E&S PERFECTING. Prepaid Card Fraud: An Industry Primer. An E&S Consulting White Paper. April 2015 PAYMENTS
|
|
- Philippa Paul
- 5 years ago
- Views:
Transcription
1 April 2015 Prepaid Card Fraud: An Industry Primer 2015 E&S Consulting, LLC. All rights reserved. E&S Consulting is a payments industry consultancy that advises merchant acquirers, retailers, card marketers and issuers in a broad range of payment and financial services domains including prepaid program management, competitive research, training, marketing, POS hardware and software managment and partner recommendations.
2 PREPAID CARD FRAUD: AN INDUSTRY PRIMER Over the past few years, the popularity of prepaid cards has skyrocketed as consumers seek alternatives to checking accounts and credit cards and as the unbanked/under-banked population attempt to handle their finances in a more efficient manner. According to the Nilson Report, the top 50 largest U.S. banks and credit union issuers of general purpose reloadable (GPR) prepaid cards accounted for $ billion in spending at merchants in 2013 (the last year for which figures are available), up by 6.1 percent from Mercator Advisory Group has pegged the amount of money loaded on GPR cards as having almost tripled between 2008 and 2012, rising to $76.7 billion. That number is expected to rise to $168.4 billion by But with such growth comes the challenge of the phenomena known as prepaid card fraud. Prepaid card fraud is not only a real phenomena, it is packing a significant financial wallop. In 2013, the Federal Trade Commission (FTC) noted that Americans alone had reported collective losses of $42.86 million to schemes involving prepaid cards. By most accounts, such losses are in truth much higher: Consumers embarrassment at having fallen for such schemes, coupled with their reluctance to pursue legal recourse for prepaid card fraud based on the difficulty of doing so, has prevented many individuals from bringing these occurrences to authorities attention. Reported or not, most prepaid card fraud is perpetrated using GPR cards. These cards are issued by financial institutions and have long-term expiration dates. They can be sold at bank branches and retail stores and may be re-loaded after all or some of their initial value has been depleted. And as fraudsters become increasingly sophisticated, the types of fraud committed with these cards turns ever more complex, making mitigation, which has always been a priority, of utmost and unparalleled importance. Understanding Prepaid Card Fraud Industry players must maintain a handle on the ins and outs of established and emerging schemes alike as well as on strategies for addressing them if mitigation initiatives are to be effective. An understanding of prepaid card fraud is also imperative for all industry constituents, including issuers, prepaid program managers, and merchants: In the event that such fraud remains unaddressed, consumers may avoid purchasing prepaid products, in turn impacting revenues throughout the entire payment chain. Skimming One of the most common flavors of prepaid card fraud, skimming involves magnetic stripe cards. In a skimming scenario, thieves steal packages of cards from prepaid card malls or fixtures in stores. They then remove the cards, skim the magnetic stripes from the back, and return the cards to the display. An unsuspecting consumer then buys and activates one of the cards, while at the same time the thieves repeatedly check online to determine which has been activated and is ready to be used.
3 Skimming (cont d) Pre-skimming magnetic stripe checks are generally performed with bot malware that does the job via an automatic dialer or by entering card numbers on issuers websites every few minutes to check the account activation status and balance. Assessing activations with this level of frequency allows thieves to exploit the interval between the moment the card is activated and the time the customer first uses it, but there is more to the equation. With a counterfeit card created from the skimmed data, perpetrators spend the remaining balance after it has been skimmed and a new card created or used online--and before the actual customer tries to use it. By the time the real cardholder is ready to spend the money he thought was on the card, the account is empty. The only bright spot in this scenario: Skimming proves to be cost-effective only if fraudsters are engaging it on a large scale in other words, skimming gift cards with balances of up to $500. Counterfeit Barcodes This is another scheme perpetrated in-store. Fraudsters begin by applying barcoded stickers over the genuine barcodes of prepaid cards. When a sticker is scanned, the activation is directed away from the card the consumer is purchasing and to the thief s blank card. The consumer gets a card that is not activated a problem he will discover only after he attempts to utilize it. He has no proof of activation (and hence, no way to recover the money) because the activation scan was re-directed from his legitimate card to the thief s blank card. Misdirection Fraud Misdirection fraud is considered by some to be the dirtiest trick in prepaid, primarily because its common victims include low-income recipients of government-issued benefits. Misdirection fraud assumes many guises. Under the umbrella known as benefit misdirection, perpetrators steal victims identities and use them to open fraudulent accounts, layering the proceeds (primarily Medicare, social security or WIC payments or tax refunds) onto GPR cards. These GPR cards are obtained by passing standard required ID verification methods, and are subsequently used to withdraw cash at an ATM or to purchase high-end goods with the latter sold through ebay, Craigslist, pawn shops, and similar entities to raise cash. Another iteration of misdirection fraud is victim-assisted misdirection fraud designated as such because information harnessed to carry out the scheme is supplied by victims themselves. In both cases,fraudsters instruct victims to load money onto GPRs for seemingly legitimate reasons e.g., to immediatelypay a utility bill, thereby avoiding disconnection, or to cover the tax and shipping cost of a prize won in a contest. Once victims have done so, they are told to provide the account number and PIN of the GPR they have purchased to a representative of the entity that requested it.however, the entity does not exist. Instead, human money mules enlisted in the scheme use the supplied information to empty the card of the money that has been loaded onto it.
