Agentic Fraud Engine
Intelligent Fraud Detection where AI Agents get Smarter with Kafka Streaming Context
This is an Agentic Fraud Detection Engine that combines multi-agent AI with Kafka Streams real-time intelligence. The system uses 5 specialized AI agents working in parallel to detect fraud patterns enhanced by streaming context ( velocity, customer profiles, location data).
Key Innovation: Kafka streams enrich AI agents with real-time context before analysis, making decisions smarter than traditional isolated transaction analysis. Fraud detection system combining:
- Multi-Agent AI - 5 specialized fraud detection agents collaboration
- Streaming Intelligence - Real-time Kafka context enhances AI
- Intelligent Routing - Dynamic decision flows based on confidence
- Learning Loops - Continuous improvement from analyst feedback
Watch 5 AI agents detect a high-velocity attack in real-time with Kafka streaming context.
Shows: Kafka streams processing → AI agents analyzing → Fraud detection (90% confidence)
Watch the full video on YouTube here
Table of Contents (Click to Expand)
- See It In Action
- Watch the full video on YouTube here
- Option 1: Github Codespaces for Quick Demo
- Read the Full Story
- The Problem
- The Solution: Streaming-Intelligent AI
- Real Detection Examples
- Intelligent Routing Summary
- Kafka UI screenshot example
- Important Configuration
- Agent Prompt Engineering
- Development Patterns
- Option 2: Try it yourself for local development
- Kafka Topics
- Tech Stack
- Future Enhancements
- Learn More
- License
- Connect
Try it now: Click the button above for a one-click cloud demo (no installation required!)
Never used Codespaces before? Here's what happens:
- Click "Open in Codespaces" → Cloud environment starts (90 seconds)
- Kafka + Spring Boot infrastructure starts automatically
- Wait ~2 minutes for setup (Ollama + Llama 3.1 download)
- Run:
mvn spring-boot:run(automatically uses local LLM) - Run TestaDataGenerator: See AI detect fraud in real-time!
Detailed instructions: See CODESPACES.md
Traditional fraud detection systems are blind:
- AI models analyze transactions in isolation
- No real-time context about customer behavior
- Can't detect velocity-based attacks (rapid-fire transactions)
- High false positive rates
Example: A $2,500 transaction looks normal in isolation. But with the following streaming context:
-
Customer average: $50
-
15 transactions in the last 5 minutes
-
→ Result: Card testing attack detected!
This system combines Kafka Streams real-time context with Multi-Agent AI to make fraud detection smarter.
Streaming-Intelligent AI: Kafka streams enrich AI agents with:
- 5-minute velocity windows → Detect rapid-fire attacks
- Customer profile context → Spot unusual amounts instantly
- Real-time collaboration → Agents debate suspicious patterns
Three-Layer Processing Pipeline:
Every transaction gets enriched with real-time context before AI analysis:
// Traditional approach: Transaction alone
Transaction txn = {amount: $2500, merchant: "Online Store"}
// This approach: Streaming-enriched transaction
EnrichedTransaction = {
transaction: {amount:$2500,merchant:"Online Store"},
customerProfile: {averageAmount:$50,riskLevel:"HIGH"},
velocity: 15 transactions in last 5 minutes → Kafka Streams intelligence
}Velocity Calculation: Kafka Streams tumbling windows (5-minute)
High velocity threshold: 3+ transactions in 5 minutes (triggers collaboration in AgentCoordinator.java)
.windowedBy(TimeWindows.ofSizeWithNoGrace(Duration.ofMinutes(5)))
.count()3-Way Join: Transaction + Customer Profile + Velocity Context
State Store: KTable maintains current velocity per customer
- Phase 1: Parallel streaming-enhanced analysis by all 5 agents
- Phase 2: Agent collaboration when high disagreement or high velocity detected
- Phase 3: Final decision synthesis with streaming intelligence bonus
The 5 specialized AI agents analyze in parallel using CompletableFuture:
| Agent | Specialization | Weight | Example Insight |
|---|---|---|---|
| Behavior Analyst | Customer patterns | 1.2x | Unusual amount: 50x average |
| Pattern Detector | Known fraud patterns | 1.3x | Rapid-fire = card testing |
| Risk Assessor | Financial risk | 1.1x | High-risk merchant category |
| Geographic Analyst | Location risks | 1.0x | Location jump: 500 miles/1h |
| Temporal Analyst | Timing patterns | 1.0x | Sub-second intervals = bot |
Each agent receives streaming context in their prompt:
"STREAMING INTELLIGENCE: 15 transactions in 5 minutes (HIGH VELOCITY)
Customer baseline: $50 average, HIGH risk level
Transaction: $2500 at online merchant
Analyze with this velocity context..."
