Fraud in Cards IV

RISK MANAGEMENT SERVICES

The risk mitigation needs of financial institutions are as varied as their asset sizes. When formulating a comprehensive strategy, you may want to consider customizable options – like risk management services – that complement your best practice toolset and provide additional insight and controls to assist in managing your fraud and risk management program. Ideally, financial institutions can establish a one-to-one relationship with a member of their processor’s risk analyst staff to assist in managing more complex and damaging fraud cases.

This industry expert can provide advice on remediation strategies, design and implement fraud rules tuned to the unique characteristics of your cardbase, generate specialized reports, gather additional information, provide additional analytic services and supply other assistance to reduce your fraud exposure. This service allows financial institutions to augment their risk management program with highly seasoned and experienced risk analysts.

With risk management services, you receive insight and direction designed to address your institution’s unique credit, debit and prepaid fraud risk exposure. The old adage is especially true here, "one size does not fit all," as it relates to fraud rules and strategies. As fraud evolves, these capabilities have never been more important. When fighting fraud, timing is critical – so a risk management service is designed to help you take swift action.
One obvious area a fraud risk analyst can assist you with involves strengthening card change authentication methods. Although you understandably want to provide your cardholders with flexibility to activate a card or make PIN changes at their convenience, you should first work with an analyst to understand the options and specific information you can use to authenticate cardholders.

Your analyst can recommend the information needed beyond a social security number or date of birth. Understanding your options can help prevent fraud and provide a better and more secure cardholder experience. Once a cardholder is reliably authenticated, you can be assured your cardholders can safely use their cards at ATMs and the point of sale for purchases

Fraud in Cards III

AUTHORIZATION LEVEL TRANSACTION BLOCKING

 

Transaction blocking gives you the ability to prevent the authorization of all transactions originating from countries or merchants known to generate fraudulent transactions. By taking advantage of the ability to override blocks at the card level, you can maximize your protection without inconveniencing your cardholders who may be traveling or working outside the United States.

The benefits include more precise fraud detection and increased fee income as you no longer unnecessarily block international card present transactions. According to industry statistics these transactions are an issuer’s most profitable ones because the average value of an international card present transaction represents 175 basis points in value versus 16 basis points for a domestic transaction.

These tools provide a method of blocking transactions you consider highly likely to be fraudulent by routinely denying the transactions in the authorization process. Issuers often look to Visa or MasterCard to implement blocks for specific countries. The associations’ capabilities are adequate for blocking countries but they do not address other high-risk criteria such as merchant ID.
 

Issuers should take advantage of all available tools to mitigate risk. Transaction blocking capabilities are a key component of a sound risk management strategy and can be used to stop fraudulent transactions originating from specific countries, specific merchants and/or specific merchant types. Your transaction blocking approach should provide you with the ability to place transaction blocks at the BIN and individual card levels. This approach enables you to block transactions you deem high risk, at your discretion. Any combination of BIN and card level blocks should be set giving you the ability to override blocks for those specific cardholders who are traveling or working overseas. Blocking criteria should be set for all transactions or specific transactions —ATM, POS, eCommerce — within BIN and card levels.

You assign the expiration date of each block to ensure compliance with card association rules regarding international/country blocking. Approve/deny options for each block include report and continue, deny, and deny and capture card. Daily and monthly reporting is important and block-related information should be incorporated into online transaction review screens, making it easy to manage your blocking strategies. It is important to note that rules implemented for blocking transactions may only prevent the authorization of transactions through your processor’s switch. Any transactions authorized through Visa and MasterCard during stand-in may require additional steps to implement blocks on the associations’ systems. Additionally, blocking of transactions does not necessarily protect your chargeback rights.

NOW ADD COMPROMISED CARD TRACKING . . .