4 Misdirection Fraud (cont d) Of particular concern when grappling with misdirection fraud is the fact that identifying and attacking it has proven to be much more difficult than banning it. Embarrassment about having fallen for a misdirection fraud scam often prevents victims from coming forward and reporting them, especially when the sum of money lost is relatively insignificant, as can be the case. Even in instances that involve marked loss, tracing its source frequently is tricky: Perpetrators tend to execute schemes against individual victims by ordering them to purchase multiple prepaid cards in smaller denominations transactions that simply do not stand out as larger ones would. Cyber-Attacks Cyber-attacks on retailers databases, along with merchant-level data breaches have been a point of entry to prepaid card fraud. Hackers cannot determine whether a given stolen card number is associated with a credit card account or a prepaid card account. However, they do utilize stolen card numbers to fabricate fraudulent white cards to be used at the POS, as well as to purchase open or closed loop gift cards. Addressing this variety of prepaid card fraud can also be challenging because the scope of a single incident can expand quickly, making timely curtailment almost impossible. For instance, a few years ago, several perpetrators hacked into RBS WorldPay s computer network and breached the data encryption on prepaid debit cards used by WorldPay clients to pay their employees. Members of the ring loaded more than $9 million onto 44 fake prepaid debit cards, which were then employed by mules to withdraw the money from more than 2,100 ATMs in at least 280 cities around the world in under 12 hours. Fraud alerts were issued, the cards were invalidated, and the ringleader was apprehended and convicted, but the withdrawals were made so quickly that it was not possible to stem the loss. Reg. E Error Resolution With the exception of payroll cards and some types of government-administered cards, most issuers do adhere to Regulation E error resolution procedures for reloadable cards. The provisional credit portion of the regulation holds that funds must be temporarily redeposit onto cards in instances where a consumer dispute cannot be investigated and resolved within specific time frames (10 business days). Fraudsters method of abusing the provisional credit mandate involves disputing prepaid card transactions in order to receive from issuers provisional credits to their prepaid card accounts. Once issuers have granted such good-faith credits, perpetrators spend the money, and never use or load the card again. Before issuers can determine that these disputes are not legitimate and once again debit the appropriate sum from fraudsters accounts, both money and cardholders have disappeared.
5 PREPAID FRAUD CONTROLS While automated,off-the-shelf prepaid card fraud monitoring tools have yet to be developed, issuers have come to consider repeat value checks on un-activated prepaid cards an indicator of imminent fraudulent activity, and have instituted the precautionary practice of shutting down any prepaid card account for which a seemingly excessive number of such checks have been performed. However, a far more comprehensive approach to combating or at least minimizing the phenomena and its impact is needed. The elements of this approach encompass: Tamper-evident/Tamper-resistant Packaging Despite its cost, tamper-resistant packaging for prepaid cards displayed on fixtures with j-hooks constitutes an effective first line of defense against both skimming and the use of fake bar codes. In fact, it is a component of brand requirements. Merchants must maximize the potential of such packaging to deter the purchase of prepaid instruments for illegitimate purposes by training sales clerks to identify signs of tampering. This includes small tears, creasing, and similar evidence that packaging has been open and re-closed and that the replacement of cards inside a package may have occurred, as well as the appearance of stickers on packaging. Clerks should be instructed that they should never activate any prepaid card when evidence of tampering exists, but rather, to destroy it immediately or give it to a manager who can do the same. Prepaid cards also feature numbering and sequencing to prevent would-be fraudsters from replacing prepaid cards inside packages or otherwise altering packaging in order to perpetrate their schemes. Consequently, in-store procedures for detecting tampering should also involve a scan of the number imprinted on a given prepaid card itself (visible through the packaging window) with the number printed on its packaging. A mismatch flags the possibility of a replacement or fake barcode and renders card activation impossible. Customer Approval Controls Prepaid card fraud is, in most cases, identity theft. No consumer should be approved to open a prepaid card account until customer approval controls have been applied. This starts with the verification of customer addresses through USPS Address Verification; if the address provided and information on file do not match, an account should not be opened. Requesting that applicants show a photo ID, voter registration card, or recent utility bill (with a canceled postmark) can deter fraud as well. Another equally critical customer approval control is knowledge-based authentication (KBA), wherein each prospective cardholder s answers to certain questions (i.e., social security number (SSN), driver s license number) is compared to information contained in public records. Any individual who provides an SSN that is determined to belong to a deceased or imprisoned party should automatically be denied a prepaid account.
