Curve uses BigQuery Graph to tackle fraud networks

Curve has used Google Cloud's BigQuery Graph in its fraud prevention work, helping it uncover linked fraud networks.

The UK fintech, which offers a wallet app and card that combine customers' debit and credit cards, adopted graph analytics to address organised fraud that standard transaction monitoring can miss.

Fraudsters often share attributes across accounts, including devices, funding cards and contact details. In a conventional relational database, those links can be difficult to trace because analysts must run repeated self-joins to follow chains of connections between accounts.

At the scale of millions of users and tens of millions of connections, that process became expensive and difficult to maintain, Curve said. Some of its most detailed fraud signals also involve billions of possible links, creating performance constraints in standard relational systems.

Graph analysis

To address this, Curve modelled its payments environment as a graph, with users represented as nodes and shared identifiers as edges. This lets analysts search for suspicious patterns across the dataset using graph query language while keeping the data in its existing BigQuery warehouse.

The approach avoided a move to a separate graph database and reduced the time and cost of migration. It also allowed teams to combine graph traversals with SQL analysis and machine learning workflows in the same environment.

According to Curve, the system can analyse links at user, device and card level. Its existing SQL pipelines still build the underlying nodes and edges tables, with graph queries then used to traverse relationships and SQL used again for aggregation.

Financial effect

Curve said automated blocks triggered by graph-based analysis saved about USD $12 million in transaction losses during 2025. It also said its graph-based queries reached roughly 72% accuracy in identifying fraudulent users.

That level of precision has helped fraud mitigation staff focus manual reviews on cases more likely to involve fraud, while graph query language has made it easier to refresh fraud rules more often.

Previously, hourly rules were limited to one-hop queries because more complex scripts were too slow to run efficiently, Curve said. The newer approach has allowed the company to optimise those processes as it looks for broader account and device networks linked to organised crime.

Model training

Curve also said faster graph traversal has implications for the machine learning models it uses in fraud monitoring. Daily graph rebuilding and traversal are sufficient for training models, but too slow for live transaction decisions that may need to be made in less than a second.

As a result, Curve is moving towards micro-batch or streaming graph traversals so fresher network data can be fed into fraud models during monitoring. It is also working to incorporate higher-volume signals, including billions of IP address connections, into real-time detection processes.

Another area under review is graph visualisation for analysts, which could give security and data science teams a way to inspect fraud networks visually as they emerge. Overall, the shift is helping Curve treat fraud detection as network analysis rather than isolated transaction review.

The change has also given teams a way to connect relationships directly inside the existing data environment while reducing the operational burden of more complex relational queries.