technical assistance - acamsfiles.acams.org/webcasts/20110914/verafin_ppt.pdf · financial crime...
TRANSCRIPT
Financial Crime Trends: What You Should Know About Card Fraud
Technical Assistance • Send a message via the Q & A box
• Or Call WebEx Technical Support:
(US & Canada) 866-229-3239 (International) 916-229-3239
Attendee instructions on how to use Audio Broadcast • Do not close the Audio Broadcast panel
• If you are not able to listen to the audio on your computer speakers, press the
stop button, wait 5 seconds then press play.
• Make sure to adjust the volume button on your computer speakers and also
adjust the volume on your sound card. To do this, go to the Start Menu, click
Control Panel, then click Sound & Audio Devices and adjust accordingly.
• If you do not have speakers, please refer to your login instructions for the
Teleconference Domestic and International Numbers and Access Code.
• You may request the Teleconference Number by clicking “Request” under the
attendee box on your left hand side.
Financial Crime Trends: What You Should Know About Card Fraud
• Can you hear the
sound check?
• It has begun
Financial Crime Trends: What You Should Know About Card Fraud
To send a question:
• Locate the Q & A box on the bottom right
hand corner of the WebEx platform.
• Type in your question and click send!
Financial Crime Trends: What You Should Know About Card Fraud
Financial Crime Trends:
What You Should Know
About Credit/Debit Card Fraud
Financial Crime Trends: What You Should Know About Card Fraud
Today’s Presenters
Financial Crime Trends: What You Should Know About Card Fraud
Co-founded Verafin (BSA/AML Compliance & Fraud Detection software company) in 2003
Frequent speaker at industry conferences and key presenter for Verafin’s anti-financial crime thought leadership webinar series
Verafin has more then 750 financial institution customers across North America
BRENDAN BROTHERSCo-FounderVerafin
Financial Crime Trends: What You Should Know About Card Fraud
Certified Fraud Examiner
Ex-Chair of the Canadian Bankers Association, Banking Crime Prevention & Investigation Office
Responsible for setting RBC Royal Bank fraud management strategic direction
RBC is Canada’s largest bank with more than 18 million customers in 55 countries.
JAY STARKVP, Fraud ManagementRBC Royal Bank
Financial Crime Trends: What You Should Know About Card Fraud
The World of Debit Cards
a brief synopsis…
Financial Crime Trends: What You Should Know About Card Fraud
Why Debit Fraud is a Growing Concern
38 billion transactions (2009)
Annual debit transaction volume in US
Over 1 billion debit & credit cards
Over 10 million merchant POS terminals
Financial Crime Trends: What You Should Know About Card Fraud
2010 Federal Reserve Payments Study December 2010
© 2010, Federal Reserve System 5
changes in the composition of economic activity, regulatory developments, and population
growth may also have influenced these trends.
Exhibit 2: Distribution of the Number of Noncash Pa yments
2006 2009
23%
26%32%
Prepaid card4%
ACH
15% Credit card
Debit card
Checks
paid
20%
35%
22%
Prepaid card 5%
Credit card
18%
Debit
card
Checks
paid
ACH
The check collection process has become substantially more electronic since the last
survey. Depository institution accountholders’ use of check image deposit services
(“remote deposit capture”) and replacement of paper exchange with image exchange
between depository institutions has expanded. Approximately 13 percent of checks were
deposited as images at the bank of first deposit, and 96 percent of “interbank” checks –
those deposited at one depository institution but drawn on another – involved electronic
clearing. The latter compares to an estimate of 43 percent in the 2007 study.
ACH transactions grew at 9.3 percent per year from 2006 to 2009, result ing in 19.1 billion
entries at the end of the period. Interim data demonstrate that ACH gro wth decelerated
between studies: the number of ACH entries grew more rap idly early in the three-year
period than at the end.
Since 2006, the debit card has eclipsed the check as the most used non cash instrument.