Kafka Streams .split() + .branch() dynamically routes by confidence:
// Route 1: High-confidence fraud → Immediate alert
isFraudulent && confidence > 0.8 → fraud-alerts
// Route 2: Uncertain → Human analyst
isFraudulent || requiresReview → human-review
// Route 3: Legitimate → Auto-approve
!isFraudulent → approved-transactionsAnalyst feedback updates agent knowledge bases:
public void updateKnowledge(String transactionId, boolean actualFraud, String feedback) {
knowledgeBase.put("learning_" + transactionId, learningData);
// Future: Retrain models with feedback
}Transaction- Base transaction recordCustomerProfile- Baseline customer behavior (average amount, risk level, categories)StreamingContext- Real-time enrichment (velocity count, customer profile)EnrichedTransaction- Transaction + CustomerProfile + velocity countAgentInsight- Individual agent analysis resultFraudDecision- Final decision with all agent insights
- Fraud threshold:
finalRiskScore >= 0.6 - High confidence routing:
confidence > 0.8 - Agent collaboration triggered: risk score variance > 0.4
The system routes transactions based on AI confidence and fraud determination, demonstrating intelligent decision-making across the entire risk spectrum:
IMMEDIATE AUTO-BLOCK Routed to fraud-alerts topic
{
"customerId": "CUST-001",
"averageTransactionAmount": 253,
"dailySpendingLimit": 4064,
"transactionCategories": [
"GROCERY",
"RETAIL"
],
"primaryLocation": "Los Angeles",
"riskLevel": "LOW"
}{
"transactionId": "TXN-RAPID-43a7220a",
"customerId": "CUST-001",
"amount": 54,
"currency": "USD",
"merchantId": "MERCHANT-SUSPICIOUS-5",
"merchantCategory": "ONLINE",
"location": "Unknown Location",
"timestamp": "2025-10-12T17:48:44",
"metadata": {
"rapidFire": true,
"channel": "ONLINE",
"deviceId": "BOT-DEVICE-3",
"sequence": 13
}
}Phase 1: Individual Streaming-Enhanced Analysis
| Agent | Risk Score | Key Finding |
|---|---|---|
| BehaviorAnalyst | 85% | High velocity (9 txns/5min) highly unusual for LOW-risk customer. Small amounts may be detection avoidance tactic. |
| PatternDetector | 85% | Matches card testing attack pattern: rapid transactions + small amounts + suspicious merchant. |
| RiskAssessor | 64% | Velocity multiplier (1.5x) + suspicious merchant category increases risk despite low amount. |
| GeographicAnalyst | 85% | Geographic impossibility: 9 transactions from different locations in 5 min = physically impossible travel. Unknown location suggests VPN/proxy. |
| TemporalAnalyst | 70% | High transaction volume in short timeframe indicates automated script activity. |
Phase 2: Collaborative Insights
After agents debated findings:
- Pattern + Temporal collaboration: High velocity + suspicious merchant = automated attack pattern
- Behavior + Risk collaboration: Low-risk customer + unusual velocity = compromised account
- Streaming Consensus: All factors combined indicate coordinated automated attack
{
"type": "AI_FRAUD_ALERT",
"transactionId": "TXN-RAPID-43a7220a",
"confidence": 100,
"priority": "HIGH",
"finalRiskScore": "99.4%",
"decision": "FRAUD DETECTED",
"reason": "AI agents with streaming intelligence detected fraud",
"intelligenceSources": [
"Real-time velocity (9 txns/5min)",
"Customer baseline deviation",
"Geographic impossibility",
"Attack pattern matching"
]
}Clear Attack Indicators:
- Velocity Intelligence: 9 rapid transactions = 3x velocity threshold
- Geographic Impossibility: Multiple locations in minutes (physically impossible)
- Pattern Match: Small amounts + high velocity = classic card testing
- Agent Consensus: All 5 agents agreed (85%+ risk scores)
Confidence: 99.4% (well above 80% threshold)
Streaming Context Enhanced Decision:
- Traditional AI: Would see isolated $54 transaction (might approve)
- The agentic fraud engine: Kafka streams provided velocity plus baseline context → detected attack
Result: Immediate block, no human review needed
HIGH VELOCITY ALERT: 9 transactions in 5 minutes
Customer Baseline: $253 average, LOW risk tier
