>
<th>Account User Name</th>
<th>Date & Time</th>
</tr>
</thead>
';
while($row = $blocking_history->fetch_assoc()){
echo '
<tbody>
<tr>
<td>'.$row["branch_name"].'</td>
<td>'.$row["user_name"].'</td>
<td>'.$row["created_at"].'</td>
</tr>
</tbody>
';
}
}else{
echo '<p class="text-center">No data to show</p>';
}
?>
</table>
50
</div>
</div>
</div>
</div>
</body>
<footer>
<!-- All the Javascript will be load here... -->
<script type="text/javascript" src="assets/JS/jquery-3.1.1.min.js"></script>
<script type="text/javascript" src="assets/JS/main.js"></script>
<script type="text/javascript" src="assets/BS/js/bootstrap.min.js"></script>
</footer>
</html>

5. Dashboard.php
<!-- After submiting the form -->
<?php
// Initialize the session
session_start();
if($_SERVER['REQUEST_METHOD'] == 'POST') {
$card_number = $_POST['card_number'];
$pin = $_POST['pin'];
$branch_id = $_POST['branch_id'];

// Get all the the pins with card number then I'll match with inputed
data
$query = "SELECT * FROM credit_card";
$credit_cards = $conn->query($query);

if ($credit_cards->num_rows> 0) {
// Declare some helper arrays
$card_number_array = array();
while($row = $credit_cards->fetch_assoc()) {
array_push($card_number_array, $row["ac_number"]);
}
}

$matched = False;
// Match with the inputed data
for($i=0; $i<count($card_number_array); $i++){
if($card_number == $card_number_array[$i]){
51
 $matched = True;
break;
}
}
// After matching
if($matched) {
// Again call db for specific response
$card_data_sql = "SELECT * FROM credit_card WHERE
ac_number=".$card_number." AND pin=".$pin;
$card_data = $conn->query($card_data_sql);

if($card_data->num_rows == 0){
echo '<p class="error-message">You are not authorised!!
</p>';
}

if($card_data->num_rows == 1){
$row = $card_data->fetch_row();
$allowed_branches = $row[1];
$ac_status = $row[5];

if($ac_status == 1){
if(strpos($allowed_branches, $branch_id)) {
// set AC num and pin to session
$_SESSION['account'] = $card_number;
$_SESSION['account_id'] = $row[4];
$_SESSION['branch_pk'] = $branch_id;
header("Location: transaction.php");
}else {
echo '<p class="error-message">SORRY!
This Branch is not Allowed!!</p>';
// Account will be locked now.
/*
0 = Block
1 = Active
*/
$update_block_sql = "UPDATE credit_card
SET status=0 WHERE ac_number=".$card_number;
$updated_block_status = $conn-
>query($update_block_sql);
52
 if($updated_block_status) {
echo '<p class="error-
message">Account will be blocked!!</p>';
$block_history_sql = "INSERT INTO
block_history (account_id, branch_id) VALUES(".$row[4].", ".$branch_id.")";
$conn->query($block_history_sql);
}
}
}else {
echo '<p class="error-message">Your account has
blocked!!</p>';
}

}else {
echo '<p class="error-message">You are not authorised!!</p>';
}
}

?>

<div class="row">
<h2 class="text-center">Dashboard</h2>
<p class="text-center">Authorized Card Number: 5531886652142950, Pin
code: 3310</p>
<p class="text-center">Login Email: tester@gmail.com, Password:
12345</p>
<?php
// Get branches data from database
$sql = "SELECT * FROM branch";
$result = $conn->query($sql);

if ($result->num_rows> 0) {
// output data of each row
while($row = $result->fetch_assoc()) {
$name = $row["name"];

echo '

53
 <div class="col-xs-6 col-md-4">
<div class="panel panel-success">
<div class="panel-heading">
<h3>'.$name.' Branch</h3>
</div>
<div class="panel-body">
<form method="POST" action=""
class="form-group">
<label>Your Card
Number</label>
<input type="text"
name="card_number" class="form-control" required/>
<br/>
<label>Your PIN</label>
<input type="password"
name="pin" class="form-control" required/>
<input type="hidden"
name="branch_id" value="'.$row["id"].'"/>
<br/>
<input class="btnbtn-success
btn-block" type="submit" name="submit" value="Withdraw"/>
</form>
</div>
</div>
</div>
';
}
} else {
echo "0 results";
}
// $conn->close();
?>

</div>

54