This was not only because the number of debit card transactions increa sed at 14.8 percent
per year from 2006 to 2009 but also because the number of checks paid declined 7.2
percent per year. The number of checks written also continued to decline, albeit at a
somewhat slower pace (6.1 percent) than checks paid. The rates of decline in checks
The 2010 Federal Reserve Payments Study
Financial Crime Trends: What You Should Know About Card Fraud
Means of Committing Debit Fraud
Lost and stolen card
Account Takeover +Card not received
Internet, mail ortelephone order
Counterfeit card
Financial Crime Trends: What You Should Know About Card Fraud
Counterfeit Card
Card information is obtained through skimming or data breaches
Customer still has original card
Information is used to create counterfeit card
Financial Crime Trends: What You Should Know About Card Fraud
Authentication of Debit Card Transactions
Because of the weakness of mag stripe - there are lots of ways to fraudulently get the first one
Something you have (plastic card)
Something you know (PIN) or something you are (signature)
Financial Crime Trends: What You Should Know About Card Fraud
Mag Stripe Info is Like Gold to Fraudsters
Can conduct fraudulent transactions with the info
Can use the info to create a counterfeit card
Can sell mag stripe info and/or counterfeit card on black market
Financial Crime Trends: What You Should Know About Card Fraud
Debit Fraud Losses Are Becoming More Widespread
Debit card fraud losses estimated at $788M in 2008
Number of banks that incurred debit card fraud losses
Source: ABA
2006 – 74%2008 – 94%
Financial Crime Trends: What You Should Know About Card Fraud
Debit Fraud Losses Are Becoming More Widespread
Nilson Report:$6.7 billion (2009, global)
Aite Group:$8.6 billion (US only)
Mercator Advisory Group:$16 billion (total cost)
Financial Crime Trends: What You Should Know About Card Fraud
Global Debit Card Trends
Financial Crime Trends: What You Should Know About Card Fraud
Australia
Source: APCA (Australia Payments Clearing Association)
Financial Crime Trends: What You Should Know About Card Fraud
Canada
Source: Interac
Financial Crime Trends: What You Should Know About Card Fraud
United Kingdom
Source: Financial Fraud Action UK
Financial Crime Trends: What You Should Know About Card Fraud
EMV (a.k.a. Chip-and-PIN)
More secure than mag stripe + PIN because reading chip does not provide enough info to duplicate it
Over 1 billion EMV cards have been issued globally.
Financial Crime Trends: What You Should Know About Card Fraud
EMV (a.k.a. Chip-and-PIN)
FIs should have additional protection from transaction monitoring systems
Researchers have found flaws - stolen card can be used without PIN
Financial Crime Trends: What You Should Know About Card Fraud
Canada EMV
All POS and ATM transactions will be EMV-only by 2015
Financial Crime Trends: What You Should Know About Card Fraud
Implications for Organized Crime
online (e-commerce, mail/phone order)
stolen cards
check fraud
vulnerable geographies (US)
EMV cards provide a challenge
Crime will migrate to other areas
Financial Crime Trends: What You Should Know About Card Fraud
EMV Gets a Push From
Fed Banks, Industry Groups
We may become the only substantial economic power dependent on a payments standard that is less secure than that of the rest of the world.
That means that criminals, intent on profiting from card fraud, will continue to migrate to the United States.
Criminal Gangs Expected to Target US
Federal Reserve Bank of Atlanta
Source: American Banker, September 2010
Richard Oliver, Executive Vice President
Financial Crime Trends: What You Should Know About Card Fraud
Debit Fraud Scenarios
Financial Crime Trends: What You Should Know About Card Fraud
Elder Abuse
Financial Crime Trends: What You Should Know About Card Fraud
For many people, debit fraud stems from the simple act of having one’s
card stolen or abused.
Financial Crime Trends: What You Should Know About Card Fraud
Meet Jack and Jill.
They live with Jack’s grandma, taking care of her health needs, and her finances.
Financial Crime Trends: What You Should Know About Card Fraud
Grandma is Delores Fairbanks.
She built up a small fortune in the clothing industry.
Financial Crime Trends: What You Should Know About Card Fraud
Jack and Jill have asimple plan.
Every now and again after Grandma has gone to bed, one of them slips out with her debit card to do a little personal shopping.
Financial Crime Trends: What You Should Know About Card Fraud
As time goes by without Grandma noticing, they get bolder.
Before long they’ve stolen thousands of dollars from the elderly woman.
