Safeguarding Payments

Safeguarding Payments: Fraud Detection, AI/ML and Data Insights

Leveraging AI/ML and data analytics to build an intelligent fraud detection system that safeguards payments and provides financial institutions with actionable insights to stop fraudulent transactions.

Architecture Diagram

Getting Started

This solution is designed to be flexible and robust with modular code stored across the following directories:

1. iac/ - Infrastructure as Code
   • iac/cicd/ - CI/CD Pipeline Module
   • iac/core/ - Core Infrastructure Module
   • iac/quicksight/ - QuickSight Infrastructure Module
2. app/ - Application Code
   • app/anomaly-detector/ - Anomaly Detector Microservice (Python-based Module)
   • app/data-collector/ - Data Collector Microservice (Java-based Module)
   • app/minio/ - MinIO S3 API-Compatible Storage (Local to the Kubernetes Cluster)
   • app/postgres/ - PostgreSQL Database (Local to the Kubernetes Cluster)

Pre-requisites

• an AWS account
• already installed AWS CLI, JQ, Kubectl, Terraform, and Terragrunt
• AWS access keys used by AWS CLI
• allowed AWS CLI permissions to create AWS Identity and Access Management (IAM) roles and AWS CodeBuild project (e.g., IAMFullAccess and AWSCodeBuildAdminAccess)
• an Amazon Simple Storage Service (S3) bucket used by Terraform remote state (e.g. spf-backend-us-east-1)

Deploy CI/CD Module

Starting at the ROOT level of this repository, run the following command:

/bin/bash ./bin/deploy.sh -d iac/cicd -r us-east-1 -s spf-backend-us-east-1

REMINDER: Make sure to replace us-east-1 with your target AWS region and spf-backend-us-east-1 with your S3 bucket.

Once the build execution is successful, you should be able to login to AWS Management Console, navigate to AWS CodeBuild service and see the newly created project named something like spf-cicd-pipeline-abcd1234.

The suffix abcd1234 in your AWS CodeBuild project name is the solution deployment ID. This value can be used to test this solution, once deployed successfully.

Deploy Core Module

Using CI/CD pipeline created in the previous step, run the following commands:

aws codebuild list-projects --region us-east-1 \
    --query 'projects[?contains(@, `spf-cicd-pipeline`) == `true`]'

REMINDER: Make sure to replace us-east-1 with your target AWS region.

The output from the previous command should be used as the project-name input in the next command (just replace spf-cicd-pipeline-abcd1234 with new value):

aws codebuild start-build --region us-east-1 \
    --project-name spf-cicd-pipeline-abcd1234

REMINDER: Make sure to replace us-east-1 with your target AWS region and spf-cicd-pipeline-abcd1234 with the value from the previous command.

Deploy Any Module

To pick which module to deploy (e.g. app/postgres), simply pass the directory relative path value to SPF_DIR environment variable as shown below:

aws codebuild start-build --region us-east-1 \
    --project-name spf-cicd-pipeline-abcd1234 \
    --environment-variables-override "name=SPF_DIR,value=app/postgres"

The CI/CD pipeline can be used to deploy any module (including itself, although not recommended). The order of operations for entire solution deployment is:

1. CI/CD module (already done): "name=SPF_DIR,value=iac/cicd"
2. Core module: "name=SPF_DIR,value=iac/core"
3. PostgreSQL module: "name=SPF_DIR,value=app/postgres"
4. MinIO module (optional): "name=SPF_DIR,value=app/minio"
5. Anomaly Detector module: "name=SPF_DIR,value=app/anomaly-detector"
6. Data Collector module: "name=SPF_DIR,value=app/data-collector"
7. QuickSight module: "name=SPF_DIR,value=iac/quicksight"

NOTE: Explore the list of CI/CD pipeline supported environment variables here

Cleaning Up

If you decide to clean up your AWS environment and remove all AWS resources deployed by this solution, this can be easily achieved by running the following two commands:

/bin/bash ./bin/deploy.sh -c true -d iac/core -r us-east-1 -s spf-backend-us-east-1

/bin/bash ./bin/deploy.sh -c true -d iac/cicd -r us-east-1 -s spf-backend-us-east-1

REMINDER: Make sure to replace us-east-1 with your target AWS region and spf-backend-us-east-1 with your S3 bucket.

Authors

The following people have contributed to the project:

• Amit Khanal - @amitkhanal
• Eduardo Campos - @ecamposv
• Eugene Istrati - @eistrati
• Roy Yung - @yungroy1

Contributing

See the CONTRIBUTING for more information.

License

This library is licensed under the MIT-0 License. See the LICENSE for more information.

Roadmap

See the open issues for a list of proposed features (and known issues).

Security

See the Security Issue Notifications for more information.

Support

Contributions, issues, and feature requests are welcome. Leave us a ⭐️ if you like this project.