Credit Card Fraud Detection
Worldwide financial losses due to credit card fraud were estimated to cost nearly $25 billion in 2016. Between 2012 and 2017, nearly half of all Americans were the victims of credit card fraud. In 2018, US payment card losses alone came in at just under $10 billion. While Americans tend to be targeted the most for credit card fraud, Mexico actually experiences the highest percentage of credit card fraud, with 56% of its residents reporting that they had been the victim of credit card fraud in 2016. Technology has certainly helped to prevent a great deal of credit card fraud, yet it still continues to represent significant losses to banks, consumers and businesses. Here are the two most common types of credit card fraud and what is being done or what can be done to prevent it.
Online Card Not Present (CNP) Fraud
The most prevalent form of credit card fraud is CNP fraud because thieves don't actually need a physical card to make purchases, they just need the credit card information. There are a number of different ways that cybercriminals can use stolen credit card information without leaving a trail. The first is to purchase digital gift cards which can be delivered instantly to a fake email address. Once they have the gift card, they can either use it to make purchases or sell it in an online marketplace, all of which is completely anonymous.
Another way they cybercriminals use stolen credit card information is to make a small recurring payment to themselves using the stolen payment information. Many cardholders will not notice a small payment of $50 or less per month, which means cybercriminals can often make small monthly withdrawals for months without the cardholder ever noticing.
Here are the two most common ways that criminals obtain credit card information:
- Data Dumps: When hackers steal financial information, it generally ends up for sale on the dark web. There, cybercriminals can purchase credit card numbers and CVV information that they can then use to make online purchases.
- Skimming: A skimmer is the same type of device that is used to run your credit card at any legitimate point of sale. Sometimes employees that have access to credit cards such as sales clerks or servers will skim customer's cards when they aren't looking. Another way thieves can skim information is by placing a skimming device over a legitimate device at an outdoor location where you would normally swipe your card, such as at a gas station or ATM. When criminals use a skimmer at an ATM, they will also sometimes use a small camera to capture PIN numbers as well.
What Can Be Done About CNP Fraud?
EMV or "chip" cards were created specifically to prevent skimming. Skimmers rely on the magnetic stripe on the back of a card that stores information. The reason that Americans are targeted more than anyone else, however, is that most American credit cards still have a magnetic strip in addition to an EMV chip.
Transactions that are made using an EMV chip are secure from data dumps because they finalize the transaction using a one-time code rather than giving the merchant permanent payment information. That way, even if the merchant stores the payment information and it is stolen, it can't be reused. Unfortunately, American cards are still not protected from skimming.
Another way that both banks and online merchants are preventing CNP fraud is by using biometric scanning to complete online purchases. Transactions that require either fingerprint or facial recognition scanning are much more secure than those that just require credit card numbers and information.
Counterfeit Credit Card Fraud
Another way that criminals can use stolen credit card information is by creating a counterfeit credit card using legitimate credit card information. Criminals can get the credit card information the same way they do to make CNP purchases, but they have a physical card they can use at a number of locations. Since most people don't check their credit card accounts daily, criminals can often rack up several thousands of dollars in purchases in a single day. When criminals get a PIN number in addition to the card information, they can also use the card to withdraw cash.
What Can Be Done About Counterfeit Credit Card Fraud?
One of the best defenses against counterfeit credit card use is AI. Artificial Intelligence programs are constantly scanning millions of transactions every minute to look for any irregularities. If a credit card is used to make an unusually large purchase or to make a purchase far outside of the cardholder's home area, the cardholder can be immediately notified.
Payments using personal devices like a smartphone, tablet or smartwatch are also one of the best defenses against all types of credit card fraud. The apps that power them generate a single-use code the same way an EMV chip does but they also do not have a magnetic stripe that holds payment information that can be skimmed. In addition, they also use biometric scanning to complete point-of-sale purchases, which means they can't be used by anyone not authorized to make purchases.
Ready for the next step?
Spot user behaviors and device information that’s suspicious, and stop those fraudsters in real time. We track billions of devices and our fraud analysts add evidence to make this intelligence even more effective.