Graph Neural Networks for Fraud Detection in Mobile Money

Most fraud detection looks at transactions one at a time: is this single transfer risky? But the most damaging fraud in mobile money is coordinated - rings of accounts that look ordinary in isolation and only reveal themselves in how they connect. To catch them, you have to look at the graph.

Modelling money as a graph

We represent the ecosystem as a Party Graph in Neo4j: nodes are accounts, devices, and identities; edges are transfers, shared devices, and shared attributes. Fraud rings show up as dense, unusual structures - many accounts funneling into one, or clusters that suddenly activate together.

Why GraphSAGE

GraphSAGE learns to generate embeddings for nodes based on their neighbourhood, which means it can score accounts it has never seen before by how they connect to the rest of the graph. That inductive capability is essential in a network where new accounts appear constantly.

• Inductive scoring - reason about brand-new accounts from their connections
• Collusion detection - surface coordinated rings, not just lone bad actors
• Temporal decay - let stale fraud signals lose weight over time
• Sub-2ms reads - serve risk scores fast enough for inline transfer checks

From model to decision

OminiShield exposes the output as a simple per-recipient risk score, cached in Redis for sub-2ms reads so SecureFlow can consult it on every transfer without adding meaningful latency. The hard graph work happens offline; the decision happens in milliseconds.

Fraudsters coordinate. Defenders have to coordinate too - and a shared graph is how you do it across operators.