A modular, real-time FinTech Fraud Detection Service built using Kafka Streams, Rule Engine, Synthetic Data Generator and Event-driven Microservices.
The Fraud Detection Stream Processor is a modular, event-driven FinTech system designed to efficiently analyze high-volume transactional data in real time.
It provides a scalable and extensible foundation for building fraud-analysis pipelines commonly used in modern payment processing platforms.
This system is capable of:
- Ingesting and processing high-throughput synthetic transactions (500+ TPS benchmark)
- Evaluating incoming events through a real-time fraud assessment workflow
- Applying a pluggable Fraud Rule Engine with configurable rule sets
- Computing fraud scores and enriching transactions with additional metadata
- Emitting processed events and generating alerts via a dedicated Alert Service
- Scaling horizontally through Kafka consumer groups for distributed processing
Built with a focus on clarity, maintainability, and production alignment, the project demonstrates how real-time fraud detection systems are architected in large-scale financial environments.
This repository is a clean, intentionally refactored migration of an older codebase that has since been deprecated and deleted.
The migration was intentional and performed to achieve:
- Improved overall architecture and code readability
- Removal of outdated or experimental components
- Consistent naming conventions and modern best practices
- A cleaner and more maintainable project structure
- A stronger foundation for future enhancements and scalability
While the project’s core purpose remains the same, the entire codebase has been modernized and reorganized intentionally to ensure better clarity, higher code quality, and long-term maintainability.
┌─────────────────────────┐
│ Synthetic Generator │
----------
│ HTTP controlled │
│ Generates → tx stream │
└───────────────┬─────────┘
|
│ Kafka Topic: transactions.in
|
▼
┌─────────────────────────┐
│ Fraud Stream Processor │
----------
│ - Kafka Consumer │
│ - Calls Rule Engine │ ──────────────────────────────────┐
│ - Scores + Enriches │ │
│ - Publishes alerts │ │
└───────────────┬─────────┘ │
| │
│ Kafka Topic: transactions.out │
| │
▼ │
┌─────────────────────────┐ │
│ Alert Service │ ⇵
---------- │
│ - Consumes fraud tx │ │
│ - Endpoint notifications│ │
└─────────────────────────┘ │
│
┌─────────────────────────┐ │
│ Fraud Rule Engine │ │
---------- │
│ - Scoring model │ ──────────────────────────────────┘
│ - Pluggable rules │
└─────────────────────────┘
A common lib of Shared DTOs:
TransactionGeoLocationFraudLabel
A highly configurable synthetic event generator:
| Method | Endpoint | Description |
|---|---|---|
| POST | /api/generator/start |
Start generating transactions |
| POST | /api/generator/stop |
Stop generator |
| POST | /api/generator/setRate?eps=1000 |
Dynamically change TPS |
| GET | /api/generator/status |
Current EPS |
- Randomized realistic fields
- Probabilistic fraud injection
- High-volume Kafka publishing (
transactions.in)
A standalone scoring engine with configurable rule weights:
- Device Change Rule
- Geo-Velocity Rule
- Rapid-fire Transaction Rule
- MCC Risk Score Rule
- Amount Spike Rule
- Night-out Spending Rule
fraud.engine.threshold: 50.0
fraud.engine.aggregate-mode: sum
fraud.engine.rules.DeviceChangeSuspiciousRule.weight: 1.5
Exposes:
POST /api/engine/score
POST /api/engine/evaluate Real-time processing microservice:
✔ Consumes from transactions.in
✔ Calls Rule Engine (HTTP)
✔ Produces enriched results → transactions.out
✔ Adds fraud label with reason
✔ Logging & error-safe processing
Consumes only fraudulent transactions:
Listens to transactions.out
Filters → label.isFraud == true
Future upgrades:
- Email/SMS
- Dashboard
- Slack/Teams alerts
- Persistence
| Layer | Tech |
|---|---|
| Language | Java 21 |
| Framework | Spring Boot 3.5.8 |
| Messaging | Kafka |
| caching | Caffeine |
| CI | GitHub Actions |
- Start Kafka (docker-compose)
docker-compose up -d zookeeper kafka
- Build all modules
mvn clean package -DskipTests
- Run Services (fat jars)
java -jar synthetic-generator/target/synthetic-generator-0.1.0-SNAPSHOT.jar
java -jar fraud-rule-engine/target/fraud-rule-engine-0.1.0-SNAPSHOT.jar
java -jar fraud-stream-processor/target/fraud-stream-processor-0.1.0-SNAPSHOT.jar
java -jar alert-service/target/alert-service-0.1.0-SNAPSHOT.jar
| Topic | Purpose |
|---|---|
| transactions.in | Raw synthetic transactions |
| transactions.out | Enriched + scored transactions (fraud flag included) |
-
Synthetic Generator → Kafka (
transactions.in) -
Stream Processor consumes & transforms
-
Rule Engine scores the transaction
-
Stream Processor emits enriched transaction
-
Alert Service consumes → triggers downstream actions
{
"transactionId": "81751271-5e32-44c6-a8b8-2f7d3787253f",
"amount": 68.46,
"currency": "INR",
"label": {
"isFraud": false,
"reason": "score=5.00 threshold=50.00"
}
}This system was designed, engineered and implemented by Vishwas Karode (@vishwasio).
Issues & PRs are welcome. [git clone -> branch -> PR]
git clone https://github.com/vishwasio/fraud-detection-stream-processor.git
Thank you for taking the time to review this project.
If you'd like to follow its progress or support future updates, please consider ⭐ starring, 👀 watching, or 🍴 forking the repository.
More enhancements, refinements, and production-grade improvements are on the way.
Happy Coding! 😊