Merchant: Suspicious category (ONLINE)
Location: Unknown (potential VPN/proxy)
Amount: $54 (below average - card testing indicator)
View Full Agent Explanations for the above customer profile and transaction (Click to expand)
1. BehaviorAnalyst (85% risk):
The high velocity alert of 9 transactions in the last 5 minutes significantly increases the behavioral risk. This
pattern is highly unusual for normal customer behavior, indicating a potential anomaly. The transaction amount of $54
USD is lower than the customer's average spending of $253.00, which might initially suggest a lower risk. However,
considering the velocity pattern, this could be a tactic to avoid detection by making smaller transactions. The
frequency and timing
of the transactions are also suspicious, as they are concentrated within a short period (5 minutes). This pattern is not
consistent with the customer's typical behavior, which involves grocery and retail purchases. The primary location of
the customer is Los Angeles, but the unknown location of the current transaction suggests that the customer may be
attempting to mask their true location. Considering these factors,
the overall risk score is 0.85, indicating a high risk of potential fraud.
2. PatternDetector (85% risk):
The detected attack pattern of 9 rapid transactions matches known attack vectors for Card
Testing, Credential Stuffing, Account Takeover, and Bot Attack. The transaction pattern shows a small amount $54 USD,
which is significantly lower than the customer's typical amount $253.00. This indicates a potential card testing
activity. The merchant is also suspicious, and the location is unknown, which raises red flags for potential bot
activity. The velocity of the transactions is also rapid, suggesting an automated fraud script. The customer's typical
categories are GROCERY and RETAIL, but the current transaction does not match these categories, further indicating
potential bot activity.
3. TemporalAnalyst (70% Risk):
Based on the given transaction timing, the velocity of 9 transactions in a
5-minute window is suspicious. The regular intervals could indicate automated script activity, but the high volume of
transactions in
a short time frame suggests a more complex pattern. Analyzing the transaction intervals, we see that the transactions
are occurring at regular 5-second intervals (TXN-RAPID-c245ce58, TXN-RAPID-1234567, TXN-RAPID-89abcdef, etc.). This
pattern is consistent with a card testing attack, where an attacker attempts to test multiple card numbers in a short
period to
identify valid ones. This type of attack is often used to test stolen credit card numbers or to identify valid card
numbers for future use. The timing is
inconsistent with normal human behavior, as a human would not be able to process transactions at such a rapid pace. The
risk level of the customer is LOW, but the transaction timing and velocity
suggest a higher risk. However, there are a few factors to consider before making a conclusive judgment. The transaction
amount is relatively low ($54 USD), which might
indicate a test or reconnaissance phase rather than a full-scale attack. The unknown location of the customer further
raises suspicions. Nevertheless, the lack of additional context, such as IP addresses or device information, makes it
challenging to confirm the automated nature of the attack. The customer's risk level is LOW, but the transaction
velocity is high, which warrants further investigation.
4. GeographicAnalyst (85% risk):
- LOCATION CONSISTENCY: The customer's primary location is Los Angeles, but the current transaction location is Unknown. This inconsistency raises a red flag, indicating a potential risk.
- GEOGRAPHIC IMPOSSIBILITY: Given the 9 transactions in 5 minutes from potentially different locations, it's highly unlikely that the customer could physically travel between these locations in such a short time. This suggests a high risk of account takeover or card cloning.