Financial Crime Trends: What You Should Know About Card Fraud
Age of customer
Unusual volume and value of transactions for customer
Unusual transaction locations for the customer
Elder Abuse Indicators
Intention is not to drain the account, rather to siphon over a long period
Financial Crime Trends: What You Should Know About Card Fraud
Card Flipping
Financial Crime Trends: What You Should Know About Card Fraud
Meet Dmitri, another runner in Boris’ gang.
Financial Crime Trends: What You Should Know About Card Fraud
Dmitri heads to a nice secluded ATM at around 2 a.m. with a stack of cards.
Financial Crime Trends: What You Should Know About Card Fraud
His plan: Use each card once to take $200 - $300.
He’ll try to stay no longer than 15 minutes.
He could get away with $2000 if he’s fast enough.
Financial Crime Trends: What You Should Know About Card Fraud
Then he’s off to the ATM across the street to continue his wave of fraud.
Card Flipping is designed to hit many accounts as fast as possible.
Financial Crime Trends: What You Should Know About Card Fraud
Similar activity takes place in quick succession at the same ATM
Time of transaction is typically late at night or very early in the morning
Unusual transaction locations for the customer
Card Flipping Indicators
Financial Crime Trends: What You Should Know About Card Fraud
Card Chameleon (a.k.a. Shopping Spree)
Financial Crime Trends: What You Should Know About Card Fraud
Data breaches are one of the most common ways a gang can gain access to data for
thousands of cards.
Financial Crime Trends: What You Should Know About Card Fraud
Chameleons are armed with fake cards and sent out to take advantage of the spending habits of vacationers.
Financial Crime Trends: What You Should Know About Card Fraud
They target large malls and shopping areas in cities known for high tourism spending.
Financial Crime Trends: What You Should Know About Card Fraud
They buy what you‟d buy on holiday.
And then sell the „goods‟ on the black market.
Financial Crime Trends: What You Should Know About Card Fraud
Chameleon Indicators
Unusual transaction locations for the customer
Purchases made in vacation areas with no travel related transactions (hotel, airline ticket, restaurant, etc.)
Multiple high value purchases occurring in rapid succession
Purchases are quickly draining the account
Financial Crime Trends: What You Should Know About Card Fraud
Card Skimming
Financial Crime Trends: What You Should Know About Card Fraud
A well placed skimming device can get information on hundreds of accounts in a very short time.
Financial Crime Trends: What You Should Know About Card Fraud
Fake cards arequickly made…
Financial Crime Trends: What You Should Know About Card Fraud
… and given to “runners”, whose primary job within the gang is to commit
the actual fraudulent acts at the ATMs.
Financial Crime Trends: What You Should Know About Card Fraud
Boris is a runner,
who works late at
night.
His job is to
quickly get as
much money out
of an account
as possible.
Financial Crime Trends: What You Should Know About Card Fraud
At around 11 p.m. he takes $400 from one account.
Financial Crime Trends: What You Should Know About Card Fraud
Then he‟s off to the money mart across the street to buy $900 in travelers checks.
Financial Crime Trends: What You Should Know About Card Fraud
A little past midnight he returns to the ATM and takes out another $400.
Financial Crime Trends: What You Should Know About Card Fraud
When the funds run out, he deposits an empty envelope so he can take some more.
Financial Crime Trends: What You Should Know About Card Fraud
Card Skimming Indicators
Time of transaction is typically late at night, very early in the morning, or during a long weekend
Unusual transaction volume and value for the customer
Unusual transaction locations for the customer
Financial Crime Trends: What You Should Know About Card Fraud
Flash Attack
Financial Crime Trends: What You Should Know About Card Fraud
The following story is inspired by true events
Financial Crime Trends: What You Should Know About Card Fraud
This is Yuri and Alex, senior members in an organized fraud ring.
Financial Crime Trends: What You Should Know About Card Fraud
They travel from the west coast to a mid-west city and set up skimming devices at local gas stations.
Financial Crime Trends: What You Should Know About Card Fraud
After a day or two, they remove the devices and extract the card data.
Financial Crime Trends: What You Should Know About Card Fraud
They create a few cards and test them, ensuring the data is good.
Financial Crime Trends: What You Should Know About Card Fraud
Then they head back to the west coast, where they create a couple hundred counterfeit cards, complete with PINs.
