Spatio-temporal directed graph learning for fraud detection

Account Takeover (ATO) fraud poses a significant challenge for financial institutions. Existing fraud detection models, which primarily rely on tabular data, often fail to capture the complex, interconnected nature of fraudulent activities. This paper presents a novel approach to ATO fraud detection by reformulating the problem as a node classification task on a large-scale, dynamic graph. We apply a Graph Neural Network (GNN), specifically GraphSAGE, to leverage spatial and temporal relationships among online user sessions, which are neglected by traditional models. Our methodology involves defining a graph where nodes represent user sessions and edges represent shared identifiers such as User ID, Device ID or IP Address. We demonstrate that this GNN-based approach significantly outperforms the existing production model, a tabular XGBoost model, on key performance metrics. By incorporating label propagation, we achieve a substantial improvement in performance, with a 5.8% increase in ROC AUC and a significant improvement in customer friction reduction. Our findings highlight the critical importance of graph formulation over the complexity of the GNN architecture itself and offer a scalable solution for real-time fraud detection.