Scenario #1: Customer calls to inform that he entered into a contract with a vendor to purchase merchandise. Vendor charges bill to customer’s credit card but does not deliver merchandise. Since customer authorized the transaction, this case does not fall within the purview of transactional fraud. Customer is referred to the billing disputes department.
Based on this narrow definition of transactional fraud - it becomes critical for companies to properly establish the identity of the customer - often over the phone. As a result, any strategy to deal with transactional fraud often includes a investigator or telephone rep who calls up the customer and tries to determine whether that person is the actual card holder or online customer. Helpfully, there are various identity verification tools in the market, and an investigator would avail several of these tools in conjunction to design tests that the customer needs to pass in order to prove his or her identity. Credit rating bureaus, such as Experian and Transunion, offer several of these verification tools, which include:
- Fast Data: Allows investigators to verify past and present addresses and phone numbers for a customer.
- First Pursuit: Provides data from the credit rating bureaus for a credit card holder.
- GUS: Allows investigators to view application and credit bureau data for a credit card holder.
- MARS: Allows investigators to view information on other accounts linked to a credit card holder.
- VERID: Enables an investigator to establish the identity of a credit card holder by asking a series of questions that only the card holder would know.
- VRU: Enables an investigator to see all the phones numbers that were used to inquire about a particular account or transaction.
In addition, many internet security firms allow companies to trace computer IP addresses that may be used commit transactional fraud via the internet. Your company should also have the ability to allow investigators query information from your company databases as well as create and maintain memos for accounts that have been "touched". Often, past information pertaining to a specific account becomes crucial to identify fraud or foul play. There are also software applications in the market, such as Falcon offered by Fair Isaacs and Fraud Management offered by SAS, that can analyze millions of transactions in real time and generate alerts on suspicious account activity based on predetermined rules.
Depending on how the alerts are generated or brought to your attention, the procedures for managing transactional fraud can be grouped into two main strategies: (1) Inbound and (2) Outbound. Both these strategies are further discussed below:
Inbound Fraud Strategies
These strategies are employed when a customer calls your organization to complain about potential fraud activity on his account. Companies often set up several groups to manage the flow of inbound fraud cases:
The Primary Inbound Fraud Unit: The primary inbound fraud unit is the gateway for handling potential inbound fraud cases. These cases may arrive at the inbound unit from different departments of your organization, such as Customer Services, Billing Disputes, Collections, etc. A customer may personally call your fraud department to report fraudulent activity on her account. Many outbound fraud strategies may place a temporary block on the account that may prompt the customer to call your company. After receiving the call, an investigator performs a quick series of verification tests on the customer to ascertain her identity utilizing one or more of the validation tools described above. If the investigator ascertains that no transactional fraud was committed, he will fill out a memo explaining his findings and close the case. Future investigators who pull up the account would access to the contents of this memo. If the investigator, however, suspects that transactional fraud was committed or the customer fails the verification tests, the account is temporarily blocked and the case is referred to the secondary inbound fraud unit for further investigation.
Scenario #2: Customer calls bank because she can’t use her credit card. Investigation reveals a temporary block placed on the card because a large jewelry purchase in the Bahamas was charged on it. Investigator verifies card holder’s identity and account information, and removes temporary block. Investigator writes up her findings in a memo that will be available to future investigators who pull up the account.
The Secondary Inbound Fraud Unit: Potential fraud cases that have not been resolved at the primary inbound unit and require further investigation are referred to the secondary inbound fraud unit. The secondary inbound fraud investigator, upon receiving the case, would read the memo written by the primary inbound investigator, and perform further verification tests on the customer. Secondary inbound investigators are more experienced people who have doing this kind of work for a while. The investigator would then place a call to the customer to gather more information on the incident. If the investigator resolves the case, he removes the block from the account and records his findings in a memo. If the investigator suspects the case involves fraud, he places a permanent block on the account and fills out a fraud application. The case then gets referred to the investigations division. Permanent blocks are more difficult to remove than a temporary block.
Scenario #3: Customer calls bank to inquire about a credit card statement she received for a card that she did not apply for. Investigations reveal suspect(s) intercepted credit card offer letter, opened account and transferred large amounts of cash to their account. Customer is advised to contact credit rating agency and file a police report. Investigator puts a permanent block on the account and fills out a fraud application. Customer has no liability for money stolen.
Scenario #4: Customer was subscriber to a large Internet Service Provider (ISP). Customer claims to have called ISP to cancel service two years ago. ISP did not cancel service and was billing customer for two years. The charges appeared on the customer’s credit card statement for the past two years. Customer called ISP to get charges reimbursed. ISP refused to reimburse charges. Customer called bank to claim credit card fraud. Case is not fraud because customer had initially authorized charges and was not diligent in ensuring that the ISP had actually canceled service. The case is referred to the billing disputes department.
Figure 3.1: How a large commerical bank handles inbound fraud.
Outbound Fraud Strategies
These strategies are employed to deal with transaction fraud when the potential fraudulant activity is brought to your attention other than the customer calling your organization. Potential fraud activity can be brought to your attention from transactions pertaining to "compromised" accounts (i.e., accounts that are known to be stolen), credit rating bureaus, electronic fraud detection systems such as Falcon, etc. In many cases, accounts that are potential fraud cases have a temporary block placed on them. As with the inbound fraud strategies, the outbound fraud strategies can consist of various stages and groups to better classify and resolve the potential fraud cases. For example, you can have a primary outbound fraud unit that analyzes the preliminary outbound fraud cases and routes them to a group that specializes in a specific fraud type, such as Takeover or NRI.