Financial Crime Trends: What You Should Know About Card Fraud
With the help of other gang members known as “handlers”, the cards get passed out to money mules.
Financial Crime Trends: What You Should Know About Card Fraud
The mules are located in cities throughout the country, and are given very strict instructions.
Financial Crime Trends: What You Should Know About Card Fraud
1. Conduct the transactions beginning at exactly 5:00 a.m. Saturday morning.
2. Withdraw $300 on each card.
3. Stay no longer than 5 minutes
Financial Crime Trends: What You Should Know About Card Fraud
This well-choreographed attack nets the gang over$100K in just five minutes.
Financial Crime Trends: What You Should Know About Card Fraud
This type of debit card fraud
is called a flash attack.
Despite the effort required to coordinate such an attack, the pay out can be substantial.
Financial Crime Trends: What You Should Know About Card Fraud
Lots of cash in short period of time
Very hard to stop
Why all at once?
Financial Crime Trends: What You Should Know About Card Fraud
Common Points of Purchase (CPP)
Financial Crime Trends: What You Should Know About Card Fraud
What is a CPP?
Common Point of Purchase Compromise
CPP stands for Common Point of Purchase
a.k.a.
Common Point of Compromise (CPC)
Financial Crime Trends: What You Should Know About Card Fraud
Skimming device placed at a terminal grabs card details for a short period of time (hours, days, or weeks)
When cloned and used fraudulently, the card history is available for review by FI
By comparing the history of two or more cards, the location and time of the skimming device can be determined
The location and times of the actual frauds have nothing to do with CPP determination
Use that information to cancel other cards before more fraud can take place
The Concept is Simple
Financial Crime Trends: What You Should Know About Card Fraud
Time
Fraudulent Debit Card Use
Common Location
Financial Crime Trends: What You Should Know About Card Fraud
Skimmer placed on terminal
Skimmer removed from terminal
Time
1 2 3
Debit cards with known fraudulent transactions
Skimmed Terminal
Debit cards skimmed but not yet used fraudulently
Financial Crime Trends: What You Should Know About Card Fraud
There are some pitfalls
2 incidents of debit card fraud might look similar but not be related at all - so CPP detection will not work.
If a CPP is found, you will find a range of dates and times during which the device was compromised - but you might not get the full range of actual compromise.
What to do if cards were used at the same location weeks apart?
It’s possible that the device was present for a long time, but also possible that the cards happened to be used at the same place.
With more cases of fraud mapping to the same common point, the likelihood of compromise rises dramatically.
Financial Crime Trends: What You Should Know About Card Fraud
Not strictly
Most commonly, a single device will be compromised with a skimmer, which will collect data for dozens of cards
A single location (store, gas station) could also be compromised with multiple skimmers at multiple terminals
Sometimes a chain is hit in a particular area, with multiple stores getting compromised (one or more terminal per store)
Even possible that an online site that collects debit/credit card numbers is breached
Does it have to be a single terminal?
Financial Crime Trends: What You Should Know About Card Fraud
Dealing with a CPP
Financial Crime Trends: What You Should Know About Card Fraud
What is the range of dates/times that the transactions took place?
