Detecting Fraud Using Geographical Markers

Challenge: Acme Insurance wants to detect scenarios where the policy applicant and the payer are from significantly different parts of India, as estimated by IP geolocation, which could indicate potential fraud.


Real-time IP Geolocation: Implement real-time IP geolocation checks during the policy application process to determine the geographic location of the applicant and the payer.

Geographic Distance Analysis: Develop a system to calculate the geographic distance between the detected locations of the applicant and the payer. If the distance exceeds a certain threshold, the application can be flagged for further review.

Simulated dataset that models insurance purchases

Business flow

Acme Insurance collects certain metadata for each insurance request submitted from its consumer-facing portal.

The company defines customerApplicationId to be a discrete application number which is globally unique in its IT systems.

Pre-enrichment metadata

Each event associated with a given customerApplicationId is associated with the following metadata attributes.

  • applicationSubmitted - consumer submits personal information required for Acme Insurance to underwrite an insurance policy.
  • paymentMade - consumer themselves or a related person submits a payment towards the said insurance application.

Post-enrichment metadata after Fastah enrichment

Enriched columns are added with Fastah API.

New inputs for Acme's anti-fraud model

Exploring an application by city or region

Click on each application ID to explore location-enriched data. The 📝 emoji shows the form filling locations, and the 💰 emoji shows the payment locations.

Distance between form filling and payment

Click on each application ID to view the distance analysis between the application and the payment. The ✅ emoji is shown when the distance is within 1000 km.

Identifying Application Clusters

Challenge: There's a need to identify clusters of applications coming from the same geographical area within a short time window, which might indicate a fraudulent ring operation.


Geospatial Analysis: Use the Fastah API to capture and analyze the geolocation data of policy applications in real-time. Implement geospatial analysis techniques to identify clusters of applications from specific areas.

Temporal Analysis: Combine the geospatial analysis with a temporal component, flagging when multiple applications are received from a similar location within a predefined short time frame.

Anomaly Detection: Employ machine learning algorithms to learn from historical application patterns and detect anomalies. This can help in identifying potentially fraudulent activity that deviates from the norm.

Implementation Considerations

Privacy and Compliance: Ensure that the use of IP geolocation data complies with local privacy laws and regulations. Anonymize and secure data where necessary.

Threshold Settings: Carefully set and periodically review thresholds for distance and application clusters to optimize the balance between false positives and missed fraud detection.

User Experience: Design the fraud detection process to minimize impact on genuine applicants. Implement additional verification steps for flagged applications rather than outright rejection.