Imagine, it’s a Saturday morning and you receive a call from a bank:
– Hello?
– Hi [insert your name], we suspect that a fraudster is trying to use your card at a grocery store in Texas.
– Well, I am at a grocery store in Texas!
– Oh my gosh! Do you see him?
If only credit card fraud was funny.
Over the last year, as we’ve seen a significant rise in contactless payments due to the COVID-19 pandemic, the reports on credit card fraud and identity theft skyrocketed. While minimizing contact was essential in 2020, many consumers adopted new habits of paying that are here to stay, and that have given massive new opportunities to fraudsters who immediately took advantage of the new payment channels. Now we observe a continuous rise in payment card attacks on the global level.
In the United States, the Federal Trade Commission (FTC) reported that credit card fraud continues to be one of the fastest-growing forms of identity theft with reported incidents increasing by 107% from Q1 2019 to Q4 2020. A study, done by LexisNexis Risk Solutions, revealed that medium and large retail merchants selling only physical goods reported 44% of their losses were due to card-not-present fraud and identity theft, while only 33% were from stolen credit cards.
Even if you have never been a victim of credit card fraud yourself, chances are you know at least one person among your friends and family who have experienced losses from it. It’s not a surprise that in the US, consumers are far more worried about their identity being hacked and credit card data stolen than they are about getting murdered, according to Atlas VPN research.
In the UK, even before the pandemic and the attendant increase in contactless payments, in 2019 more than 76% of card fraud losses were due to card-not-present (CNP) fraud, reaching £470.2 million, as reported by Merchant Savvy.
Research published by The Nilson Report shows that global card fraud losses are projected to reach $35.31 billion in 2025.
Securing Customer Payment Journey: The Challenges
Globally, credit card fraud comes in many shapes and forms, including card ID theft, account takeover, faked or doctored cards, credit card cloning, and skimming. What we’ve seen in the pandemic era is an explosion of card-not-present fraud.
As financial institutions are investing in new fraud prevention tools, cyber criminals and fraudsters are coming up with new and sophisticated ways to escape the security traps and get what they want. Staying ahead of the bad guys is an ongoing battle and a 24/7 work, where prevention is key.
Retailers, financial institutions, and card service providers are challenged by a few factors:
- Fraud detection solutions reject a certain percentage of genuine transactions. False positives cost the organization much more than fraud losses;
- Harnessing data in real-time for making decisions can be challenging due to multiple fraud prevention tools, multiple data sources and channels;
- The limitations of solutions that focus on mitigating existing fraud attacks and are slow or unable to adapt on the fly to new threats.
Credit card fraud detection and prevention require a powerful combination of real-time payment data acquisition, rules-based alerting, transaction link analysis, and machine learning capabilities.
In the era where cyber criminals and fraudsters move fast, real-time payment data is a key requirement for financial crimes investigation. Machine learning is rapidly being adopted as a fraud-fighting tool, but it will still only be as good as the data it is provided.
When fraud management solutions rely only on monitoring the authorization switch or core banking system data, the transaction is already many milliseconds old by the time it gets to the back-end for authorization. The contextual information associated with the transaction is stripped off, reducing the number of features available to detect fraud more granularly. This can cost the financial institution millions of dollars when, as has happened, man-in-the-middle attacks go undetected until it’s too late.
Credit Card Fraud Detection with INETCO BullzAI
When financial institutions, payment processors or merchants come to work with us, they may already have a fraud solution. What we offer is an additional layer of protection that addresses fraudulent activity throughout the entire transaction journey. Built specifically for payment environments, INETCO BullzAI helps financial institutions and merchants protect their payments from sophisticated financial crime and cyber attacks. Compared to other fraud solutions, INETCO BullzAI can detect fraud early in the process and block only suspicious activity letting the legitimate payments come through.
INETCO BullzAI is an application layer firewall and state-of-the-art real-time payment fraud detection system integrated in a single solution. With the ability to block fraudulent transactions at the field level, rather than the IP Address or Port level, suspicious transactions can be targeted and blocked immediately. Other fraud solutions cannot detect or take action until after the transaction has completed. With INETCO BullzAI, individual suspicious transactions can be blocked without blocking at a port or firewall level which stops many legitimate transactions.
Credit Card Fraud Detection in Action
Card-Not-Present Fraud Case 1: A fraudster makes purchases of >$3000 in a rolling 24 hour day from one card number.
INETCO BullzAI for Payment Fraud Prevention can be used to create a unique ML model for each payment card number (PAN) and trigger an alert based on a risk score that is unique for every PAN, instead of an absolute value. In the example above, INETCO BullzAI can identify if the purchase pattern is typical for this customer and not generate an alert.
INETCO BullzAI assesses the risk of every payment transaction in milliseconds – blocking transactions at the field level rather than the traditional firewall mechanism of blocking at the IP address or Port level. BullzAI detects & blocks fraud before the transaction completes, allowing business to keep running smoothly while specific transactions are being investigated.
Credit Card Fraud Case 2: A card is compromised and used in quick succession for fraudulent transactions. This could be done by a bot or the card could be printed multiple times and used across the globe by criminals.
With INETCO BullzAI for Payment Fraud Prevention, these events would be flagged for immediate investigation as customer models are updated in real-time, not as an end-of-day process. The fraud teams can take action before the damage is done.
INETCO BullzAI provides powerful investigation tools, giving fraud analysts with a single UI where they can see all the data they need to understand why an alert was triggered, eliminating guesswork and improving productivity.
While credit card fraud is here to stay, as the payment modernization journey continues, fraud solutions with a combination of unlimited real-time data, rule-based alerting, and adaptive machine learning will help financial institutions and merchants gain the ability to prevent new fraud attacks and customer friction as they happen – before the damage is done.