Automated Fraud Detection in Android Apps — Financial, E-Commerce

3 min readSep 24, 2022

It is time to turn Apps smarter and integrate fraud risk management features inside app rather than putting the onus on customers for awareness. Some of the common ways criminals use social engineering to conduct cyber financial frauds like Account Takeover, Impersonation etc are:

OTP theft using call conferencing / Android Trojan
Fake Calls / Impersonation
Remote Access — Refund fraud
Fake SMS / Phishing Links over SMS

A small code put inside the android app may help to identify and pacify such fraudulent attempts and protect customer’s hard earned money that is being massively drained off by cyber criminals. Here are some of the ways to implement the same by warning customer in real time upon detection of fraud activity at end point (customer’s phone).

1. Phishing Impersonation SMS Detection Code

Android Permission : Read SMS, Notification
Team : Fraud Template collating team. (Indicators of Frauds Repository from social media, victims and honeypot phone)
Infrastructure: Repository of fraud SMS template, Fraud Links, Numbers, Headers at centralized server, Automated real time detection in apps BG process and intimation to centralized server in real time.
Problem Solved : All phishing SMS related attack attempts by notifying customers in real time.

This feature will solve maximum issues pertaining to fraud impersonation SMS. Instead of relying on customer for awareness, it will be an automatic detection and flagging mechanism

2. Remote Access App Detection Code

Code : Screen Overlay, Query All Packages (need extra effort in android 11). Many Apps like PayTM, Axis Bank have done the same.
Problem Solved: Remote access based tech support / refund scam

3. SIM Card Binding

Code Needed: Detect presence of registered mobile number / SIM before running an App
Problem Solved : Account Takeover using duplicate SIM

4. Ponzi Scheme / Fraud Campaign URL detection

Team Needed : Monitoring the new fraud of gaming, phishing, instant loan or ponzi scheme fraud, KYC expiry, electricity disconnection scam etc executed as mass level to feed in centralized database.
Problem Solved: Customers losing their money due to digital illiteracy

Massive campaign of Part time Job Scam executed over SMS — Detect and Intimate customer

5. Drastic Geographic Location / Fraud IP detection

Repository: Fraud IP address, Locations etc. Service can be taken from IP Info or similar providers for VPN, Proxy detection

6. Push Notification/ Banner based real-time fraud advisory

Code Needed: Push Notification & Trend Research Team
Problem Solved : Customer Awareness Issue

7. Active call state detection

Code Needed : App operation detection during an active call (may result in false positive)
Problem Solved : OTP based call theft, social engineering frauds

8. Customer profiling based awareness campaign

Code Needed : Installed App List (Profiles cyber literacy of customer), Contact List (Demographic Profiling), Timings etc.
Backend Data : Customer Age, Education, Income etc.

Once a customer profile is established, a targeted awareness campaign, especialy to home maker women, senior citizens, students, labourers who are often seem to be less cyber literate may be executed.

Closing Thoughts:

A consortium/collection of such Indicators of Frauds (IOFs) may be developed and consumed for better information sharing amongst app providers. Technology is always used to grow business; some investment in safeguarding customers will yeild good faith and long term trust in platform

*****************