- REGIONAL RISK: There is no information provided about the location being a known fraud hotspot.
- LOCATION SPOOFING: The location is marked as Unknown, which could be a sign of VPN/proxy usage or location masking. This increases the risk of VPN fraud.
- CROSS-BORDER RISK: There is no sign of an international transaction, so this risk factor is not applicable. Considering the geographic risk factors, the combination of location jump, high velocity, and unknown location with an unusual merchant suggests a high risk of account takeover (HIGH RISK)
5. RiskAssessor (Risk: 64.0%):
- FINANCIAL IMPACT:
The transaction amount($54.00)is0.0212xthe average transaction($253.00). This is within the normal range(0.2x), indicating a low financial impact. However, considering the daily spending limit of$4064.00, the transaction amount is still within the normal range. Therefore, the financial impact is relatively low. - PROBABILITY: Given the high velocity (9 transactions in 5 minutes) and the customer's profile, the fraud likelihood is increased. The velocity risk multiplier is 1.5x, indicating a higher risk.
- RISK TIER: Based on the financial impact and probability, I would classify the risk as MEDIUM.
- MERCHANT RISK: Additionally, the merchant risk is HIGH because it is labeled as suspicious.
- CUSTOMER RISK: The customer's baseline is within the normal range, but the unusual category and high velocity indicate an increased risk. However, the customer's risk tier is LOW, which suggests a relatively medium to high risk overall.
StreamingConsensus:
The streaming context enhances the decision by providing real-time insights into the customer's behavior, merchant risk,
and geographic location. The high velocity of 9 transactions in 5 minutes, combined with the customer's low average
transaction amount and the merchant's suspicious label, indicates a high risk of fraudulent activity. The geographic
analyst's findings of location inconsistency, geographic impossibility, and location spoofing further support the
likelihood of account takeover. The temporal analyst's analysis of regular transaction intervals and the card testing
attack pattern also contribute to the high risk score. The overall fraud risk with streaming intelligence is HIGH, with
a risk score of 0.92. This is due to the combination of behavioral, geographic, and temporal risk factors that indicate
a potential attack. Key factors from both AI analysis and streaming data include: High velocity of 9
transactions in 5 minutes, customer's low average transaction amount ($54 USD) compared to their baseline ($253.00) -
Merchant's suspicious label, location inconsistency and geographic impossibility, regular
transaction intervals and card testing attack pattern, unknown location and potential VPN/proxy usage or location
masking.
STREAMING-INTELLIGENT DECISION:
- Final Risk Score: 99.9%
- Decision: FRAUD DETECTED
- Intelligence Sources: Real-time velocity, customer profiles, temporal patterns.
There are even collaborative insights after agents collaborate on the same transaction. All these insights (individual, collaborative, and final consensus) in detail can be found in the kafka topics.
ANALYST REVIEW REQUIRED → Routed to human-review topic
Transaction ID: TXN-RAPID-486c58ac
Customer: CUST-001 (HIGH risk, $392 avg)
Amount: $30 USD
Merchant: MERCHANT-SUSPICIOUS-4 (ONLINE)
Location: Unknown (not matching New York baseline)
Timestamp: 2025-10-12T17:22:34
- Customer Risk: HIGH (expects anomalies)
- Customer Baseline: $392 average
- Amount Deviation: $30 (92% below average!)
