Fraud Prevention Measures

This article will review the most commonly perpetrated types of fraud and will examine various prevention measures, including the utilization of a fraud scoring system which can be put in place to, if not eliminate, at least reduce the number of fraudulent transactions. The effective use of fraud monitoring tools and future developments in the tracking and prevention of this burgeoning trend also come under discussion.

Where and How

Fraud is most commonly perpetrated in 3 areas;

1. Telephonic or mail order fraud where fraudsters very often obtain lists of valid credit card numbers which they then use to make telephonic purchases
2. Card skimming has shown the fastest growth over recent years. This type of fraud often occurs in restaurants or hotels when the card is swiped through the machine in a back office area. There are generally three places this confidential information becomes compromised:
   • at the merchant location itself
   • during the transmission process used for authorization purposes
   • or at the point of storage

   The skimming device is roughly the size of an electronic pager. When a customer makes a credit card purchase, the card is swiped, the information is collected from the magnetic stripe, and is then telephoned in for approval. During this process, the electronic skimmer captures the information and re-encodes it onto the magnetic stripe of a plain plastic card and/or stores it in the skimming device itself, and can then be downloaded and manipulated for a variety of illegal purposes.

3. Lost and stolen cards – 75% of fraud on a stolen card is committed AFTER this has been reported to the issuer. This, combined with higher floor limits, exacerbates an already critical situation.

The Fraud Lifecycle

The credit card application process is obviously the first point of call for fraudsters, particularly those who operate syndicates. It should be a foremost priority in any institution to develop an integrated fraud database, which not only captures application information but also retains data from case files. Syndicates will very often flood issuers with false applications and unless there is a fraud database in place, many of these cards will be issued, with the resultant consequences.

It is also critical that the distribution process for cards and PINs is a secure one. Experience has shown that cards which are mailed to customers are often intercepted. Similarly, if PINs are mailed to customers, self-sealing one-step mailers which are tamper proof should be utilized. It is also best practice to distribute cards and PINs from two separate distribution centers to prevent unscrupulous personnel from matching the cards to the PINs.

Various authorizations checks should also be put in place to counteract potentially fraudulent transactions. Velocity checks at point of sale can trigger warning flags should the card be swiped more than a specified number of times over a specified period. These types of transactions are sometimes referred to as ‘common fraud patterns’.

Organizations which have their own dedicated fraud control departments have a marked advantage over those companies who do not. This department usually has the resources available to perform dedicated fraud analysis and has the authority to implement and adjust fraud strategies. In some cases they are involved in internal fraud investigations where collusion amongst staff members is suspected. The use of predictive tools, and effective monitoring and reporting all contribute to the establishment of successful fraud prevention strategies.