Industry trends indicate that blocking and reissuing cards each time a compromise occurs is not only expensive but also causes cardholder churn. Cardholders receiving reissued cards multiple times due to compromises, especially those that they may not have heard about in the news, frequently question the security of their issuing institution and a relatively high percentage will move their banking relationship to another institution. Although compromised cards are more likely to be used to conduct fraudulent transactions, taking this into account in the neural network process aids in stopping fraudulent transactions. Visa and MasterCard provide alerts to you or your sponsoring institution when a data breach or card compromise event involving card data occurs. Issuers historically have routinely blocked and reissued cards to prevent losses. Consider closely monitoring the activity on compromised cards and reissuing only those cards with suspicious or fraudulent transactions. Ensure your processor enables you to more closely scrutinize transactions for compromised cards in neural network processing. . . .

AND CASE TRACKING

A sensible case tracking tool will enable you to immediately serve any cardholder regarding cases that have been created or are being worked.

Case tracking tools put information online and at your fingertips so you have a complete repository of all actions taken on your cases and immediate access to updates and case statuses. Customized search options will enable you to view the information you need quickly and easily. With an appropriate case tracking tool, you have real-time access to information and can:
Search and download by case creation date, case status, card number, last name, tax ID, phone number, or city, state and postal code

Download and review available transactions associated with a specific case

Status cards and manage cardholder records optimizing back-office operations

Determine a case status (Fraud, No Fraud, Unconfirmed)

Directly enter actions or review actions already taken by your team, including:

•Send a letter to the cardholder

•Review case and cardholder demographic details

•Dynamically select data to generate a custom report or print records.

Case tracking is made especially efficient through the use of transaction tagging – a feature that provides enhanced visibility to potential fraud trends. With tagging, transaction details – including the merchant, country and state – are already verified when you review cases, significantly streamlining the research process, resulting in quicker identification of fraud and expedited implementation of fraud prevention solutions.

Fraud in Cards II - Neural Networks and Real time Decisioning.

The most sensible starting point is the implementation of neural network capabilities that achieve a balance between aggressive fraud detection and serving cardholders:

 

A strong neural network helps reduce fraud losses and focuses investigations on accounts and transactions that are most likely to be fraudulent.

 

 

Neural network technology builds cardholder profiles and utilizes predictive models to detect potentially fraudulent card usage.

 

The predictive models are used to determine the fraud potential of each ATM and POS transaction by evaluating it against a complete history of cardholder usage patterns as well as unique transaction characteristics that are known to be fraudulent and legitimate.

 

This process results in the recognition of any uncharacteristic transaction behavior.  

• Transaction
• Industry
• Cardholder 
• Merchant data

Are all used to forecast the likelihood of fraud.

With all neural networks, some level of false-positives will be generated. In a real-time environment, cardholders’ transactions will be denied if the transaction score exceeds a defined scoring threshold. The lower the scoring threshold, the higher the false-positive rate and the more likely that legitimate transactions will be denied.

Conversely, the higher a scoring threshold, the fewer actual fraudulent transactions you will prevent.

Real-time decisioning involves taking the neural network score into account in the authorization process.

While the industry norm has historically been to review the neural network score after a transaction has already been approved or denied, there is increased interest in considering the likelihood of fraud (neural network score) in the transaction authorization process.

Although this practice can drastically reduce fraud exposure, it can also have a negative impact on cardholders’ ability to perform legitimate transactions and potentially impact overall card usage due to a higher rate of false-positives experienced with current technology.

Financial institutions should carefully weigh the level of risk they are willing to accept against the level of cardholder satisfaction they wish to deliver. An appropriate balance of the two is necessary to ensure you are protected against the majority of fraudulent transactions and that cardholders continue to view their cards as a safe and dependable payment method.

Inserting the neural network process into the authorization path provides more information upon which to make approve/deny decisions, enabling you to stop suspect transactions before they are approved.

You will be able to select the criteria for those transactions you deem high risk that should be sent for real-time neural network processing (e.g. dollar amount, international, country codes, merchant category codes).

But even the most robust authorization systems can be enhanced. That’s where a rule authoring capability becomes a differentiator.

When you layer in rule authoring, you are ready to immediately address flash fraud – reducing fraud losses, maintaining consumer confidence and protecting the reputation of your institution.

A robust rule authoring service will provide more availability to fields in the online message and greater flexibility in the number and complexity of rules that can be deployed, automating actions so risk mitigation can start immediately.

