Security Innovations for the Changing Face of Fraud SECURITY INNOVATIONS FOR THE CHANGING FACE OF FRAUD
Fraud is everywhere—and on Creditcards.com projects that commitment to success. INTRODUCTION multiplying. In fact, 17.6 million the total value of fraudulent card- Americans (7 percent of all U.S. not-present transactions alone will Toward that end, CO-OP Financial residents) fell victim to identity theft approach $19 billion in 2018. Services remains dedicated to in 2014, according to the Bureau delivering innovation on all fronts. of Justice Statistics. Nilson reports As any credit union will attest, Here is what we have learned about that global card fraud increased by fighting fraud is like putting out a the state of fraud today—and about 20.6 percent in 2015, while card wildfire. It requires all hands on deck, how credit unions can apply the most volume grew by only 7.3 percent. a highly effective strategic plan, a advanced security innovations toward And JAVELIN research published powerful arsenal of tools, and a 24/7 the safety of their members.
Security Innovations for the Changing Face of Fraud 2 CHAPTER 1: FALSE POSITIVES AND THEIR IMPACT ON REVENUE
When it comes to fraud detection, emphasizes that all transactions can bring even greater frustration credit unions walk a fine line. should be treated with equal due to the member involved. In fact, Identifying fraud takes advanced diligence. JAVELIN research reports that 39 computing systems and sophisticated percent of declined cardholders algorithms designed to uncover “Issuers may write more rules for abandoned their card after being anomalies in member spending large dollar amounts simply because falsely declined. patterns. However, not every the potential losses are greater,” he anomaly equates to fraud. And said. “However, false positives can “A declined transaction at the declining a genuine transaction can impact any transaction that meets point of sale is not only a hassle break member confidence in your the criteria of a fraud strategy rule.” for the cardholder—it can also be card products. embarrassing,” said Buzzard. He adds that, as problematic as false “False positives are a common, positives are for credit unions, they everyday issue,” said John Buzzard, CO-OP’s fraud expert. “Trying to avoid them is like reaching into a paper bag full of different colored marbles hoping to withdraw the same A $118 Billion color each time. It’s a statistical Problem impossibility.”
“For every incidence of fraud According to JAVELIN detected there are almost always research, 15 percent of a few suspects that end up being all cardholders have had non-fraudulent transactions,” said Buzzard. “The important question to at least one transaction ask is whether the fraud captured is incorrectly declined in worth the number of false positives the past year, costing that result from the process.” issuers nearly $118 While false positives typically billion. impact higher dollar purchases disproportionately, Buzzard
Security Innovations for the Changing Face of Fraud 3 False positives are a costly, time-consuming and aggravating byproduct of FALSE POSITIVES AND FRAUD PREVENTION even the most effective fraud prevention strategies. However, there are best A Balancing Act for Credit Unions practices credit unions can embrace to limit their impact. Here is what you need to know:
FALSE POSITIVES COST ISSUERS BILLIONS (Source: JAVELIN Strategy & Research) 15% $118B Of all cardholders have had at What these declines cost issuers
least one transaction incorrectly DECLINED nearly annually declined in the past year
9B 39% By comparison, what actual fraud Of declined cardholders abandoned costs issuers annually the card after being falsely declined
Conflicting shipping and billing information
IMPACT REASONS $ 8.6B FOR Differing risk appetites ON among issuers and merchant $ What U.S. e-commerce FALSE acquirers/processors E-COMMERCE merchants will lose in falsely (Source: Businessinsider.com) declined transactions in 2016 DECLINES (Source: Businessinsider.com) Outdated card information
Security Innovations for the Changing Face of Fraud 4 FALSE POSITIVES AND FRAUD PREVENTION A Balancing Act for Credit Unions (continued)
WAYS CREDIT UNIONS CAN CUT LOSSES 5 4 WAYS TO EMPOWER MEMBERS Rely on cutting-edge fraud Falcon Fraud Manager prevention technology FICO data analytics FRAUD Machine learning technology Enable them to secure their own cards with mobile card Educate members on Create more granular controls and alerts fraud—and on the reality of fraud strategy rules false positives
Green light mildly suspicious Talk to them about the transactions - then contact importance of travel Offer tokenized digital the cardholder to verify notifications wallets—and promote their security
Stay up to date on the latest fraud trends and prevention technologies Communicate via two-way texting to alert members to potential fraud
We have never had to be more vigilant in our action around fraud containment. CO-OP will continue to invest in a strong blend of real-time analytics combined with a variety of tools that address problem areas like identify verification - always with a goal to balance between member service and fraud prevention.
