FICO’s TJ Horan examines the how fraudsters circumvent the mechanisms designed to catch fraud in his latest blog on “Who will win the 2015 prize for fraudster innovation.”
APPS: The opportunity of convenience
TJ Horan writes: “My dismal little vignette captures what I believe will be the next big trend in fraud: exploiting consumers’ love of convenience to gather personal information that can be used to commit financial crime.
The fact is, consumers love the convenience that digital transactions provide. So do fraudsters. Whether we are shopping online, donating to a good cause, using BillPay, or sending funds from the comfort of our mobile device or computer, we are sending information into the great unknown that is the Internet.
The vast majority of the time, everything is fine and the mechanisms to catch fraud work as they should. But fraudsters are increasingly innovative, thinking of incredibly clever new ways to capture personal information to carry out financial fraud. How safe is that information, really?”
Domino’s delivers – fraud
“For example, this article in the New York Times recently caught my eye. It’s about how fraudsters in Brooklyn used third parties and the Domino’s Pizza mobile app to test out stolen credit card numbers. If a stolen card number worked to make an indirect pizza purchase, it could also be used to make bigger-ticket fraudulent buys. Seeding the stolen card numbers out to multiple testers blurred the pizza trail back to the fraudsters.
Once again, consumers’ love of convenience (using an app to order pizza) is the conduit for fraud. Sadly, it’s really a brilliant scheme that left Domino’s liable for “a record spike in [fraudulent] sales,” according to the Times article, which reported the arrests of several pizza orderers but not the fraudsters who provided the stolen card numbers.”
Fighting fraud with protection
The Domino’s incident captures the intensity of “fraud innovation,” which is always on the move. In just one year we’ve gone from a clever hack of an HVAC vendor’s network (the entry point for the Target data breach), to the creative use of mobile apps to test stolen numbers. The social media recruitment of testers in the Domino’s case is an extra fillip.
I wonder where we’ll be a year from now? What kinds of schemes will fraudsters come up with in 2015? And what can be done about it?
As consumers and businesses, our best defense is vigilance and protection. At the most fundamental level, changing passwords to our personal banking and other financial accounts frequently is a pain, but really necessary.
That’s because, when you read about the breaches that unfortunately take place, it’s not just financial information that is breached. The “long tail” of danger lies in the theft of personal information like email addresses, birth dates and other nuggets that are gold in a fraudster’s hands. Data breaches are merely a breeding ground of opportunities for misuse of that data.
A holistic view into customers’ financial lives
At FICO, 2014 saw many innovations in the FICO® Falcon® platform, including the launch of holistic fraud protection for every aspect of consumers’ financial lives, from payment card transactions, to online and mobile banking and payments, as well as new card-backed e-payment mechanisms like ApplePay. These capabilities allow fraud to be correlated better across a customer’s entire relationship with a financial institution, and thus detected faster. This can make a significant difference in stopping new types of fraud as they emerge.
This post Who Will Win the 2015 Prize for Fraudster Innovation? appeared first on FICO.