Fraud in Cards - I

 

Is EMV going to stop the fraud? The answer is NO.

 

Its going to mitigate only partial fraud in the overall fraud issues.

It can't mitigate the fraud in CNP(Card NOT Present).

 

To protect FIs, Banks, CUs and Cardholders, We would need sensible risk management approaches that should complement EMV and Tokenization with best practices.

 

These best practices includes

 

- Real Time scoring that blocks the fraudlent Transactions

- Real Time case management and Monitoring

- Tracking and Monitoring Fraud Alerts

 

In its earliest form, card fraud resulted primarily from stolen cards which FIs, Banks able to combat through card activation processes and first-generation neural networks.

But as new payments technologies proliferated, fraud also became more sophisticated and increased through large scale operations that included phishing, skimming, and data breaches. Enter EMV, which provides new safeguards during card present transactions.

Despite (and likely because of) the positive impact of EMV, a large percentage of new fraud is moving to CNP transactions (like ecommerce transactions) which EMV does not protect.

CURRENT FRAUD Trends Includes:

More diverse cardholder activity – making it more difficult to recognize cardholder patterns
More creative and pervasive fraud, including flash fraud which can result in huge losses before issuers can react and respond

Criminal attacks that have increased in magnitude via both local and global criminal organizations

Social engineering tools that exploit consumers with phishing attacks that take advantage of cultural and current events

Criminal efforts to install malware to obtain online credentials and any pieces of personal information

Vishing/SMiShing.

 

 

Evolution of Payments

ABCs of EMV.....

The FRAUD in CREDIT CARD is one of the TOP Concern in the US - Cards Industry. EMV uses chip card technology to provide more secure card for payments.

By moving to EMV, Merchants, Banks and Software Solution Providers wil lget benefits.

-  Reduced Fraud
-  Better Data protection
-  Enhanced Payment Security

Merchants partcularly needs to be prepared as a libality for NON EMV Transactions will shift from Card ISsuers to Merchants from OCTOBER . 2015.

"A" for Anticipation

EMV Chip cards also known as
 
- SMART CARDS, 
- Chip and PIN Cards,
- Chip and Signature

EMV Cards offer an added Level of Security with Chip that assigns a unique code using dynamic data during authentication process when customer uses their cards.
Customers, instead of swiping, they enter card into Terminal with PIN or Signature.

"B" for Benefits

One of the main benefits is PEACE OF MIND since their Data protection has been ensured with chip security. Another major benefits for Travellers. Most of countries started supporting EMV Terminals.

Most of the current EMV Terminals supports contactless transactions. So its good to have EMV Cards.

"C" for cohesiveness

All the Merchants who is making investment into this business, will need to assess the investment they are making in the transition with over all payment program.

Taking Tokenization Beyond The Transaction

Apple Pay has elevated mobile payments to a topic of conversation across
financial institutions and credit unions, large and small.

And many of those conversations relate to how these more “traditional”
players get their foot in the mobile payments door.

Tokenization has become a very popular concept in payments.
What impact does tokenization have on financial institutions and the payments industry? 

The impact, we’re seeing on financial institutions and the payments industry relative to
tokenization has been one of tremendous interest, especially since the launch of
Apple Pay late last year.

Apple Pay is the first use case for tokenization specifically through the EMVCo specifications,
which utilize tokenization for static tokens.

Therefore, the token resides on a user’s phone instead of their card number.

One of the main concerns with mobile payments for our clients and their cardholders has been security.

So now with tokenization, the token replaces the card number, which isn’t exposed
on the phone to the merchant or through the transaction message.
That’s a very powerful message for the cardholder.

For Banks, FIs and credit unions, tokenization is a strategy to combine with EMV and

• Neural Fraud Detection
• Call center services
• Chargeback support
• Other risk tools

to assist in providing holistic support aimed at mitigating card fraud.
       -Mobile to mitigate card-not-present fraud.


As new technologies and security approaches are scrambling to become
the champion in the mobile payments space, is tokenization here to stay,
and what may be next?