The Primary Outbound Fraud Unit: After the investigator receives the potential fraud case, he performs a series of verification tests on the customer and account using the available validation tools. One of these tests often involve a process called Trending, where the investigator tries to determine at least three matches for a customer from the customer's personal information (i.e., phone numbers, SSN, driver’s license, etc.) stored in different systems. The investigator would then place a call to the customer. The investigator may request additional documentation from the customer to validate his identity. If the investigator is able to determine no transactional fraud was involved, he would remove the temporary block, record his findings in a memo, and close the case. If the case involves transactional fraud, the investigator will check the outstanding balance on the account. If the outstanding balance is zero, the investigator would put a permanent block on the account. If the outstanding balance on the credit card is positive, the case is referred to the secondary outbound group for further analyses. If the investigator is unable to get hold of the customer, he leaves a message and a contact phone number. When the customer calls, her case is handled by the inbound group, which has access to the outbound investigator's memos pertaining to the account.
Because you do not have an impatient customer on the line and more time to research the potential cases, outbound fraud strategies can also be tailored to respond to specific fraud types, such as:
i. Fraud Applications: Cases where perpetrators steals a victim’s personal information and use it to open an account.
Scenario #5: Credit Card issued from bank in high risk area (this particular branch has issued credit cards to fraudulent applicants in the past) and customer fails VERID test. Since account has positive balance, case is referred to the secondary outbound unit for further investigation.
ii. Takeover: Cases where the the suspect steals the identity and account belonging to a customer and commits fraud. For credit cards, the phone number used by a suspect to activate the card or inquire about the account is used to determine whether fraud is being committed.
Scenario #6: Customer lives in Los Angeles, but the call to activate the credit card was placed from Texas. Investigator calls customer, and customer states that he has a cell phone with a Texas area code. Customer passes VERID. Case is not fraud.
Scenario #7: Customer’s ex-husband steals credit card and purchases items from a major retailer. This is takeover fraud because the suspect stole both the customer’s identity and account. Investigator fills out fraud card, puts a permanent block on the account, and updates the card member’s information in the system.
iii. NRI (Never Received Issue): Cases where the perpetrators intercept the credit card before it reaches the customer and commits fraud.
iv. CNP (Card Not Present): The suspects use credit or debit account information without the physical card being involved, usually through e-mail or other electronic means.Scenario #8: Card member applied but did not receive credit card. Since credit card account has zero balance, the investigator puts a permanent block on the credit card account and fills out a fraud card. Investigator also initiates the process to get customer a new credit card account.
Scenario #9: Customer applied for a credit card, but claims to have never received the card. However, the card was activated from his home phone. Customer claims to have not been in his apartment during that period. Investigator requests customer to provide additional documentation to establish identity and presence, and refers case to the Investigations Division.
The Secondary Outbound Fraud Unit: Potential outbound fraud cases that have not been resolved at the primary outbound unit and have positive balances are referred to secondary outbound fraud unit. The secondary outbound investigator, upon receiving the case, would read the memos written by the investigators from previous unit(s), and perform further verification tests on the customer and account. If the investigator is able to determine that the case does not involve transactional fraud, he removes the temporary block on the account, makes the necessary credit adjustments, and updates the customer's information in the systems belonging to various credit rating agencies. If the investigator is unable to resolve the case or suspects that fraud is involved, he puts a permanent block on the account, requests the customer for further documentation to establish his identity and sends the case to the investigations division.Scenario #10: Customer lists wrong home number, but uses the correct PIN to withdraw more cash than her credit limit. Outbound unit investigator performs verification tests and calls card member. Card member passes VERID. Case is not fraud.
Scenario #11: Electronic surveillence system detects a newly opened account making a $10 purchase at the website of a well known electronics merchant followed by a $6000 purchase within 30 minutes. Investigator unable to get hold of customer using the information provided. Account is blocked. Customer never calls back. Case is considered fraud.
Evident from the process described above is that investigators - working both the inbound and outbound strategies - go great lengths to establish the identity of the customer or card holder. By establishing the identity of the customer and ensuring he or she approved the transaction, the company can often defer the monetary loss (based on contractual agreements) accrued on that account or credit card to other entities. Hence, for your company, customers who protect themselves against identity theft are still your best line of defense against transactional fraud. By taking the following basic precautions, customers can protect themselves against identity theft, as well as greatly enhance the effectiveness of your transactional fraud prevention strategies:
- Never give out personal information over the phone, over the internet or through the mail unless the customer initiates the transaction or knows who he or she is dealing with.
- Protect mail. Get incoming mail in a locked mailbox or slot. Take outgoing mail to a postal mailbox or the post office. If mail suddenly stops, go to the post office. Thieves sometimes submit change of address forms to divert mail to their addresses.
- Check bank and credit card statements carefully. If there are any problems, report these problems immediately.
- Use a shredder to destroy papers containing sensitive information, such as account numbers, birth dates, SSNs. Destroy all solicitation letters and balance transfer checks sent from credit card companies.
- Monitor credit reports. There's a website called FreeCreditReport.com that enables people to do that. Or they could contact the three credit bureaus: Equifax (800-525-6285), Experian (888-397-3742) and Transunion (800-680-7289).