Adversarial machine learning in microfinance: robustness and security in credit scoring

Abstract

Adversarial Machine Learning (AML) is used to detect and resolve manipulated inputs that attempt to compromise machine learning models. Financial decisionmaking systems are one of the most required sectors of AML, as this sector, particularly the automated credit scoring system, is very sensitive and crucial. The current work at first proposes a model to distinguish between high-risk and creditworthy borrowers who seek loans. We named this model “LoanBuddy”. Then we used eight machine learning models to train our system that can detect high and lowrisk borrowers. Then we performed eight adversarial attacks on our trained models to analyze how these attacks manipulate our trained system. We also used hybrid and composite attacks to find out the most suitable and secure machine learning model for this kind of system. In numbers, we used around 40 combinations of eight base attacks. Finally, we proposed a way to defend against those attacks. Overall, our integrated methodology, spanning modeling, attack evaluation, calibration, robustness training, and operational safeguards, collectively enables a secure, interpretable, and practical credit-scoring pipeline that promotes ethical microfinance practices and mitigates fraud. We present the accuracy, AUC, and F1 of each model’s predictions as well as the accuracy of its probabilities (calibration: Brier and Expected Calibration Error/ECE). We also provide, when available, a certified robustness margin, which is the minimum amount that an input must change in order to reverse the decision. The results demonstrate that adversarially trained transformer models and calibrated monotone ensembles exhibit the strongest robustness. In contrast, unregularized neural baselines and stacked tree models are more vulnerable and require hardening.