Autonomous Refund Fraud Investigator
An intelligent multi-agent system that automatically investigates refund claims, detects fraud patterns using AI, and autonomously processes or rejects refunds via Razorpay.
- Features
- Architecture
- Demo
- Quick Start
- Installation
- API Documentation
- Testing
- Sponsor Integrations
- Contributing
- Evidence Analysis: GPT-4 Vision analyzes damage evidence images
- Fraud Detection: Detects AI-generated images, manipulation, and anomalies
- Pattern Recognition: FAISS-based vector search for similar fraud cases
- File Security: SafeDep-style file validation and scanning
- URL Threat Detection: Gearsec-style malicious URL detection via VirusTotal
- Merchant Verification: Crustdata API integration for company intelligence
- Payment Processing: Razorpay API for instant refund execution
- Risk-Based Decisions: Auto-approve (0-30), Manual review (31-70), Reject (71-100)
- Customer Communication: Automated email responses via AI
- Event Streaming: S2.dev-style event logging
- Multi-Agent Orchestration: Emergent AI-style agent coordination
- Real-time Dashboard: Monitor all investigations
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β REFUNDSHIELD AI β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€
β β
β ββββββββββββββββ ββββββββββββββββββββ ββββββββββββββββββββ β
β β Next.js βββββΆβ FastAPI βββββΆβ SQLite β β
β β Dashboard ββββββ Backend ββββββ Database β β
β ββββββββββββββββ ββββββββββββββββββββ ββββββββββββββββββββ β
β β β
β ββββββββββββββββββββΌβββββββββββββββββββ β
β βΌ βΌ βΌ β
β ββββββββββββββββ ββββββββββββββββ ββββββββββββββββ β
β βEvidenceAgent β βSecurityAgent β βMerchantAgent β β
β β (OpenAI) β β(SafeDep/VT) β β (Crustdata) β β
β ββββββββββββββββ ββββββββββββββββ ββββββββββββββββ β
β β β β β
β ββββββββββββββββ ββββββββββββββββ ββββββββββββββββ β
β βKnowledgeAgentβ β FraudAgent β β RefundAgent β β
β β(Unsiloed AI) β β(Risk Scorer) β β (Razorpay) β β
β ββββββββββββββββ ββββββββββββββββ ββββββββββββββββ β
β β β
β ββββββββββ΄βββββββββ β
β βΌ βΌ β
β ββββββββββββββββ ββββββββββββββββ β
β β ReportAgent β βResponseAgent β β
β β β β (Concierge) β β
β ββββββββββββββββ ββββββββββββββββ β
β β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
Claim Submission β Evidence Analysis β Image Search β Security Scan β
Merchant Verification β Knowledge Retrieval β Fraud Scoring β
Refund Decision β Payment Action β Report Generation β Customer Response
| Score | Decision | Color |
|---|---|---|
| 0-30 | β APPROVED | Green |
| 31-70 | βΈ MANUAL REVIEW | Yellow |
| 71-100 | β REJECTED | Red |
{
"claim_id": "CLM_A1B2C3D4E5F6",
"fraud_score": 12,
"decision": "approved",
"refund_id": "rfnd_FP8R8EGjGbPkVb",
"risk_factors": [],
"investigation_report": {
"image_analysis": { "damage_detected": true, "ai_generated_probability": 5 },
"security_scan": { "safe": true, "threats_found": [] },
"merchant_verification": { "verified": true, "company_name": "Amazon" }
}
}- Python 3.9+
- Node.js 18+
- API Keys (optional - works in simulation mode):
- OpenAI API Key (for image analysis)
- Razorpay API Keys (for live refunds)
- VirusTotal API Key (for URL scanning)
# Clone repository
git clone <repository-url>
cd refundshield-ai
# Start Backend
cd backend
python -m venv venv
source venv/bin/activate # Windows: venv\Scripts\activate
pip install -r requirements.txt
# Edit .env with your OPENAI_API_KEY
cp .env.example .env
uvicorn main:app --reload
# Start Frontend (new terminal)
cd frontend
npm install
npm run devAccess the application:
- π₯οΈ Dashboard: http://localhost:3000
- π API: http://localhost:8000
- π API Docs: http://localhost:8000/docs
cd backend
# Create virtual environment
python -m venv venv
source venv/bin/activate
# Install dependencies
pip install -r requirements.txt
# Environment variables
cp .env.example .env
# Edit .env and add your API keys
# Run server
uvicorn main:app --reload --host 0.0.0.0 --port 8000cd frontend
# Install dependencies
npm install
# Run development server
npm run dev
# Build for production
npm run build
npm startCreate backend/.env:
# Required for AI Analysis
OPENAI_API_KEY=sk-your_openai_api_key_here
# Optional - System simulates if not provided
RAZORPAY_KEY_ID=rzp_test_your_key_id
RAZORPAY_KEY_SECRET=your_key_secret
VIRUSTOTAL_API_KEY=your_virustotal_api_key
SERPAPI_API_KEY=your_serpapi_key
CRUSTDATA_API_KEY=your_crustdata_api_keyPOST /submit-claim
Content-Type: multipart/form-data
order_id=ORDER123
merchant_name=Amazon
payment_id=pay_xxx
refund_amount=1000.00
claim_reason=Product damaged on delivery
image=<file>Response:
{
"claim_id": "CLM_A1B2C3D4E5F6",
"fraud_score": 12,
"decision": "approved",
"refund_status": "processed",
"refund_id": "rfnd_xxx",
"investigation_report": { ... },
"customer_response": "Dear Customer, Your refund..."
