This disclosure relates generally to risk and fraud associated with payment transaction card accounts, and more particularly, to network-based methods and systems for determining risk and/or fraud associated with a payment card account using an assurance level of a financial transaction based on authentication data attributes.
At least some known credit/debit card purchases involve the exchange of a number of payment card network messages between merchant, acquirer, and issuer members of a multi-party interchange model. Such messages may include authorizations, advices, reversals, account status inquiry presentments, purchase returns and chargebacks.
The credit or debit card payment transaction messages may include several transaction attributes, such as, but, not limited to, primary account number (either real or virtual), transaction amount, merchant identifier, acquirer identifier (the combination of which with above uniquely identifies a merchant), transaction date-time, and address verification.
Fraudulent payment transactions are attempted to be detected and prevented by current systems using a fraud measure or prediction, also known as a “score.” The measure or score is conveyed to one or more of the parties to the transaction that may have liability for the transaction if it turns out to be fraudulent, for example, a merchant, an acquirer, an authorized agent thereof, or an issuer, which enables the party that would be liable to make a more informed decision on whether to proceed with the transaction or not.
Currently, when determining an authorization's fraud prediction score, these systems use, for example, but, not limited to attributes of the authorization, the card's payment history, such as authorization and clearing transaction details and chargebacks, and offline input such as, reports from issuers, merchants, acquirer, cardholders, and law enforcement of compromised PAN or other transaction attributes. Alternatively, a number of authorizations deemed probably fraudulent by the system can result in a PAN or other attribute being marked as “compromised”.
Recently, the Credit/Debit card purchase industry has launched technologies to solve security-related issues and also ease-of-use issues. Examples of these new technologies include Payment Gateway, 3-D Secure, Digital Wallet, Controlled Payment Number, and Online Authentication.
Each of these technologies is associated with messages, which are sometimes referred to as “E-commerce messages” and are used in conjunction with purchases. These e-commerce messages as well as containing a PAN may also contain the following “e-commerce message attributes”: addresses (e.g. billing and shipping), email addresses, phone numbers, and application account id (e.g. wallet id). In addition, because the E-commerce messages are online messages, the IP Address, and fingerprint of the device used may readily be determined if not contained directly in the messages. The E-commerce “Transaction Trust Score” (ETTS) is a function of its attributes pairing history and in some aspects its attributes reputation.
Some known real-world systems purport to return a “trust score” on an E-commerce transaction, which is typically based on establishing a track record of usage of the device (as identified by one or more device fingerprints wherein the device can be any mobile device, for example a laptop, a mobile phone, or tablet with other E-commerce attributes, such as, an address or an IP address. The trust score may also include an attribute reputation, for example, but, not limited to a compromised IP address or a compromised email address, which may be obtained from offline input. However, these systems can only return an E-commerce Transaction Trust Score (ETTS) on a particular E-commerce Transaction if queried with a device fingerprint and one or more other message attributes used in the same transaction.
Accordingly, it would be desirable to improve the ability to determine a risk of fraud and trustworthiness of the account information using device fingerprints in combination with other message attributes.