Improving Fraud Management for Issuers
The fraudsters always seem to be one step ahead. What’s a payment professional to do?
PYMNTS.com seeks advice from Dale Daley, Director of Strategic Risk Product Development at TSYS, and Colleen Ayres, a Senior Product Marketing Manager at SoundBite Communications. They discuss how to improve the fraud management process for issuers, how banks are addressing the problem, and other possible solutions in this exclusive NEXTcast interview.
Executive Bios
Dale Daley is the Director of Strategic Risk Product Development at TSYS. A 30 year industry veteran, Dale has held multiple positions at TSYS related to his expertise to include System Development, Operations, Conversion Assessment and Consulting. Prior to coming to TSYS he spent approximately 15 years in the financial industry focused on credit cards holding leadership positions in fraud, collections, account risk management, new accounts and acquirer sales and service.
Colleen Ayres is a Senior Product Marketing Manager at SoundBite Communications, responsible for bringing SoundBite’s customer solutions offerings to market. Colleen has defined and packaged a comprehensive set of highly customizable solutions that allow organizations to engage at every stage of the customer communications lifecycle. With over 12 years of product marketing and management experience, Colleen launches products and solutions specifically targeted to buyers’ needs. Colleen holds a double major in Spanish (BA) and Human Factors Engineering (BS) from Tufts University and an MBA in Entrepreneurship and Marketing from Babson College.
Post your comment
Comments
I would like to start with the moto: "Do what you do the best and outsource the rest".
So, the starting point for issuers is to find appropriate Fraud Management solution, since the fraud prevention is not issuer's core business. Today on the market, plenty of fraud management solutions can be found, which can fulfill all kind of requirements of financial institutions related.
The second point, which I would like to rise is actual Fraud MANAGEMENT concept. Is this really something that the issuers want? The fraud management concept is based on the preventing/denying the suspicious/fraudulent transaction. If the rules in the fraud management tool are set too sensitive, then it might happen that the non-fraudulent transaction is denied and damage to the issuer has been done. I agree that this is preventive action, but which risk is higher: to deny non-fraudulent transaction, and make one cardholder unhappy or to accept risk and authorize fraudulent transaction?
On the other hand, the fraud MONITORING concept gives different approach. The suspicious transactions are authorized, and the issuer can undertake action only after the fraud has been commited, but if the non-fraudulent transactions broke some rules, it will not be denied, just alert will be trigered, in order to check what has happened.
So, same as with fraud management concept, we have again risk to deal with: to authorize the fraudluent transaction.
Posted by Marko, 06/10/2010 11:23am (2 years ago)
Is it really the case that the fraudsters are always one step ahead? This might be in the US, but not in the rest of the world. The reason why they are always one step ahead in the states is that they can copy cards soooooo easily. All the fraudster needs to do is build strategies that bypass the "clever" methods deployed to detect it. Not that difficult, and easy to stay one step ahead.
Now what if the data on the card had no value, and could not be used to generate a clone? What would the fraudsters do then? They would have no opportunity to stay one step ahead, as there would be no foothold. Putting an EMV chip on the card takes away the fraudster's ability to create a usable card. The fraud then migrates to CNP, which is not one step ahead, it's one step sideways, and its reactive rather than proactive. In the UK, fraudsters aren't interested in card data, it has no value. They are interested in CNP fraud, but CNP fraud prevention just requires a different strategy.
You seem to be spending an awful lot of time and effort trying to protect something that is inherently weak. Any old fool can copy a magstripe card, and regardless of the technology deployed to predict and identify potential fraudulent card usage, the old fool can still copy the magstripe card!
Not too difficult to see where the improvements can be made.
Posted by David Griffiths, 01/10/2010 9:39am (2 years ago)
RSS feed for comments on this page | RSS feed for all comments