Credit card fraud can be stopped

The rise in credit card fraud over the last year is a cause for major concern and financial services organisations need to tighten their grip of illicit transactions fast, says SAS. A recent statement from the South African Banking Risk Information Centre

(SABRIC) highlighted that credit card fraud rose by over 50% this year, the banking sector lost an additional 53% to fraudulent transactions in 2011 and the total 2011 loss to the sector amounted to R403.15 million, from R263.8 million in 2010. “The rate at which fraudulent activities are occurring is gaining momentum and the nature of fraud is getting more and more malicious as fraudsters are becoming more specialised in their actions,” says says Colin Hill, senior product manager Financial Crimes Solutions at SAS.

According to SABRIC the majority of this can be attributed to higher volumes of cards, cards not present fraud and counterfeit cards. “The growing volume of transactions has seen a substantial increase in the available data that financial institutions need to analyse in order to detect fraudulent transactions. Without the ability to perform real-time analytics, on every single transaction and with a turnaround times in the order of less than 30 milliseconds, organisations will not be able to reduce the magnitude of fraud and detect fraudulent transactions proactively,” he says.

Hill says that fraud detection if better managed can be controlled, but in order to do so, business needs to understand that they need to ensure their data is being managed and monitored using advanced analytical capabilities

such as neural networks that can detect transactions and customer characteristics that are out of norm. Institutions should also have the ability to link previous known fraudsters or fraud transactions to current transactions or customers, as well as have the ability to detect developing fraud rings.

If organisations are not able to detect the outlier and potential fraudulent transactions in real-time, the growth in fraud will increase, as fraudsters themselves are using advanced analytics to detect vulnerabilities in an institution’s own prevention capability. Trying to detect them after the fact will only result in limited positive results.

“The main asset fraudsters are after is your data, especially your customer and account information, but securing your data alone will not stop fraud as this information isn¹t necessarily gained from a compromise in your own system. Data is collected through key loggers, skimmers and a series of sophisticated tools that can¹t simply be stopped,” says Hill.

“What we can do is deploy data models that provide a single view of customer accounts, use analytics to manage and reduce the number of false positive alerts, is able to perform link analyses and detect and report on developing fraud rings and syndicates,” he adds. “A fraud detection system on its own is fairly one dimensional, whereas when it is coupled with advanced analytics, we suddenly have an intelligent system that will alert you when unknown activity is being generated against your data.”

According to SABRIC counterfeit card fraud today counts for 57% of the overall loss to the banking sector in 2011, yet with a proper fraud risk engine one would be able to immediately be able to create a correlation and raise an alert on a card that is being used in South Africa and Canada within a few hours of each other. The same can be done for ATM cards, fraudulent deposits and even other online transactions.

“SAS has been working with banks across their business for more than four decades, and in our experience fraud management needs to be undertaken as an all encompassing process. It is with this that our Fraud Framework for Banking provides functionality for real-time analytics, as well as alert, data management and reporting,” says Hill.

“Financial organisations using a SAS solution, such as HSBC Bank, to whom we provide real-time fraud checking on their global card account portfolio on every card transaction are able to achieve significantly lower incidences of fraud across tens of millions of debit and credit card accounts,” states Hill.

He adds that in addition, integrated fraud applications can be used together, individually or in any combination, enabling you to start in one area of risk like card fraud and then expand usage to say application fraud.

“Risk management and in turn fraud containment, cannot be seen as mutually exclusive from a business and needs to be made up of a series of tools that enable a bank to perform data management, fraud detection and gather customer intelligence. Fraud can be contained but the success of this in your organisation depends on the systems you have in place to manage data collection, analytical capabilities and the response time you take to react,” ends Hill.