Payment Fraud Essentials and Prevention Checklist
Learn how to spot fraudulent payments and separate criminals from legitimate customers. As technology advances, the ways to commit fraud also keep up. According to the recent report from Juniper Research, payment fraud present in e-commerce, money transfer and banking services will reach the cost of $48 billion by 2023. With such a dooming forecast arises the question of “what can we do to stop it from happening?”. After gaining insight on fraud prevention and having dealt with many cases from our perspective, we are ready to share our expertise. Read on.
What Is Payment Fraud?
Fraud is essentially about criminals using stolen cardholder data for profit. Fraud prevention is about stopping them. The type of fraud businesses are exposed to depends on the way they make or process their payments. In general, we can break down payment fraud into two categories: card-present fraud and card-absent fraud. The precautions, such as the introduction of holographic graphics, make it difficult to clone physical cards and renders card-present fraud a lot less common than card-absent fraud.
Let’s have a look at the most common types of card-absent or online payment fraud.
Types of Online Payment Fraud
Most online payment fraud is essentially identity theft—this is how it works.
– Criminally Obtained Information
Criminals steal cardholder information through skimming on payment pages or buy it on the dark web.
– Stolen Card
Using stolen card details to impersonate the cardholder and buy things online.
– Online Purchase
Convinced that the purchase is valid, the online seller processes the payment and sends the goods to the fraudster.
– Chargeback Fraud
A fraud makes a purchase and then contacts their bank claiming that their card was stolen or lost. The fraud gets the money, the online seller is hit with a chargeback plus fees. It is a common case for e-commerce platforms such as Amazon, Airbnb, eBay, etc. To control fraud and protect the financial market in itself, countries have developed international and local demands to businesses alongside regulatory watchdogs.
The Consequences of Failing to Prevent Payment Fraud
On average, customers-victims of online payment fraud spend over two working days canceling their cards and dealing with the aftermath. For online sellers or payment providers, the case is much worse. Payment Services Directive or PSD—a European Union law aimed to regulate payment services in the EU and EEA—finds and fines those legally responsible if any of fraud scenarios go undetected.
Apart from PSD, there are local and international regulators such as FATF, FCA, FinCEN, AML4 and The FED, who are on the hunt for anybody violating the law and market safety. Although different units of companies deal with fraud prevention separately, they must work together for better results. There are examples of huge fines for poor suspicious transactions/activity reports, not tied to the specific fraud case that they have missed.
As an example, the FCA—the UK’s financial regulatory agency—fined Tesco Bank with over 20 million dollar penalty for failing to prevent debit card fraud which affected the bank itself and 131,000 of its customers.
Another case—The FED (the Federal Reserve) fined Deutsche Bank with $41 million for failing to adequately protect against money laundering having unsafe and unsound practices.
Noncompliance will put you under the strict penalties of at least PSD2 and AML4 directives. So, let’s look at how to protect oneself from these consequences.
Checklist to Fraud Prevention
The procurement of fraud prevention services and a strategy to assess and mitigate risk is critical for effective fraud prevention and the liability of a business. To prevent fraud and regulatory fines from happening, businesses have to implement identification, as well as KYC, KYB and AML processes. Here, we have gathered the key practices to adopt for a stronger fraud payment protection via bank card verification.
– Fraudulent Pattern Analysis
Tracking and analyzing customer behavior in browsers and on mobile devices— via their IP address, full name, phone number, email address, and card number.
– Documents and Compromised Persons Screening
Screening user’s data against the database of documents leaked to the dark market compromised email addresses and phone numbers and the internal databases of blacklisted users.
– Text Recognition and Data Crosscheck
Implementing automation to extract data from bank cards and compare it with payment details provided by a customer.
– Face Match
Comparing faces on all the submitted images with each other and implement automated confirmations of when a to find out if a bank card belongs to a particular person and the person is real.
And the technology alone is not enough—financial institutions must plan beyond it, across governance, people, technology and processes. Fraudsters are clever, but they also leave tracks. Knowing how to spot them and having the necessary tools gives you an advantage in the fight against fraud.
Read More: Fraud Evasion Must Start with Data Sources