Fighting Digital Payment Fraudsters in Real-time: A Winning Framework (Part 1)

A few weeks ago Seattle-based financial services and data management firm Automatic Funds Transfer Services (AFTS) suffered a serious ransomware attack. A gang called “Cuba” hacked and stole approximately 20 months’ worth of AFTS data, including financial documents, correspondence with bank employees, account movements, balance sheets, and tax documents. The compromised data then was offered for sale on the dark web.

Later in February, the United States charged three North Korean hackers with conspiring to steal more than $1.3 billion from banks and companies around the world. Members of the group were responsible for a wide range of criminal activity and high-profile intrusions, including hacking ATMs, and cryptocurrency exchanges. These bad actors also created the ransomware virus WannaCry, which damaged hundreds of thousands of computers worldwide in 2017.

The number of such cases is alarming. According to research by UK-based MerchantSavvy, in the last 9 years global losses from payment fraud have tripled, reaching $32.3 billion in 2020. Many fraudsters took advantage of the increase in digital and contactless payments, a shift in customer behavior that was driven by the pandemic.

Payment fraud will continue increasing and is projected to cost $40.62 billion in 2027 (25% higher than last year). A proactive approach to fraud prevention is key for financial institutions and online merchants. A good place to start is building out a fraud-fighting strategy that minimizes financial loss, reputational harm, and unnecessary payment transaction declines.

Detecting and preventing payment fraud requires an in-depth assessment at every step along the customer payment journey. The ability to continuously see across every initiated transaction – from login, card tap or a wallet swipe, to the host or third party service authorization, and back for completion – is paramount for assessing risk and enhancing security.

In this blog post series, we’ll talk about the 8 key components of a top payment fraud detection solution. Each of them is important on its own and must operate in concert with the others to build an integrative, adaptive system.

1. Unlimited access to real-time payment transaction data (across all payment rails and channels).

Automation and access to real-time transaction data will be key to increasing business resilience.

Your payment security will only be as good as your data and your ability to access the right data quickly. According to Julie Conroy, research director of Aite Group’s Fraud and AML practice, the number one pain point is harnessing internal data effectively.

To make informed decisions faster, financial institutions and online retailers need a solution that collects and correlates data across every link of the end-to-end payment transaction journey — regardless of application, language, payment rail or channel. To avoid detection lag times, all this information should be available and decoded in real time. It should include currency amount, transaction time, date and status, card type, terminal ID, IP geolocation address, and fingerprint data.

It’s easier and faster to make business and fraud-prevention decisions when all your real-time data is also accessible in a single dashboard, searching through multiple logs takes precious time. If your fraud-fighting strategy includes at least this component, you’ve already scored a win that helps your team save time and conserve valuable resources.

| Check out how ALTO Network partnered with INETCO to identify transaction-level payment fraud attacks in milliseconds and secure Indonesia’s National Payment Gateway.

2. Real-time event monitoring.

When it comes to taking a proactive approach to fraud detection, centralized real-time event monitoring across all channels and rails is a must-have. Even if it requires an upfront investment, it’s usually cheaper to prevent cyberattacks than dealing with their aftermath. The cost of stolen funds can be quantified. It’s harder to measure the reputational damage of a fraud attack, but it can have a significant impact on whether or not you are perceived as trustworthy.

Real-time event monitoring involves tracing a payment transaction path through an entire enterprise infrastructure, and spotting suspicious transaction activity before customers do – without having to constantly observe or interrogate the system after the damage is done.

This second component will help you automatically screen each link of an “in-flow” payment transaction, as it traverses across multiple customer endpoints, technologies, and network infrastructures — making it easy to assess where missing transaction links, transaction path deviations or suspicious transaction activity is occurring in milliseconds. The result – improved customer service, time and budget savings with improved resilience to cyberattacks.

| See how E-Global, the largest electronic payments processor in Mexico, used INETCO Insight to quickly isolate operational performance issues, prevent fraud, and share data between IT operations and fraud teams faster.

Transaction link analysis involves matching a user request to all the various back-end calls and services required to execute it. Using full transaction profiling, it is possible to reconstruct and establish a one-stop view into multi-protocol transactions — making it easy to see connections in your data that are strong indicators of fraud.

A forecast from Juniper Research says that retailers will lose about $130 billion globally in revenue on fraudulent card-not-present transactions between now and 2023 as they fail to keep up with digital fraud detection and prevention measures. Viewing the end-to-end transaction path and all the underlying network communications links and application payload details will allow your team to navigate through thousands of card-present and card-not-present payment transactions so that you can speed up fraud detection and investigation.

4. Rules-based policy and alerts engine

Having the ability to create, test, and maintain rules is essential to selecting the right fraud prevention platform for your business.

When issuers, acquirers and merchants dial up their existing fraud risk scoring criteria incorrectly (hey, it happens), they may inaccurately flag and decline transactions that are in fact genuine. In addition to increased customer friction, the Aite Group estimates that in the United States alone, $443 billion in revenue will be lost due to false declines in 2021. This is nearly 70x more than the projected losses from card-not-present fraud itself ($4.6 billion by 2021).

Rules play an important role in speedy bot detection, account takeovers, and the identification of suspicious transaction activity patterns. No matter what software for payment fraud prevention you use, it should allow you to create rules based on specific fields (e.g. payment transaction dollar amount, volume or velocity), thresholds, sanctions, and watch list screenings.

| See how BECU enhances member experience with rules-based alerts and machine learning capabilities to detect ATM cash-outs and other transaction-level payment fraud attacks in milliseconds.

Some examples of alerts:

  • Transaction risk score for the card (customer ID exceeds a threshold)
  • Too many device fingerprint and IP geolocation changes
  • Cash withdrawal observed on an ISO link with no matching database transaction (man-in-the-middle attack)
  • Repeat card usage or customer ID by device, distance or store

Alerts should be easily viewed and assessed for risk, forwarded into existing fraud orchestration or support ticketing and dispatch systems of choice. 


In the next post of the series, we’ll talk about other “must-have” components of the payment fraud detection framework that will help financial institutions and online merchants stay resilient in the era of accelerated digital transformation.

Want to accelerate your fraud prevention strategy and reduce the risk of major cyberattacks on your payment ecosystem? Download our new whitepaper “Building Out an Effective Payment Fraud Detection Framework: 8 “Must-have” Components”.