- Merchant: Suspicious + unusual category (ONLINE vs RETAIL/RESTAURANT)
- Location: Unknown (not matching New York)
Why This Is Uncertain (Agent Disagreement):
| Agent | Risk Score | Assessment |
|---|---|---|
| TemporalAnalyst | 85% | Timing suspicious (Sunday online shopping from unusual location) |
| GeographicAnalyst | 85% | Location mismatch + potential VPN usage |
| BehaviorAnalyst | 65% | Amount deviation + merchant category mismatch |
| PatternDetector | 65% | Could be card testing, but not clear pattern |
| RiskAssessor | 42% | LOW financial impact, customer already HIGH risk |
| BehaviorAnalyst (collab) | 20% | Customer may legitimately have unusual patterns |
Wide Range: 20% to 85% = Low Confidence in Decision
{
"type": "AI_REVIEW_CASE",
"transactionId": "TXN-RAPID-486c58ac",
"confidence": 80,
"status": "PENDING_HUMAN_REVIEW",
"finalRiskScore": "70.5%",
"decision": "FRAUD DETECTED (uncertain)",
"reason": "Multiple red flags but uncertain due to customer risk profile"
}Uncertainty Factors:
- HIGH-risk customer: System expects unusual behavior from this customer
- Agent disagreement: Risk scores range from 20% to 85% (no consensus)
- Edge case confidence: Exactly 80% = boundary condition
- Multiple interpretations: Could be fraud OR legitimate unusual purchase
- Small amount: $30 is low financial impact
Responsible AI Decision:
- System recognizes its uncertainty
- Better to have human verify than auto-block legitimate transaction
- Shows intelligent restraint - doesn't over-automate
Result: Flagged for analyst investigation
View Agent Reasoning Highlights (Click to expand)
GeographicAnalyst (85%): Location doesn't match baseline (New York). Unknown location suggests VPN/proxy usage - strong location spoofing indicator.
BehaviorAnalyst (65%): Amount ($30) deviates 92% from average ($392). Merchant
category ONLINE doesn't match typical RETAIL/RESTAURANT. But customer is HIGH-risk,
so unusual patterns expected.
RiskAssessor (42%): Low financial impact ($30). HIGH-risk customer complicates assessment - baseline already expects anomalies.
Collaboration (20%): Customer's HIGH risk level means they legitimately have unusual spending patterns. Current amount still relatively low.
AUTO-APPROVED Routed to approved-transactions topic
Transaction ID: TXN-001
Customer: CUST-001 (LOW risk, $178 avg)
Amount: $48 USD
Merchant: Grocery Store (GROCERY)
Location: Houston (matches primary location)
Timestamp: 2025-10-12T14:30:00
Normal velocity (1 transaction)
Amount within range ($48 vs $178 avg)
Typical category (GROCERY matches baseline)
Expected location (Houston)
LOW risk customer
All agents agreed: Legitimate transaction (LOW risk)
{
"type": "AI_APPROVAL",
"transactionId": "TXN-001",
"confidence": 91,
"status": "APPROVED_BY_AI",
"reason": "Transaction matches customer baseline - all indicators normal"
}All Green Signals:
- Normal spending amount (
$48close to $178 avg) - Typical merchant category (GROCERY)
- Expected location (Houston)
- Single transaction (no velocity alert)
- LOW-risk customer with consistent behavior
High confidence legitimate = No human review needed
| Confidence | Example | Routing | Why |
|---|---|---|---|
| 99.4% | 9 rapid txns, velocity alert | fraud-alerts |
Clear attack pattern, auto-block |
| 80% | Unusual amount, HIGH-risk customer | human-review |
Uncertain edge case, needs analyst |
| 91% | Normal grocery purchase | approved-transactions |
Legitimate transaction, auto-approve |
This demonstrates responsible AI:
- High confidence (>80%): Automate decisions (efficient)
- Medium confidence (30-80%): Human oversight (safe)
- Clear disagreement: System recognizes uncertainty and asks for help
The streaming intelligence (velocity, customer baseline, location context) is what enables these nuanced decisions.
Here is an example of the Kafka UI showing the three topics: fraud-alerts, human-review, and approved-transactions.
As it can be seen, the AI explains the reasoning in detail behind the decisions. This is a great way to quickly
understand the context of the transaction.
This can be especially helpful when you are trying to understand why a transaction was blocked.
We can also see the streaming context used to make the decision. By adjusting the parameters like max-tokens, context
window, etc, we can get more indepth explanations by using more context. However, it will take longer to process and
generate the explanation, also it gets expensive as the cost increases on the token usage of the
API (https://api.groq.com/openai). We can
actually use llama locally installed on our machine (http://localhost:11434) instead of an LLM on a cloud server. This
will make the explanation
process much faster, and it is also free.
