Know your Fraudster: Preparing for the Post EMV Card-Not-Present Fraud
•
0 j'aime•289 vues
Presented as s session in the NRF Protect 2015 conference- With EMV migration coming up, many retailers mistakenly think that they should no longer worry about fraud. But the reality is that while solving many crucial weaknesses at the point of sale, EMV does not assist with Card Not Present transactions. In fact, since fraudsters will still try to make a living somehow, EMV migration might make things worse for online retailers. The good news is, that while fraudsters are fast, so is technology. This presentation provides knowledge about the changing behavior patterns of fraudsters and to get a practical guide on how to be prepared for the upcoming post-EMV fraud tsunami, while balancing between loss prevention and user experience, without letting the fear of fraud create a spike in false positives or result in an over-conservative policy.
Recommandé
Recommandé
Contenu connexe
Tendances
Tendances (20)
Similaire à Know your Fraudster: Preparing for the Post EMV Card-Not-Present Fraud
Similaire à Know your Fraudster: Preparing for the Post EMV Card-Not-Present Fraud (20)
Dernier
Dernier (20)
Know your Fraudster: Preparing for the Post EMV Card-Not-Present Fraud
- 1. Know Your Fraudster Leveraging everything you’ve got to prepare for the Post-EMV CNP Fraud Noam Inbar, VP Business Development, Forter
- 2. $3 BILLION 2014 U.S. CNP Credit Card Fraud Losses (Aite Group)
- 3. EMV will make your fraud disappear HRS. 0 9 MIN. 3 0 DAYS 9 9
- 4. REALLY?
- 5. NOT REALLY. 1 Being a fraudster is profession. EMV won’t make them disappear 2 Fraudsters look for the weakest link; EMV doesn’t protect Card Not Present Transactions 4 E-commerce will continue to grow3 EMV migration will cause organizations to be slower and less efficient than before 5 Crime as a service: even fraudsters with low technical abilities can commit fraud online, lower barriers to entry
- 6. FRAUD TO SPIKE 40-50% In the 2 years following EMV migration Research
- 7. WELCOME TO THE POST EMV FRAUD TSUNAMI
- 8. DOMINANT MARKET APPROACH to fraud prevention Rule Engine Risk Score Fraud Policies Manual Reviews APPROVE DECLINE
- 9. DOMINANT MARKET APPROACH to fraud prevention Rule Engine Risk Score Fraud Policies Manual Reviews APPROVE DECLINE FRAUD PREVENTION 1.0
- 10. 2.0 FRAUDSTERS Require 2.0 Fraud Protection
- 11. MACHINE LEARNING – BIG DATA – CL REALTIME ALGORITHIMS – SCORES – ENGINES – FINGERPRINTING – MACH LEARNING GEOLOCATION – CLOUD – REALTIME – BLACKLISTS – BEHAVIOR ALGORITHIMS – MACHINE LEARNING – SCORES –FINGERPRINTING – BLAC BIG DATA – SCORES – REALTIME ALG
- 12. A PRACTICAL GUIDE to post-EMV card-not-present fraud
- 13. 1 KYF: KNOW YOUR FRAUDSTER
- 14. FRAUD IS CHANGING So should your fraud prevention 1 Dark-net Marketplaces enable a sophisticated fraud ecosystem Crime as a Service 2 2014’s massive data breaches flooded the market with high quality cards Abundance of Stolen Data 3 Fraudsters are quick and agile, methods that used to be the holy grail of fraud prevention can no longer get the job done Traditional Practices are no longer enough 4 After Silk Road’s demise, fraudsters have become vigilant about operation security Fraudsters Are Paranoid 5 Wherever there’s internet, there’s the opportunity for CNP fraud Fraud is Global 6 Hardware is cheaper than ever, so fraudsters can burn through it & never look back Hardware is Commoditized
- 15. 2 AUTOMATE
- 16. 81%of merchants review orders manually 52% of fraud budget is used for manual reviews MANUAL REVIEWS 20+ MIN Per a manual review, for over 20% of merchants Source: Cybersource Online Fraud Report
- 17. Predicting people is not like predicting the weather Nuances and patterns extracted from a user’s online behavior enables comparing and benchmarking against expected behaviors, adding a whole new dimension of knowledge. BEHAVIORAL ANALYSIS Automating manual reviews
- 18. 3 DON’T PANIC
- 19. FALSE POSITIVES | Definition |False Positives A "false positive,"... arises when fraud detection software blocks your card because the card has been identified as the vehicle of potentially fraudulent activity when it isn’t ~ Tech Republic
- 20. FALSE POSITIVES $40 BILLION lost every year due to unnecessary red flags and transaction blocks Source: Trust Insight, Measuring Consumer Attitude on CNP Credit Card Declines Report
- 21. FALSE POSITIVES Source: Cybersource Online Fraud Management Benchmark Study (N. American edition, published 2015), Ethoca research 2015 OVER 70% of merchants believe that UP TO 10% of rejected orders are actually valid BUT THE ACTUAL RATE IS ESTIMATED AT ABOVE 40%!
