Saturday, December 20, 2008
Security is always high on the agenda for financial institutions, and card fraud is just one aspect of that. To prevent card fraud, the ideal scenario would be for banks to have the ability to identify cards in their portfolio at risk of fraudulent exploitation and take action before any loss has occurred. This scenario is not, however, hypothetical. The solutions do currently exist for banks to take control and beat the card fraudsters at their own game.
Point of Compromise (POC) detection is the single most important preventative fraud action that a financial institution can take when addressing card fraud. The POC is the location at which the card skimming - the illegal copying of card numbers and PINs for the purpose of stealing money from bank accounts – has taken place.
Identification of the POCs is so important as it allows the financial institution to recognise trends and write rules based on the type of locations where the compromises are occurring. However, the true significance of the POC approach is only apparent when it is used to identify potential fraud early enough to enable the bank to take preventative action on cards at risk before any money has been lost. If Point of Compromise detection is used in this way such counter-measures can cut a financial institution’s loss per incident by over 50 per cent.
In order for a bank to identify a POC, it must have a sufficient number of cards that have experienced confirmed fraudulent transactions. The fewer the cards, the more difficult it is to identify the fraudulent location, but a Point of Compromise can generally be found with as little as two to three cards. The cards which have been used fraudulently will provide invaluable information on spending history and a common point of purchase across all cards should start to emerge. After a common location and time-frame have been found across a number of the cards, it is essential that other cardholders who may potentially be at risk are identified.
Once a list of cards at risk has been collected, a course of action must be decided upon. However, striking a balance between customer inconvenience and fraud prevention can often prove difficult. The more action relating to fraud prevention that a bank takes, the more customers it will affect. Fortunately, there are a number of options open to banks with a varying degree of impact. Depending on the location of the POC, the bank may choose to ‘block’ or ‘watch’ cards at risk, choose to do nothing, or a combination of the two.
The techniques mentioned above can have a huge effect on a bank’s fraud losses but they can also affect staff workload. Identifying Points of Compromise and taking action on large numbers of cards using manual processes is very time-consuming and difficult, but when managed efficiently, such as using the right tools to identify compromises and potentially vulnerable cards, these techniques can save many customers from fraud.
Financial institutions are currently facing a number of challenges. Security, and card fraud in particular, is but one of these challenges but also one which banks have recognised as key to their long-term competitiveness. The balancing act between customer impact and fraud prevention will always be present, but as the old adage goes, ‘prevention is better than cure’.
Fraud & Risk Solutions Consultant