Event-based fraud detection with direct customer calls using Amazon Connect (build/train/deploy walkthrough)

Use case typeFraud detectionUpdated Jun 13, 2026

This AWS walkthrough describes an event-driven fraud detection flow that notifies a cardholder immediately when a suspicious credit-card transaction is detected. The solution integrates Amazon Fraud Detector with Amazon Connect so a customer can be called in real time and confirm whether a transaction was fraudulent. Customer attributes are stored in Amazon DynamoDB and updated by AWS Lambda during the call flow.

Organization
Not applicable
Industry
Finance
Published
June 2021

Reported outcomes

Strategic outcomes

Customer experience & trustEnabled immediate fraud notification and verificationRisk & complianceAutomated account protection after fraud confirmationNew product / capabilityImplemented a call-and-block fraud workflow

Primary read

Use case focus

Showing 3 of 3

  • 1Fraud detection
  • 2Customer service automation
  • 3Contact center automation
  • Credit-card fraud is often detected after the card is blocked, leaving the customer without immediate context.
  • Organizations need a low-latency workflow that can notify the cardholder and decide whether to block the card based on customer interaction.
  • A transaction event is sent to AWS Lambda, which invokes an Amazon Fraud Detector model to score the transaction.
  • If the transaction is flagged as fraudulent, Lambda retrieves customer data from Amazon DynamoDB and sends it to Amazon Connect to place an outbound call.
  • The Amazon Connect contact flow lets the customer respond via DTMF and, if fraud is confirmed, invokes another Lambda function to set a block flag in DynamoDB.
  • The walkthrough uses AWS CloudFormation to deploy the supporting resources and includes an Amazon SageMaker notebook workflow for building and training the Fraud Detector model.
  • The reference implementation provides an end-to-end serverless demo for immediate fraud notification and customer verification.
  • It demonstrates how prediction thresholds and downstream actions can be tuned and tested in a working call-and-block flow.
  • The architecture reduces manual intervention by automating detection, customer contact, and account protection.
Architecture

Event-driven serverless architecture: transaction metadata triggers AWS Lambda, which calls Amazon Fraud Detector; if fraudulent, Lambda looks up customer data in Amazon DynamoDB and initiates an Amazon Connect outbound call; the contact flow uses DTMF to collect customer input; a second Lambda function can update DynamoDB to block the card; AWS CloudFormation provisions resources; Amazon SageMaker is used in the model build/train/deploy walkthrough.

Sources & evidence1
Groundedness: 4/5

AI-generated summary. Verify important details with the linked sources before relying on this case.

Explore related AI use cases

Was this useful?

Similar cases