6 Additional Identity Theft Control Beyond customer approval controls, it behooves the issuing community to flag indicators that prepaid card fraud, rather than the legitimate purchase of a prepaid card, is in progress. This should entail the catching of SSNs with addresses, telephone numbers, addresses, and IP addresses. Attempts should be made to pinpoint instances in which high-risk telephone numbers (both pager numbers and invalid numbers) and addresses (non-verifiable addresses and those with oddly formatted domain addresses) have been supplied, and in which multiple recipient address changes within a user-defined period of time have been requested (such changes should, under ideal circumstances, be prohibited). Equally essential are the leveraging of IP location services to limit activations from foreign countries and the utilization of velocity controls. Velocity controls may include checks for multiple cards associated with a single address (per day, week, or month) and multiple activations per ANI, IP or device ID or cards per phone, physical address or address. Online fraud monitoring software, too, is valuable in identity theft control, as is assistance from third-party verification services. Many of the latter provide high-risk response codes when irregularities are detected during the identity verification process. Such irregularities may encompass, but are not limited to, the use of SSNs that are invalid, were never issued, belong to a deceased person, or are associated with multiple individuals; invalid telephone numbers or pager numbers; forwarding addresses; and addresses of mail drops, commercial businesses, and prisons. Money-On Controls For Tax Deposits And Benefits When tax refunds and benefits are loaded onto prepaid cards, it is imperative that the tax or benefits authority include the recipient s SSN or the last four numbers thereof on the Automated Clearing House (ACH) transfer, along with a reference that funds comprise either tax refund or benefits monies. Multiple deposits to single prepaid card accounts should be limited. Additionally, mismatches between names indicated on ACH entries and beneficiary names contained in tax or agencies records, as well as other questionable information, should trigger a return of funds using the R17 refund mismatch return code. Money-On Controls For Card Re-loads In addition to leveraging the identity verification methods covered above, money-on controls for card reloads must always entail ensuring that reloads come from a single, verified funding source. Placing limits on the value of reloads also bodes well for minimizing the use of GPR cards for fraudulent activities.
7 Money-Out Controls On Prepaid Card Spending Cardholder spending warrants careful monitoring for potentially suspicious transactions, including those initiated in foreign countries and at high-risk merchants. The spending of prepaid card funds in foreign nations can and should be limited or blocked, with these limitations/blocks instituted on a country-by-country basis should activity warrant. CONCLUSION The contest between fraudsters and prepaid card industry stakeholders will continue as perpetrators exercise increased creativity and aptitude at finding new vulnerabilities within the prepaid ecosystem and exploiting existing ones. Thus, it benefits all industry constituents issuers, prepaid card program managers, and merchants alike to familiarize themselves with emerging and well-developed prepaid card fraud schemes, and to consistently share their knowledge with those outside their own lines of business. The end-result of such cooperation and communication will render fraud a less frequent occurrence and less of a concern not only to the prepaid community, but to consumers as well. For more information, contact E&S Consulting at info@eandsconsultingllc.com or give us a call at
Target Breach Overview
Target Breach Overview Q: Media reports are stating that Target experienced a data breach. Can you provide more specifics? A: Yes, Target has confirmed that it experienced unauthorized access to its systems
More informationFraud Risks Facing Credit Unions. ALLIED SOLUTIONS LLC SERVICE CENTER 210 East Main Street, Suite 200, Niles, MI Fax:
Fraud Risks Facing Credit Unions Today s Session Global risks Share how the bad guys are getting in Focus on Cyber and Card Risk Discuss what the credit union can do to prevent the risk Open discussion
More informationPrepaid Access MIDWEST ANTI-MONEY LAUNDERING CONFERENCE Federal Reserve Bank of Kansas City March 5, 2014
Prepaid Access 2014 MIDWEST ANTI-MONEY LAUNDERING CONFERENCE Federal Reserve Bank of Kansas City March 5, 2014 Discussion Points Emerging Technology Prepaid Access What is it and how does it work? Open
More informationNOT-FOR- PROFIT SERVICES GROUP Client Information Bulletin
NOT-FOR- PROFIT SERVICES GROUP GUARDING AGAINST CYBERTHEFT The Problem: There has been an increase in electronic funds transfer (EFT) fraud being perpetrated on small to medium-size businesses in the past
More informationHow does the Prepaid Travel Card work?
