Credit Card Fraud Detection

david_jones · #1 (**permalink**) 08-15-2005, 10:20 PM

Nowadays, many company especially the merchants are suffering from credit card fraud. The cost of this fraud is felt by online merchants, who offer a product or service online. They have to take risk of losing the cost of the product sold, pay chargeback fees, and face the possibility of having their merchant account closed.

As a result, in my point of view, geographic information http://www.fraudlabs.com can help prevent fraud. With Geolocation, out-of-state checks are analyzed more closely. Besides, it can flag a mailed-in credit application if the listed address doesn't match the postmark. Geolocation technology provides the real-time e-commerce transaction for certain location which is known as high fraud spot.

cyanide · #2 (**permalink**) 08-15-2005, 11:13 PM

Nice to see you have an un-biased view of this company.

I guess I know who not to go to, for fraud protection

___________

Web Hosting | Webmaster Help

kgun · #3 (**permalink**) 08-16-2005, 08:09 AM

1. USA http://www.consumer.gov/ E.g. http://www.consumer.gov/idtheft/
2. China http://www.id5.cn/

Kjell Gunnar Bleivik
http://www.multifinanceit.com/
http://www.blognorway.com/

willthegeek · #4 (**permalink**) 08-17-2005, 06:51 PM

In my opinion, these efforts are pretty useless. I buy many things online, some of them pretty expensive. One reason is that I travel a lot, working as a consultant in many countries. Right now, I am working in China. My credit card info and address are still in the US.

Does this mean that I am to be tagged for fraud because I want something delivered to me in China?

Regards,

Will

Shift4SMS · #5 (**permalink**) 08-23-2005, 07:36 PM

Quote:

Originally Posted by willthegeek

In my opinion, these efforts are pretty useless...Does this mean that I am to be tagged for fraud because I want something delivered to me in China?

In a nutshell, yes. You have a couple things going wrong for you: 1) shipping address is out of the country of the credit card billing address and 2) you want the good shipped to China. There are several high risk countries to ship product to and China is one of the countries on that list.

MichelH · #6 (**permalink**) 08-24-2005, 07:54 AM

The only thing that will eventually help to reduce fraud is to have a credit card terminal integrated in the keyboard with a password if you want to shop online from your home.

Well, of course, Microsoft or another big boy has to come up with this and partner together with a company that can handle the technical side of the credit card features.

jestep · #7 (**permalink**) 08-24-2005, 08:04 AM

Quote:

Originally Posted by MichelH

The only thing that will eventually help to reduce fraud is to have a credit card terminal integrated in the keyboard with a password if you want to shop online from your home.

Well, of course, Microsoft or another big boy has to come up with this and partner together with a company that can handle the technical side of the credit card features.

I've heard that Dell has been working on something like this. It would basically be a built-in card reader in the keyboard.

I think there would have to be some sort of universal system before it could ever become really popular.

MichelH · #8 (**permalink**) 08-24-2005, 08:20 AM

I totally agree, a local solution will not take care of the problem.

The banks here in the Netherlands have come up with 5 or 6 different solutions for the Dutch market, but these are only local solutions. They somehow don't seem to understand that they need to come up with a global solution.

Anyway, I really hope Dell is doing something with it. Once it really works and becomes popular, it will take about 5-10 years before everyone has it installed of course, but it will really reduce fraud on a big scale.

deepsand · #9 (**permalink**) 08-30-2005, 04:28 PM

The card issuers & servicers wave the banner of "no liability for fraudulent use" as a means of attracting new customers & retaining existing ones, thereby encouraging "friendly" fraud.

In fact, they merely pass the ensuing costs back to the merchants, in the form of transaction charge-backs & processing fees.

Furthermore, a number of banks refuse to verify the CVC Code, claiming that such is intended for their use in dealing with the card-holder only, thereby depriving the merchant of an additional & valuable tool in combatting fraud.

As a result, the "customer" gets free goods, the banks earn interchange, the merchant acquirers earn their share of the discount, the card processors earn transaction & settlement fees, and the merchant gets screwed.

jestep · #10 (**permalink**) 08-31-2005, 08:45 AM

Quote:

Originally Posted by deepsand

The card issuers & servicers wave the banner of "no liability for fraudulent use" as a means of attracting new customers & retaining existing ones, thereby encouraging "friendly" fraud.