It may be too early to say if there’s a champion or one security technology
that may dominate the payments space.
Tokenization has definitely spurred a proposed standard,
and there could be others that adopt the technology for NFC and possibly HCE as well.

What we can say is that we are poised to complement
these new technologies,
new mobile securities and
additional participants to the mobile payments industry
to ensure Banks, FIs and CUs can participate with their cards and service
their cardholders through traditional methods or via their participation in
the mobile payments space.

Tokenization as one more technology change that continues to
address the individual needs of consumers.

We are focused on providing integrated, omni channel payments services
and wrapping security around every transaction regardless
of how the consumer chooses to pay.

 

Mobile - Insecurity

IBM Study finds that 33% organization never test their Mobile Apps whether they are really secure. Its really sad to see that. Hope this trend will get change. And companies will realized that secuirty is primary incredient for the payments business.

Whats NEXT in payments?

Just thinking , what would be the next steps in the payments.

Lot of innovation is happening now in payments.

Disruption, then innovation. Or is it innovation then disruption?

Either way you slice it, the payments industry is going through a massive wave of disruptive innovation.

According to me, PAYMENTS itself a ICEBERG. In that, what we can't see, its CRITICAL. The same word, can applicable to PAYMENTS INNOVATION too.

Remember, Apple wasn’t in payments awhile back either. In other words, these could be the players who maybe you should be sweating bullets over, and should be keeping you up at night.”

Seven Success Factors - In Digital Banking

DIGITAL BANKING - IV

 

Digital Banking III - How to get there?

Traditional banks are organized around money in branches.

• Their thinking,
• Their technology,
• Their incentive systems,
• Their knowledge about customers

are all structured around branches and product lines.

To become digital,

- Banks have to focus on electronic platforms and data as their core and branches as secondary.
- To get to an integrated electronic platform,  banks need to replace their old core systems.

Banks are shutting down branches
           - Europe closed 20,000 in the last four years.
           - Thousands have been closed in the U.S.
           - It has been predicted that banks will go from 1 branch per 20,000 customers now to 1 branch per 250,000 customers.
          - Banks will move to electronic channels where a transaction is much cheaper than one   performed by a teller.


Digital banking is more than getting consumers to use online or mobile banking or building a new app – it is a way to run an entire organization.

This new model touches product development, distribution, front and back office operations, marketing communication and the entire customer experience.



When engaging with a digital bank, consumers should benefit from the following:

• Shop for a financial institution online or with a mobile device
• Open a new account by using a computer, tablet or mobile device using image capture to save steps
• Communication with their bank through the channel of choice, potentially with live video tools
• Financial insights pre-login, such as balances, recent transactions and product recommendations
• Real-time and secure transactions online or at the point of sale with a mobile device
• Personalized and predictive offers that leverage geographic as well as contextualized insight
• Real-time digital money management including alerts and notifications
• Integration of financial services with daily activities.

Digital Maturity Model

Dell has developed a comprehensive Digital Maturity Model (DMM) to map a financial institution’s current digital state allowing an organization to develop a comprehensive action plan that is completely aligned to overall strategic goals.





 

Today's Complex - Payment System

TRADITIONAL PAYMENT SYSTEM

TODAY'S COMPLEX PAYMENT SYSTEM FOR END USER

 

 

 

Digital Banking - II

According to McKinsey Report,

Digital transformation will put upward of 30 percent of the revenues of a typical European bank in play, particularly in high-turnover products such as personal loans and payments.
• Banks can remove 20 to 25 percent of their cost base by leveraging this digital shift to transform how they process and service.
• Put together, the economics of a digital bank will give it a vast competitive edge over a traditional incumbent. It’s fair to say that getting digital banking right is a do-or-die challenge.

How to go digital without going crazy?

• Maximize the use of existing technology
• Apply lightweight technology interventions
• Place a few selective big bets

Address the people dynamics

• Set the right structure and incentives
• Increase the focus on business outcomes, not digital activity
• Formulate and implement a people vision

What exactly in the value of DIGITAL BANKING?