}GET /claims?limit=50GET /events?claim_id=xxx&event_type=xxxGET /healthResponse:
{
"status": "healthy",
"agents": ["EvidenceAgent", "SecurityAgent", "MerchantAgent", ...]
}A comprehensive test file with 10 scenarios is provided:
# View test cases
cat backend/test_inputs.txt# Test 1: Low Risk (Approved)
curl -X POST http://localhost:8000/submit-claim \
-F "order_id=ORDER_001_LEGIT" \
-F "merchant_name=Amazon" \
-F "payment_id=pay_Amazon123" \
-F "refund_amount=1299.00" \
-F "claim_reason=Received damaged smartphone" \
-F "image=@/path/to/photo.jpg"
# Test 2: High Risk (Rejected) - with suspicious URL
curl -X POST http://localhost:8000/submit-claim \
-F "order_id=ORDER_002_FAKE" \
-F "merchant_name=UnknownShop" \
-F "payment_id=pay_Fraud999" \
-F "refund_amount=4999.00" \
-F "claim_reason=Visit http://bit.ly/suspicious for details" \
-F "image=@/path/to/stock_photo.jpg"| # | Scenario | Expected Score | Decision |
|---|---|---|---|
| 1 | Amazon + Real damage | 10-25 | β APPROVED |
| 2 | AI-generated image | 70-95 | β REJECTED |
| 3 | Suspicious URL | 35-55 | βΈ MANUAL |
| 4 | Flipkart + Valid claim | 10-20 | β APPROVED |
| 5 | Reused stock image | 75-90 | β REJECTED |
| Sponsor | Integration | Status | Description |
|---|---|---|---|
| Razorpay | Payment Gateway | β Live + Simulated | Execute refunds via Razorpay API |
| SafeDep | File Security | β Simulated | Validate file types and scan for threats |
| Gearsec | URL Threat Detection | β Via VirusTotal | Check URLs for malicious content |
| Crustdata | Company Intelligence | β Simulated | Verify merchant legitimacy |
| S2.dev | Event Streaming | β Simulated | Log all system events |
| Emergent AI | Agent Orchestration | β Implemented | Multi-agent coordination |
| Unsiloed AI | Knowledge Retrieval | β FAISS-based | Vector search for fraud patterns |
| Concierge | Response Automation | β OpenAI-powered | Generate customer emails |
| Factor | Score Impact |
|---|---|
| AI-generated image detected | +40 |
| Image found online (reuse) | +30 |
| Suspicious URL detected | +20 |
| Unverified merchant | +20 |
| Similar fraud pattern found | +20 |
| Security threat detected | +25 |
| Image manipulation detected | +35 |
| Metadata anomaly | +15 |
Score 0-30: π’ APPROVE β Process refund via Razorpay
Score 31-70: π‘ MANUAL β Flag for human review
Score 71-100: π΄ REJECT β Deny refund, log fraud attempt
- β File type validation using magic numbers
- β Malicious file detection
- β URL reputation checking (VirusTotal API)
- β Suspicious pattern detection
- β Metadata anomaly detection
- β Image perceptual hashing
- β Reverse image search (SerpAPI)
refundshield-ai/
βββ backend/
β βββ main.py # FastAPI application
β βββ requirements.txt # Python dependencies
β βββ .env.example # Environment template
β βββ test_inputs.txt # 10 test scenarios
β βββ agents/ # 8 AI Agents
β β βββ base_agent.py # Agent orchestration (Emergent AI)
β β βββ evidence_agent.py # OpenAI Vision analysis
β β βββ security_agent.py # SafeDep/Gearsec scanning
β β βββ merchant_agent.py # Crustdata verification
β β βββ fraud_agent.py # Risk scoring engine
β β βββ refund_agent.py # Razorpay integration
β β βββ knowledge_agent.py # Unsiloed AI (FAISS)
β β βββ report_agent.py # Investigation reports
β β βββ response_agent.py # Concierge automation
β βββ services/
β β βββ event_logger.py # S2.dev event streaming
β β βββ image_search.py # SerpAPI integration
β βββ database/
β βββ models.py # SQLite models
β
βββ frontend/
β βββ pages/index.js # Main dashboard
β βββ components/
β β βββ SponsorBadges.js # Integration badges
β β βββ FraudScoreGauge.js # Animated score display
β β βββ InvestigationReport.js # Report viewer
β β βββ RecentClaims.js # Claims history
β βββ styles/globals.css # Tailwind CSS
β
βββ README.md # This file
- FastAPI - High-performance web framework
- SQLAlchemy - ORM for database operations
- OpenAI GPT-4 Vision - Image analysis
- FAISS - Vector similarity search
- Razorpay SDK - Payment processing
- Next.js 14 - React framework
- Tailwind CSS - Utility-first styling
- Axios - HTTP client
- Lucide React - Icon library
- GPT-4 Vision - Evidence analysis
- ImageHash - Perceptual hashing
- FAISS - Vector search
- TikToken - Token counting
MIT License - See LICENSE file for details.
Built for the hackathon with:
For questions or support, please open an issue on GitHub.
RefundShield AI - Making refund processing smarter, faster, and safer with AI. π