In fact, they merely pass the ensuing costs back to the merchants, in the form of transaction charge-backs & processing fees.

Furthermore, a number of banks refuse to verify the CVC Code, claiming that such is intended for their use in dealing with the card-holder only, thereby depriving the merchant of an additional & valuable tool in combatting fraud.

As a result, the "customer" gets free goods, the banks earn interchange, the merchant acquirers earn their share of the discount, the card processors earn transaction & settlement fees, and the merchant gets screwed.

I agree with this 100%

The issue comes down to a simple fixing of a problem without looking at the cause of the problem. Since card issuers know that businesses cannot not accept credit cards, they take the easy way out, and place all of the accountability on the merchants, problem solved...

Merchants are at the front line of fraud, but have the fewest resources to fight it. Furthermore, some of the resources that do exist, cost extra for the merchant to use. Why would there be an extra charge to help prevent fraud? Because, card issuers dont loose money from fraud, merchants loose money from fraud. If merchants need to help prevent fraud, someone might as well make some more money from that as well.

Since the processors and card issuers have put themselves in a possition to make money on both sides of the road, they stick to the side with the highest profits, the consumer.

I do help run an ISO, but I have to completely sympathize with merchants. Until the parties making the real money from credit card processing step into the fraud prevention picture, I don't see any solid fraud prevention improvements for merchants. ISO's have no control over preventing fraud. All we can do is give advice, and help our merchants as much as possible if they do run into fraud. Beyond that, it is in the hands of the processors, and the card issuers.

deepsand · #11 (**permalink**) 08-31-2005, 01:45 PM

After a lengthy period during which Discover failed to support external use of the CVC by merchants, they made such use mandatory, with a penalty fee being charged for each transaction which failed to use such.

However, despite the fact that a merchant may have used such, and received the proper verification response code from DSCBiz, DSC's system frequently fails to properly note such and the merchant is charged said penalty.

If the merchant attempts to circumvent this problem by calling DSCBiz to manually verity the CVC, he then gets hit with a surcharge for using DSC's phone support for something that could have been done via the merchant's terminal!

This is truly a case of damned if you do & damned if you don't.

MichelH · #12 (**permalink**) 09-01-2005, 08:41 AM

I totally agree with Jepstep.

Nowadays, it even seems that customers are abusing the system just by calling the bank for a chargeback, while they have had the goods delivered. The opportunity is there and people take advantage of it. It's too time consuming to fight against a chargeback, especially if it is for a $30 widget.
Don't even get me started about VbV and MasterCard Secure! Which, yes, does cost extra for the merchant to install. If they are so sure about their system, you should expect transaction rates to go down in my opinion...

LadyDxer · #13 (**permalink**) 09-04-2005, 09:30 PM

Here is an article on biometrics that addresses the problem of payment security. Forget credit cards in the future :)
http://www.infoconomy.com/pages/search/group109266.adp

deepsand · #14 (**permalink**) 09-04-2005, 10:21 PM

Biometric ID systems require the physical presence of the person initiating the transaction.

To use biometrics remotely, as would be the case for "card not present" transactions, requires that a new local peripheral device be used by the would be buyer, one that is ubiquitous, if it is to surplant the use of user supplied account information.

I would advise against betting on such happening within the short term.

blac6789 · #15 (**permalink**) 09-05-2005, 02:53 AM

Some of our customers use a service called precharge. I have not used it myself but its something to consider. You pay them like 1%-2% of each transaction and they give it a fraud score and then if the score is below a certain number they guarantee the transaction. This way even if the transaction is charged back you get the money. The website is www.precharge.com

LadyDxer · #16 (**permalink**) 09-05-2005, 09:54 AM

I think they may be working on putting the fingerprint or iris reccognition technology into PDAs such as the BlackBerry and could end up using these all over the place instead of credit card readers. They will probably end up building the readers into PCs and used in businesses, just as the credit card readers. It is a good idea for security reasons.

deepsand · #17 (**permalink**) 09-07-2005, 01:20 AM

Past experiences with such devices have yielded dismal results, owing to lack of interest. The public is more concerned with guarantees that personal losses will be mitigated than with front end measures to deter fraud.

Merchants cannot afford to wait for such hardware capabilities to become commonplace.

For recent survey results re. such, see
http://www.securitypronews.com/insid...nsactions.html .