As a bank or credit union, you go to great lengths to meet customer security expectations, monitor card transactions and protect your ATM fleet against potential fraud attacks.
But what happens when ongoing, advanced persistent threats (APTs) fly under the radar of your existing payments fraud defenses?
Ideally, we would all be able to identify when terminals, cards or transaction switches are under attack. But for many of us, payments system security remains a high-risk challenge due to network visibility gaps, evolving criminal attack methodologies and the increasing costs to deploy fraud management tools. Fraudsters often utilize a combination of specially crafted malware, social engineering and coordinated smaller card based attacks that are designed to fly under the radar of traditional payment fraud defenses, or to bypass these mechanisms entirely.
It used to be that real time, transaction-level monitoring tools were mainly used by IT operations teams wanting to quickly isolate network and application issues affecting the completion of customer transactions. But more recently, these solutions are proving to be a trusted, reliable source of quality transaction data that can be leveraged and repackaged for multiple business use cases that bridge IT operations performance, card operations and fraud prevention.
By capturing and correlating the complete data flow of every transaction, card operations and fraud prevention teams can add a new layer of defense against advanced persistent threats by ensuring that transaction messages and data flows have not been altered or tampered with. They gain direct access to accurate and consistent transaction data for alerting and analysis –ready to be used anytime and anywhere they want. Security-related transaction message fields and metadata include:
- Message types
- Card numbers
- Transaction dates and times
- Fraud response codes
- Terminal ID’s
- ISO 8583 messages
A correlated, end-to-end transaction view also helps to catch threats that bypass traditional fraud detection systems. Examples of real-time transaction anomaly recognition includes:
- Fake processing due to switch malware and card compromises
- Isolation of ATMs or POS terminals used in coordinated attacks
- Excessive transaction clearing due to high velocity attacks (Cards being used several times in rapid succession at an ATM or POS)
- Unexpected EMV fallbacks
- High volumes of transactions from a specific card PAN
- ATM cash-outs due to foreign or high-value card usage (pre hotlist)
So if you are interested in exploring more on how real time, transaction-level monitoring tools can be used to complement your existing fraud detection systems, download the INETCO Payments System Security (PSS) solutions sheet, or contact me directly.