Merchants need to reduce the number of fraudulent transactions because when a fraud occurs, they are responsible for reimbursing the amounts of fraudulent transactions to the real credit card holder. Thus, a payment system performs a fraud screening to reduce fraud. Based on transaction information such as the amount of the transaction, location of the sale, IP address of the requesting device (for an online payment), whether the credit card is on a black list and even data on repeated transactions with the same credit card number, email, or name (velocity checks), the fraud screening service provider may deny the requested transaction, allow the requested transaction, or direct the requester for manual review. For a manual review, the system waits for additional information.
In an example of airline ticket purchase, the transaction information may further include the origin, destination, and time before departure.
Usually the rules of the fraud screening system are adjusted ad-hoc, based on disparate data such as the rates of false negatives, false positives, and manual review. We propose a way to evaluate a posteriori and a priori the efficiency of a fraud screening strategy based on the calculation of the expected total costs of fraud, and provide recommendations on how to adjust this strategy.
The total costs of fraud includes cost of false negatives (which may include ticket reimbursement and chargeback processing), cost of false positives (which may include lost sales), and other fraud related costs (which may include challenge processing and cost of a fraud screening engine, and even merchant fees). Currently, this total costs of fraud contains uncertainty and is difficult to assess.