a small range more likely indicates a skimmer
more transactions mean it is more likely a skimmer
Contact the merchant
Contact law enforcement
1. Once you find a CPP you need to determine if it is reasonably a point of compromise
Financial Crime Trends: What You Should Know About Card Fraud
You have definite range during which the skimmer was present, so cancel any card used in between
Expand the ranges a bit, to account for the skimmer being present for longer than you have data
example, on January 1 at a gas station on a busy interstate - likely that it was present for most of the Christmas holidays
2. Cancel Cards
Financial Crime Trends: What You Should Know About Card Fraud
If your transaction monitoring system allows it, expand your range again and flag any cards as high risk
This will ensure even moderately suspicious activity generates an alert
Flagging is a compromise so that you don’t have to cancel cards that you feel are less risky
3. Flag Cards
Financial Crime Trends: What You Should Know About Card Fraud
The compromise could be bigger than you suspect (more related locations, longer time)
If new cases come up, investigate whether they are actually related to the existing fraud scheme
4. Continue to Monitor
Financial Crime Trends: What You Should Know About Card Fraud
How to determine CPPs
News (Michaels arts & crafts stores)
Other financial institutions
Card processor
Law enforcement
Merchants
You might simply be told of a known or suspected compromise location
Financial Crime Trends: What You Should Know About Card Fraud
A rather amusing (but highly unusual way) to detect a CPP3600 cards were recently skimmed from gas pumps in 2 locations in CA
Financial Crime Trends: What You Should Know About Card Fraud
he alerted the police who installed an alarm system in the pump
when he opened the pump – he found a circuit board and wires (components of the skimmer)
when the skimmers returned to open the pump- it tripped the alarm and the police arrested the duo
a gas station attendant received an error message at one of the pumps
Financial Crime Trends: What You Should Know About Card Fraud
Verafin / RBC Card Fraud Webinar
RBC Fraud Management
September 2011
Financial Crime Trends: What You Should Know About Card Fraud
Evolution of Capture
Shoulder surfing and card capture
Rudimentary ATM, Card and PIN capture
•Doors
•PIN Pads
Separate swipe and camera
•Gas stations
•False ATM front
Integrated POS (devise swapping)
Sophisticated ATM overlay
Dummy terminals
Financial Crime Trends: What You Should Know About Card Fraud
Financial Crime Trends: What You Should Know About Card Fraud
Financial Crime Trends: What You Should Know About Card Fraud
Evolution of Spend
Before and after midnight
Multiple cards per runner
Mass runners
Slow bleeds and foreign attacks
•mixture of captures
•limited card usage
•white label
•foreign spends
Financial Crime Trends: What You Should Know About Card Fraud
Lock Boxes
Financial Crime Trends: What You Should Know About Card Fraud
Criminal Commentary
Organized crime
Ability to mobilize quickly
Constant regression
Willingness to exploit weak issuers
Cottage industry participants
Generations of skimming devices
Path of least resistance
Adjudication issues
Financial Crime Trends: What You Should Know About Card Fraud
Fraud Management Pillars
Client Experience
Loss Reduction
Cost
Risk Management
Financial Crime Trends: What You Should Know About Card Fraud
Fraud Value Chain
Post Fraud
“Root Cause”
Analysis
Intelligence PreventionInvestigation
Prosecution
Detection
Asset RecoveryCustomer Satisfaction
Financial Crime Trends: What You Should Know About Card Fraud
Response: Core
Know they will get your cards
Detection (must prevent rather than only identify)
•CPP
•RTD (several generations)
•Bypass intermediary detection strategies
Supplements Chip roll-out
RTD supports a DBS
Financial Crime Trends: What You Should Know About Card Fraud
Response: Best Practice
Industry Consortium
Simple: Project Mike
Moderate: CPP detection
RTD: opportunity for a broader application of
detection strategies at the issuer or consortium level
Chip implementation
Financial Crime Trends: What You Should Know About Card Fraud
Response: Supplementary
Clear first mover advantage in the evolution
Opportunity in your market
• Measurement and regression
• FDI (green things), PIN shields and jitter technology
• Surveillance cameras and vestibule monitoring
• Auto blocking/RTD
• IFD and analysis
• Chip roll-out
• DBS
Reimbursement protocols
• Objectives
• Contact strategies
Financial Crime Trends: What You Should Know About Card Fraud
A Major Factor in Mitigating Card Fraud Losses
Financial Crime Trends: What You Should Know About Card Fraud
“Flash attacks” which rely on coordinated, often international, efforts to simultaneously withdraw funds from multiple ATMs, are just the beginning.
The banks that are successful at mitigating these attacks and stopping them before they do too much damage are the ones that are able to find the point of compromise very quickly.
They can stop it, if they figure out where the point of compromise was.”
Source: Avivah Litan, VP Gartner Research, 2011
“Card fraud will increase in 2011…attacks will be more sophisticated and globally coordinated.
Financial Crime Trends: What You Should Know About Card Fraud
Q&A
• Locate the Q & A box on the bottom right
hand corner of the WebEx platform.
• Type in your question and click send!
Financial Crime Trends: What You Should Know About Card Fraud
If you have additional questions for today‟s expert,
please send them to
Thank you for joining us today!