While the cost-saving opportunity for banks comes in many forms and touches every area of the bank, there are two areas that are especially significant and represent the bulk of the value:

• Automation of servicing and fulfillment processes and migration of front-end activity to digital channels. On automation, European banks can realize 40 to 90 percent cost reductions in a range of internal processes through careful deployment of work-flow tools and self-servicing capabilities for customers and staff.
• On front-end transformation, beyond diverting existing branch activity into digital channels, digital tools can also be used to augment frontline servicing (for example, with iPad forms rather than paper forms, or videoconference access to specialists to maximize their utilization)—easily doubling staff productivity and enhancing the customer experience.

In the near term, we expect shorter-tenure, high-turnover products like credit cards, loans, and payments to see the most digital transformation. In fact, these are the areas most under attack from new digital entrants.

Looking further ahead, bank accounts and mortgages, which together drive more than 50 percent of many banks’ revenues and usually provide “sticky” annuity streams, will be brought into the fray.

Digital Banking

“Digital” is the new buzz word in the banking sector, with banks all around the globe hopping onto the digital bandwagon.

Just like how the introduction of mobile technology massively disrupted innovation in the banking sector, digital is now doing the same.

Banks of all sizes are making sizeable investments in digital initiatives in order to maintain a competitive edge. So, what does “digital” actually mean?

That was the time, I was able to relatively to to distinguish between the sorts of

•    Internet banking
•    Online banking
•    Electronic banking

1. Internet banking would mean browser-based banking.
2. Online Banking means, It includes software or even telephone banking.
3. Electronic Banking, would mean the entire range of electronic payment and transaction processes including card terminal transactions.

And now, there is new contender, “digital banking” made a recent appearance and it looks like it is here to stay.

According to PWC, Digital Banking means,

"The full extent of what digital can offer customers goes beyond the basic mobile and internet banking services that are now widely provided, although there is still value to be obtained for many banks from simply delivering these basic services well.”

 “Digital banking will evolve into a richer set of offerings, providing new value for banks and their customers through a new ‘digital feature set’, based on innovations in:
         - User experience;
         - Mobile devices and
         - Networks;
         - Social media and
         - Collaboration;
        -  Customer analytics;
        -  Channel Ïntegration.”


“Digital Banking – a new concept in the area of electronic banking,
 which aims to enrich standard online and mobile banking services by integrating digital technologies,  for example strategic analytics tools, social media interactions, innovative payment solutions, mobile technology and a focus on user experience.“

According to ACCENTURE,

"Banks must reconnect with customers, rebuild trust and rethink the banking experience.
Digital technologies and solutions provide an excellent opportunity for forward-thinking financial institutions to move past this challenging market environment. If banks do not step up to digital, non-banking organizations will seize the opportunity to own the customer experience layer and provide alternate means of distribution. By having a truly digital business, banks can move away from reactive, transaction-based customer relationships, toward a more intimate, proactive and personalized experience across multiple channels, products and services"

 

TARGET2

TARGET (Trans-European Automated Real-time Gross settlement Express Transfer) was launched in 1999 and comprised the national real-time gross settlement (RTGS) systems of EU Member States participating in the Economic and Monetary Union (EMU), the ECB payment mechanism and an interlinking mechanism.

TARGET2 is the new trans-European payment system which replaced TARGET. 

 The new system was developed to cater for the needs generated both by the enlargement of the European Union (EU) and by technological advances, as well as to meet market participants’ demands for safe and efficient payment systems across Europe.

TARGET2 is based on a technically centralized platform (Single Shared Platform – SSP), which is provided by the central banks of Germany, France and Italy and replaces the decentralized structure of the original TARGET system. With TARGET2, the Eurosystem provides participant Member states with payment services based on a single price structure for both domestic and cross-border payments. 

TARGET2-NL The Dutch component of the ESCB’s TARGET2 RTGS system.

TARGET2 was introduced in the Netherlands on 18 Feb 2008. The difference vis-à-vis the previous version of TARGET is that it uses one central technical platform for payments, eliminating the need to maintain national large-value payment systems. Financial institutions send their large-value payments directly to the platform. Most Dutch credit institutions participate in TARGET2-NL.