Todd Clark, President/CEO, CO-OP Financial Services
Security Innovations for the Changing Face of Fraud 5 A Constant Balancing Act
For activity that is mildly suspicious, handled delicately,” he said. “While are as detailed as possible. in Real Time and the power of FICO Buzzard advises credit unions to many members appreciate this data analytics,” he said. forego declining the transaction and outreach, others may view it as an “Our risk escalation team works to instead contact the cardholder inconvenience.” seven days a week to fine tune fraud According to CO-OP President/CEO immediately after the purchase to strategy rules for our client credit Todd Clark, the company’s team verify its legitimacy. To help reduce the incidence of false unions, and is supported by a cutting- consistently outperforms the industry in positives, Buzzard recommends edge suite of fraud prevention tools, keeping false positives to a minimum. “These conversations need to be adjusting fraud strategy rules so they including the Falcon Fraud Manager
CO-OP’s false positive ratio is approximately 5:1, which means five cases are created for “ each incidence of confirmed fraud,” he said. “By comparison, the national average is 9–12:1. For fraud denied in real time, our false positive ratio is 1.3:1 versus a national average of 3:1 Todd Clark, President/CEO, CO-OP Financial Services “
Emerging Tech: Machine Learning
To more accurately distinguish fraud machine learning and continues to which analyzes hundreds of pieces CO-OP’s 2017 technology roadmap from genuine transactions, financial advance its speed and accuracy to of data related to a transaction also includes new, advanced machine industry leaders are looking to protect cardholders from both fraud instantaneously, as that transaction learning technology, which will new advances in machine learning and false positives. unfolds. The company is calling it “the integrate with the Falcon Fraud technology. According to the first use of AI being implemented Manager platform to create an even Washington Post, the Visa Advanced MasterCard recently announced on a global scale directly on the stronger scoring mechanism for Authorization System employs new Decision Intelligence Software, MasterCard network.” detecting fraud.
Security Innovations for the Changing Face of Fraud 6 CHAPTER 2: ARMING MEMBERS IN THE FIGHT AGAINST CARD FRAUD
To prevent card fraud, members may percent. According to Visa research as Apple, Samsung and Android Pay, all share a common thread—they be a credit union’s most powerful cited by PYMNTS.com, merchant are recognized by experts as virtually place fraud prevention squarely in the resource. Ondot reports that financial sites that accept their customers’ impossible to compromise. hands of consumers. institutions whose members use EMV cards nationwide have seen mobile apps for card controls and counterfeit fraud drop by 43 percent. While each of these innovations plays Here’s why members should have alerts reduce fraud by as much as 40 And tokenized digital wallets, such a unique role in protecting payments, them:
Battling Fraud with a Smartphone Protecting Cardholders at the Point of Sale
Ultimately, only your members know how they are using their cards, In more than 80 countries worldwide, EMV chip cards have virtually which is why it makes sense to engage them in fraud prevention. eradicated card-present fraud. The technology works by issuing a dynamic code for each transaction that is processed by the merchant. Mobile apps for card controls and alerts allow members to quickly and As a result, member account information remains securely out of a easily specify exactly when, how, where—and with which merchants— fraudster’s reach, locked behind the firewalls at the payments networks. their cards can be used. For example, CO-OP’s CardNav app allows members to receive alerts whenever a card is utilized, with the ability EMV Inroads, According to Visa: to authorize or deny transactions before they are carried out. Users can • 388 million Visa EMV cards have been issued nationwide set spending limits, authorize additional family members for usage, and even temporarily turn cards “off” when not in use. Members can also • 1.7 million locations across the country are chip-enabled track important financial information ranging from account balances to • 40 billion chip-on-chip transactions have been processed (total payment due dates. volume)
Why Act Now: • 41 percent of Visa’s in-store payment volume is chip-based today (Source: PYMNTS.com) Effective October 14, 2016, for Visa, and April 21, 2017, for MasterCard, every U.S.-based card issuer must give cardholders the option to register Up Next—EMV 3DS 2.0 for some basic alerts. EMV 3-D Secure (3DS) 2.0 is a new specification that will allow consumers to authenticate themselves with issuers for card-not-present Moving beyond basic alerts, card control apps empower members to purchases or when verifying their identity for non-payment activities, like prevent fraud vs. just detecting fraud. adding a payment card to a digital wallet.
