As mobile financial fraud grows more sophisticated, an intelligent system that tracks how users type and swipe could offer a powerful shield for honest customers. Imagine a university student in Dhaka about to pay her final semester tuition, or a small business owner in a busy market counting monthly earnings. An urgent call arrives from someone claiming to be customer support from a trusted mobile banking provider. The caller sounds professional and warns that the account will be blocked due to a system upgrade unless details are verified immediately. Panicked, they comply. Within minutes, the tuition and hard-earned profits are gone. Such incidents are no longer rare. They are a daily reality across the country. Fraudsters have moved beyond simple tricks, using advanced social engineering to bypass standard security and devastate victims before they realise what has happened.
Mobile banking in Bangladesh has grown rapidly over the past decade. Platforms such as bKash, Nagad and Rocket have expanded financial inclusion, bringing more than 144 million registered users into the formal economy as of January 2026, according to the Bangladesh Bank. About 570,000 of these are youth accounts, considered more vulnerable. Rising internet penetration and widespread smartphone use have pushed everyday transactions onto digital screens. This growth has also attracted organised fraud networks. In May 2024, The Daily Star reported that 48,586 personal mobile financial service accounts were suspended by the Bangladesh Financial Intelligence Unit (BFIU) for suspected links to online gambling, betting and hundi. Fraudsters siphon millions of taka through fake investment schemes, cloned emergency numbers and coordinated social engineering. As daily transactions reach thousands of crores, the financial and emotional toll rises. Trust, the foundation of a digital economy, is under strain.
The weakness lies in how security systems work. Traditional defences rely on rule-based checks, such as repeated incorrect PIN entries or unusually large transfers. Yet modern fraudsters rarely force entry. Instead, they persuade victims to share one-time passwords or use stolen credentials to log in normally. If the PIN and password match, the system assumes the transaction is legitimate. It cannot easily tell the difference between the real user and a criminal operating remotely. Our research proposes a more adaptive approach based on behavioural biometrics. The principle is simple. How a person types, swipes and scrolls is as distinctive as a fingerprint. When this behavioural data is combined with transaction patterns such as location, timing and typical amounts, a detailed user profile emerges.
We developed the system in stages. An autoencoder first learned patterns of normal behaviour. We then applied models that capture time-based sequences and used gradient boosting techniques. Finally, we combined them into an ensemble model capable of analysing large volumes of data. The results are encouraging. The system achieved a 97 percent fraud detection rate with 95 percent precision. By contrast, the initial baseline model missed 67 percent of fraudulent activity. Higher precision also means fewer false alarms, reducing the risk of legitimate transactions being blocked. Our analysis found that geographic location, together with scrolling and typing speed, was among the strongest indicators of suspicious activity.
For Bangladesh, adopting such a framework could be transformative. The Bangladesh Bank and mobile financial service providers could integrate these predictive models into existing systems. Because the framework is adaptive and locally relevant, it can respond in real time to the social engineering tactics common in the country. Proactive security will be vital as Bangladesh moves towards a more cashless economy. Protecting the digital economy requires a shift from reactive troubleshooting to proactive, AI-driven defence. Regulators, banks and fintech companies should invest jointly in behavioural security. With the right safeguards, digital financial services can remain safe and empowering for millions.
Shuvashish Roy is a senior researcher at Research and Innovation Division of Prime Bank PLC and Md Tuhin Rana is a student at Department of Statistics of Dhaka University