As mobile financial fraud grows increasingly sophisticated, a new intelligent system tracking how users type and swipe offers a powerful shield for honest customers.

Imagine a university student in Dhaka preparing to pay her final semester tuition fees, or a small business owner in a busy market counting their monthly earnings. Suddenly, they receive an urgent phone call from someone claiming to be a customer support executive from their trusted mobile banking provider. The caller sounds incredibly professional, warning them that their accounts will be permanently blocked due to a sudden system upgrade unless they verify their details immediately. Panicked and rushed, they follow the instructions without a second thought. Within minutes of a seemingly harmless interaction, the student's entire tuition and the business owner's hard-earned profits are completely drained. These scenarios are no longer isolated nightmares, but a reality for many across the country. Fraudsters have evolved far beyond simple trickery, deploying advanced social engineering tactics that bypass standard security measures and leave regular citizens financially devastated before they even realise what went wrong.

The mobile banking landscape in Bangladesh has experienced phenomenal growth over the last decade. Platforms such as bKash, Nagad, and Rocket have fundamentally transformed the concept of financial inclusion, bringing over 144 million registered users as of January 2026 into the formal economy as per Bangladesh Bank data, among which 5.70 lakh are relatively more vulnerable youth accounts. 

Driven by rising internet penetration and the widespread availability of smartphones, everyday transactions have migrated to digital screens. However, this massive shift has simultaneously attracted highly organised fraud syndicates. As reported by The Daily Star in May 2024, a total of 48,586 personal mobile financial service accounts have been suspended by the Bangladesh Financial Intelligence Unit (BFIU) for suspected involvement in online gambling, betting, and hundi. 

Fraudsters are siphoning millions of taka from unsuspecting users through fake investment schemes, cloned emergency numbers, and highly coordinated social engineering tactics. As transaction volumes surge to thousands of crores daily, the financial and emotional toll on everyday users is mounting. This growing epidemic directly threatens the core trust required for a thriving digital economy, making it a critical national issue that demands immediate intervention.

The primary vulnerability enabling these crimes lies in how current security systems operate. Traditional banking defences rely heavily on rigid, rule-based methods that simply monitor for obvious red flags, such as multiple incorrect PIN entries or exceptionally large, uncharacteristic transfers. Unfortunately, today's sophisticated fraudsters rarely hack into systems using brute force. 

Instead, they manipulate victims into willingly sharing One-Time Passwords, or they use stolen credentials to log into the application in a completely standard manner. Because these criminals meticulously mimic legitimate login procedures, traditional security rules simply cannot distinguish between the actual account owner and a thief in a remote location. If the PIN matches and the One-Time Password is correct, the system blindly assumes the transaction is safe and processes the theft.

To combat this rapidly evolving threat, our research introduces a much smarter, highly adaptive framework. We focused on the emerging concept of behavioural biometrics, which operates on a simple but powerful principle: how you type, swipe, and scroll on your phone screen is as unique to you as a physical fingerprint. When this continuous behavioural data is combined with transactional patterns, such as where you are located, when you normally send money, and how much you typically transact, a highly comprehensive behavioural profile emerges. 

Developing this solution involved a deliberate progression of machine learning models. We initially utilised an autoencoder to strictly profile normal user behaviour. We then moved to advanced networks capable of capturing time-based sequences, applied gradient boosting techniques, and finally combined these elements into a robust ensemble system capable of learning from vast amounts of data.

The performance results of this hybrid research work are highly encouraging for the future of mobile security. Our system achieved an impressive 97 percent fraud detection rate alongside 95 percent precision. To put this improvement into perspective, the initial baseline model operating alone missed 67 percent of fraudulent activities. This massive leap in accuracy means the system is not just catching more criminals, but doing so with remarkable exactness. The high precision rate offers a crucial practical benefit: fewer false alarms. This ensures that honest customers do not face frustrating delays or unexpectedly blocked accounts while attempting to make legitimate payments. In analysing the framework, we discovered that the most critical indicators for spotting an anomaly are the user's geographic location, combined directly with their unique scrolling and typing speeds.

For Bangladesh, adopting this kind of intelligent framework could be entirely transformative. Regulatory bodies like Bangladesh Bank, alongside leading mobile financial service providers, have an immediate opportunity to integrate these predictive models directly into their existing digital infrastructures. Because the framework is designed to be highly adaptive and locally relevant, it offers a real-time, deployable defence against the specific social engineering tactics currently prevalent in our ecosystem. Such proactive security mechanisms are absolutely essential for securing the next phase of the nation's journey toward a truly cashless society.

Securing our digital economy requires a rapid shift from reactive troubleshooting to proactive, artificial intelligence-driven defence. It is imperative for regulators, traditional banks, and fintech companies to collaboratively invest in advanced behavioural protection. By embracing these intelligent systems today, the financial sector can finally outpace the fraudsters and ensure that digital financial services remain a safe, empowering tool for every citizen.

Shuvashish Roy is a senior researcher at the Research & Innovation Division of Prime Bank PLC, and Md Tuhin Rana is a student of the Department of Statistics at the University of Dhaka