(Source: Ondot) (Source: Global Banking and Finance Review)
Security Innovations for the Changing Face of Fraud 7 Digital Wallets Go Mainstream
While consumers and merchants have been slower to embrace digital wallets than many had predicted, this dynamic is changing. According to Macdaily.com, Apple Pay transactions were up 500 percent year-over- year in September 2016—with more Apple Pay transactions processed during the month than in all of fiscal 2015. As with EMV, tokenization protects member account data by transmitting a unique code—or token— for each transaction instead of the PAN, preventing actual cardholder data from ever changing hands.
Before Members Pack Their Bags . . .
Make sure members know to file travel notifications with your credit union before leaving town. This step can save everyone involved time and aggravation, and ensure that members have full access to their cards while away.
Mobile Revolution
If the outlook for mobile is any indication, digital wallets have a bright future. For 2017, the number of U.S. smartphone users will reach an estimated 222.9 million, and the number of smartphone users worldwide will exceed two billion.
(Source: Statista.com)
Security Innovations for the Changing Face of Fraud 8 CHAPTER 3: SHORING UP THE BACK OFFICE: THE POWER OF MACHINE LEARNING
Machine learning continues to make So what is machine learning and learning theory to teach the industry headlines as credit unions why is it so effective at catching card computer, in essence, how to think. and other financial institutions fraud? increasingly find value in big data. As a fraud detection tool, machine According to a study completed by In 1959, artificial intelligence pioneer learning enables highly accurate London-based Oakhall and published Arthur Samuel defined machine predictive analytics based on on finextra.com, global financial learning as a “field of study that enormous volumes of complex—and services firms could save $12 billion gives computers the ability to learn ever-changing—data. annually—or more—by optimizing without being explicitly programmed.” adaptive, machine learning fraud It accomplishes this by employing management technology. advanced pattern recognition algorithms and computational
More Effective Than Humans
Research published by Mercator own criteria for what constitutes Advisory Group in conjunction fraud, based on vast amounts of with CO-OP states that, “In most historical data in the system.” situations where human beings determine risk today, a machine He adds, “The technology is rapidly learning algorithm will be able to becoming mission critical because outperform those humans.” fraud has changed dramatically in 2016. We are now at the point where Machine learning also outperforms fraud has mutated and outpaced the neural network technology widely the general thoroughness of neural used by financial institutions to detect networks.” card fraud. The good news for credit unions, “Neural networks follow a rules-based Mercator reports, is that third- approach that requires a human to party software suppliers have program the rules,” said Buzzard. already invested heavily to integrate “New advancements in machine machine learning into their software, learning technology now enable the substantially reducing the cost and system to intelligently develop its effort to employ the technology.
Security Innovations for the Changing Face of Fraud 9 Beyond Fraud Detection Machine Learning by the Numbers While machine learning shines in detecting fraud, there are other valuable credit union applications for the technology, including the following: IBM researchers working with a large U.S. bank reported that machine learning yielded a 15 percent increase in 1 Cross-selling products fraud detection, a 50 percent reduction in false alarms, and a total savings increase of 60 percent. 2 Facilitating member satisfaction scoring (Source: helpnetsecurity.com) 3 Expediting diagnostics for technical support
A More Intelligent Member Profile
Machine learning makes a fraud detection system faster—and smarter. However, if the member’s card is For example: simultaneously used at a big box store in L.A., the system would recognize this transaction as fraud.