- 22. FALSE POSITIVES NEARLY 20% of consumers who experienced a fraud-related decline had no future spend 6 months after the decline event Source: Trust Insight, Measuring Consumer Attitude on CNP Credit Card Declines Report
- 23. FALSE POSITIVES - CAUSES Processor rules and red flags Tools that require hard coding Outdated rules Manual reviews: bias
- 24. EXAMPLE: AIRLINE
- 27. APPROVED BY PHONE WITH SAME CARD
- 29. MAN VS. THE MACHINE
- 30. EXPERT KNOWLEDGE Interdependencies: What do the data points tell us? Platinum+ Credit Card Type San Jose, US Billing Neighborhood Mexico (very low income) Shipping Neighborhood $200, $90, $80 Past Purchase Amounts $10,000 Current Purchase Amount Spanish Browsing Language Wireless Network IP Type
- 31. Platinum+ Credit Card Type San Jose, US Billing Neighborhood Mexico (very low income) Shipping Neighborhood $200, $90, $80 Past Purchase Amounts $10,000 Current Purchase Amount Spanish Browsing Language Wireless Network IP Type EXPERT KNOWLEDGE Stories Model: Mexican National Holiday Sale Immigrant shipping to family
- 32. 5 SMART LINKING
- 33. UNCOVER THE FRAUDSTER SOCIAL GRAPH Verification and authentication of a single transaction and blacklists that are based on IP match and email match provide a very narrow view Similarities and proximities reveal beyond the transaction
- 35. 1. KNOW YOUR FRAUDSTER 2. AUTOMATE 3. DON’T PANIC 4. HUMAN BASED MACHINE LEARNING 5. SMART LINKING RECAP: WHAT TO DO
- 36. GOOD LUCK! www.forter.com noam@forter.com @InbarNoam
- 37. Nominate an attendee or speaker from this session as a PROTECT MVP. #PROTECTMVP THANK YOU!
Notes de l'éditeur
- Quantity and quality – rise in fraud rate, variance in the quality – different levels of expertise, kids who “play” with fraud, facebook groups that distribute card numbers in the cleranet – burdens the system – in analyst based systems it takes a lot of resources. Above that high levels of sophistication, uber sophisticated fraud 1. Crime as a service: While in the POS fraud is based on networks and many people who do the dirty work, CNP Fraudsters no longer need to be part of an organized crime organization, they have a full suite of services available for affordable prices.. Remote desktops – IP wherever they want, $30 a month, unlimited IPs, screening abilities, buy bundles of credit Cards, sort according to banks, zipcodes, focus on geographies , huge masses of data available for sale , ability to call the bank and commit full account takeover, card owner loses control of address Shipping address as a service – to send something close to the billing address , Knowledge based economy – how to guides for 5$, how to spam paypal accounts… how to disguise… Stolen data – anything is available on the darknet, depends on what you’re willing to pay. The fraud rate among elite cards is twice as high as standard corporate cards. Fraudsters tend to think that these cards have better credit lines, better acceptance, so they would pay more for these on the darknet.
- AVS and CVV are the most common and trusted methods for fraud prevention among large merchants. Relying on these methods in 2015 won’t get the job done. When a fraudster purchases card numbers in the darknet, in most cases he will purchase the CVV along with it. So that becomes irrelevant. AVS Manipulation – change details in the bank , if you pay 5$ per card you get mother maiden name and you can change details in the bank AVS takes zip digits and address digits fraudster puts billing AVS and ships to different address even though zip is incorrect buy “drop” address 2 miles from billing – abandoned buildings, people who got scammed etc… Travelers, reshippers If you want to sell to travelers, reshippers, students – you need to be much better and more precise – traditionally merchants view it as high risk and flag it because of AVS mismatch
- Fraudsters are aware of the improvements in the field and are constantly watching their back. Behavioral awareness – have awareness of how anti fraud systems work, let website accounts get old, they sell the knowledge, the systems have to be adaptive and constantly change
- The fraud rates between 2-6 am are twice as high as between 2-6 pm. One of the reasons is that some of them have a “day job” and operate by night, but the main reason for this is that many fraudsters are located outside of the US, in opposite time zones.
- Hardware has become a commodity, fraudsters can buy a mobile device for $100 to commit their fraud from and replace it so they won’t get tracked – in high ticket transactions the ROI makes sense. However the fraud rate from Android devices is twice as high as from iOS – Android is considered to be easier to manipulate
- We want to do fraud prevention but we are here to protect our assets – brand, consumer engagement, growth opportunities
- Automation and technology enable us to leverage models to link multiple data points and hop dynamically between them in real-time , a human can never create that depth and complexity of analysis.