The system supports two modes (configured in application.yml or application-codespaces.yml):
-
Groq API (default): Fast cloud inference
- Requires
spring.ai.openai.api-keyenvironment variable - Uses
llama-3.1-8b-instantmodel - Base URL:
https://api.groq.com/openai
- Requires
-
Local Ollama (Codespaces): Free local LLM
- Activated with
SPRING_PROFILES_ACTIVE=codespaces - Uses
http://localhost:11434 - Model:
llama3.1:8b
- Activated with
- Application ID:
intelligent-fraud-detection - Bootstrap servers:
localhost:9092 - Processing guarantee:
EXACTLY_ONCE_V2 - Stream threads: 4
- Velocity window: 5 minutes (no grace period)
Each agent has two prompt types:
- Individual analysis (
buildStreamingAnalysisPrompt): Includes streaming context at the top - Collaboration (
buildCollaborationPrompt): Responds to other agents' questions
Always include:
- Risk score format:
RISK_SCORE: [0.0-1.0] - Reasoning format:
REASONING: [explanation] - Recommendation format:
RECOMMENDATION: [action]
Prompts are parsed by AgenticFraudUtils utility methods.
- Create class extending
AbstractFraudAgentinagents/package - Implement:
buildAnalysisPrompt()- Base analysis promptbuildStreamingAnalysisPrompt()- Streaming-enhanced promptinitializeKnowledge()- Agent-specific knowledge basegetSpecialization()andgetAgentId()
- Register in
AgentCoordinatorconstructor - Add agent weight in
getAgentWeight()method - Update agent count in parallel execution (currently 5)
To add new streaming intelligence:
- Update
StreamingContextmodel with new fields - Modify
FraudStreams.javato calculate new context (e.g., new KTable join) - Update
EnrichedTransaction.toStreamingContext()method - Update agent prompts in
buildStreamingAnalysisPrompt()to use new context
Intelligent routing is in FraudStreams.java around line 170:
.split()
.branch((key, decision) -> decision.isFraudulent() && decision.confidenceScore() > 0.8, ...)
.branch((key, decision) -> decision.isFraudulent() || decision.requireManuelReview(), ...)
.defaultBranch(...)Adjust confidence thresholds or conditions as needed.
git clone https://github.com/siddharthaDevineni/agentic-fraud-enginecd agentic-fraud-engine
docker-compose up -d
docker-compose up -d
./setup-topics.sh
spring.ai.openai.api-key: your-groq-api-key or install llama locally (no api key needed)
mvn spring-boot:run
run TestDataGenerator.java
TestDataGenerator.java provides 5 scenarios:
- Normal transactions - Tests legitimate flow →
approved-transactions - High velocity attack (RECOMMENDED) - 15 rapid transactions →
fraud-alerts(90%+ confidence) - Unusual amount fraud - 5x customer average →
human-review(70-80% confidence) - Mixed scenario - Combination of all patterns
- Continuous stream - Ongoing simulation (80% normal, 10% velocity, 10% unusual)
Input:
transactions- Raw transaction eventscustomerProfiles- Customer baseline data (KTable)
Output (intelligent routing):
fraud-alerts- High confidence fraud (auto-block)human-review- Uncertain cases (manual review)approved-transactions- Legitimate transactions
Feedback:
analyst-feedback- Human feedback for learning loop
- Java 21
- Spring Boot 3.4
- Kafka Streams - Real-time processing
- Spring AI - LLM integration
- Groq/Llama 3.1 - Fast inference
- Docker Compose - Local infrastructure
- Add Grafana dashboard for real-time metrics
- Implement model retraining from feedback
- Add VPN/Proxy detection agent
- Deploy to Kubernetes with Strimzi
- A/B testing framework for agent improvements
Technical articles explaining the architecture:
- How Kafka Streams Make AI Agents Smarter (Dev.to) - Technical deep dive into stream enrichment for AI
- I Built an AI Fraud Detection System (Medium) - Complete story and architectural decisions
MIT License - see LICENSE file for details.
Copyright (c) 2025 Siddhartha Devineni
Built with ❤️ for the Kafka + AI community
Feel free to use this project for learning! If it helps you, give it a ⭐