Within the financial industry in general there is a marked propensity for fraud which thus associates a certain degree of risk with each transaction or financial product introduction. This is particularly true in the credit card portion of the industry. Case history supports this conclusion. Fraud can, and does, originate both internally to the organization issuing the financial product, and externally, with customers, vendors, merchants, or criminals that intercept the communication of credit card information, electronically, or physically. Thus, fraud in this industry is expected.
Fraud is inherent in how credit cards are issued and handled. There is, for example, a significant threat to the issuer of a card from someone finding a lost credit card and using it to purchase gas in an automated gas station; and, telephone and mail orders may be made by criminals illegally possessing credit account information. In the same category, a fraudulent merchant may be operating fraudulently by selling merchandise on unequal consideration. On a larger scale, however, fraud rings are particularly active and include many players in their networks that defraud issuers of billions of dollars. Rogue employees and questionable merchants account for a significant part of skimming activity, which involves the illegal acquisition of account information in order to produce counterfeit cards or make fraudulent transactions. The sophistication of skimming is quite advanced in that criminals may wait up to eighteen to twenty (18-20) months after skimming a card before they use it. This category of fraud which originates at the point of sale is expected to be a twenty-five billion dollar ($25,000,000,000) problem in 1999.
Recent security conference statistics show that distinct trends emerge from studies of fraud. The top fraud types are lost, stolen, or counterfeit credit cards or accounts. Fraud losses resulting from lost and stolen credit cards (plastic) represent nearly sixty percent (60%) of all losses, with the fourth (4th) quarter of any year being the top fraud period. The hours of 12:00 Noon to 10:00 PM are the peak fraud activity times; California, Florida and New York are the top fraud states; and, Los Angeles, New York City, and Las Vegas are the top fraud cities. Telemarketing, phone use, and gas purchases are the top fraud industry groups.
While it is evident that fraud exists, and that it is extremely difficult to eliminate, even in the current technological environment, actions can be taken to control the impact of fraud.
The credit card industry is not totally defenseless when it comes to fraud. It is evident that acquirers (merchants), issuers (banks), the major credit card associations (i.e., VISA® and MasterCard®), and third party vendors are making their best efforts to stay on top of the issue. The theme of fraud management is currently one promoting early detection and warning and loss mitigation as close as possible to the point of sale. There are a number of industry tools that are being employed to manage fraud and risk accordingly.
Applications for credit cards undergo scrutiny from such industry watchdogs and utilities as the VISA ICS (Issuer's Clearinghouse Service), from general information validation procedures, and from credit bureau fraud screen products such as SAFESCAN from Equifax, HAWK from TransUnion, or FACS from Experian. Transaction processing too, undergoes scrutiny from such industry methods as: the Fair Isaac Consumer Score (FICO); the Falcon—Neural Network Model (HNC); NESTOR—Neural Network Model; Queue Based Fraud Detection (TSYS DFS); the VISA Consumer Risk Score (CRIS); and, the VISA Magnetic Code Verification (CVV/CVC).
While the industry has taken steps to safeguard against fraud, it is recognized that the existing fraud detection technology (such as making calls to cardholders when a fraud is suspected) can impact desired customer service and convenience. Therefore, a balance is required in the state of fraud management that will allow the industry to protect itself while remaining commercially viable.
One aspect of progressive fraud management is the development of a concept, structure and effective method for allowing fraud to be identified, measured, and proactively managed at the task level. Another requirement for effective fraud management is the development of an ability to benchmark against the industry.