How does the Prepaid Travel Card work? The American Airlines Federal Credit Union ( Credit Union ) Prepaid Travel Card is a reloadable prepaid card, which means you can spend up to the value placed on
More informationCOMMON WAYS IDENTITY THEFT CAN HAPPEN:
COMMON WAYS IDENTITY THEFT CAN HAPPEN: OLD FASHIONED STEALING / DUMPSTER DIVING Thieves typically steal wallets and purses. They also steal mail such as credit card and bank statements, pre-approved credit
More information6 th Annual Prepaid Assessment Measuring The 2008 Prepaid Market
6 th Annual Prepaid Assessment Measuring The 2008 Prepaid Market Reviewing Three Reports: Open Loop Assessment Published August 2009 Closed Loop Assessment Published September 2009 2009 to 2012 Forecast
More information( Utility Name ) Identity Theft Prevention Program
***DRAFT*** ( Utility Name ) Identity Theft Prevention Program Implemented as of, 2008 *** This document is intended to give guidance to municipal utilities in their understanding of the FTC Red Flag Rule.
More informationRed Flags/Identity Theft Prevention Policy: Purpose
Red Flags/Identity Theft Prevention Policy: 200.3 Purpose Employees and students depend on Morehouse College ( Morehouse ) to properly protect their personal non-public information, which is gathered and
More informationPrevention of Identity Theft in Student Financial Transactions AP 5800
Reference: Fair and Accurate Credit Transactions Act (Pub. L. 108-159) The Board recognizes that some activities of the Shasta-Tehama-Trinity Joint Community College District, "District," are subject to
More informationSTOCKTON UNIVERSITY PROCEDURE DEFINITIONS
STOCKTON UNIVERSITY PROCEDURE Identity Theft Prevention Program Procedure Administrator: Director of Risk Management and Environmental/Health/Safety Authority: Fair and Accurate Credit Transactions Act
More informationBaptist Financial Services
Baptist Financial Services BFS Visa Prepaid PayCard FREQUENTLY ASKED QUESTIONS (FAQ S) Questions for Employers 1 What is a BFS Visa Prepaid PayCard? 2 How do I get a BFS Visa Prepaid PayCard? 3 How does
More informationGlobal Prepaid Card Market with Focus on The United States ( ) April 2016
Global Prepaid Card Market with Focus on The United States (2016-2020) April 2016 Global Prepaid Card Market Report Scope of the Report The report titled Global Prepaid Card Market with Focus on The United
More informationPage 1 of 6 Bank card and cheque fraud
Page 1 of 6 happens when criminals steal your cards or chequebook and gain access to funds in your account. More about bank card and cheque fraud Criminals steal your bank cards or cheque book; or they
More informationBFS VISA PREPAID CARDS FREQUENTLY ASKED QUESTIONS (FAQ S)
BFS VISA PREPAID CARDS FREQUENTLY ASKED QUESTIONS (FAQ S) 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 What is a BFS Visa Prepaid
More informationIDENTITY THEFT PREVENTION Policy Statement
Responsible University Officials: Vice President for Financial Operations and Treasurer Responsible Office: Office of Financial Operations Origination Date: October 13, 2009 IDENTITY THEFT PREVENTION Policy
More informationRed Flags Program. Purpose
Red Flags Program Purpose The purpose of this Red Flags Rules Program is to document the protocol adopted by the University of Memphis in compliance with the Red Flags Rules. Many offices at the University
More informationPolicy 24 Identity Theft Prevention Program IDENTITY THEFT PREVENTION PROGRAM OF WEBB CREEK UTILITY DISTRICT
Policy 24 Identity Theft Prevention Program IDENTITY THEFT PREVENTION PROGRAM OF WEBB CREEK UTILITY DISTRICT The Utility maintains accounts for its customers to pay for utility service where bills are
More informationIT Audit and Risk Trends for Credit Union Internal Auditors. Blair Bautista, Director Bob Grill, Manager David Dyk, Manager
IT Audit and Risk Trends for Credit Union Internal Auditors Blair Bautista, Director Bob Grill, Manager David Dyk, Manager 1 AGENDA Internet Banking Authentication ATM Security and PIN Compliance Social
More informationIdentity Theft, Fraud & You. PrePare. Protect. Prevent.
PrePare. Protect. Prevent. Identity Theft, Fraud & You Fraud and identity theft incidents claimed fewer victims in 2010 than in previous years. But don t get too comfortable. Average out-of-pocket consumer
More informationPayment Systems Department
Note: Please follow these guidelines for your safety as you enjoy the convenience of technology. However these guidelines are general; therefore, specific precautions may be taken as warranted by the situation
More informationThe web seminar has not yet started: A sound check will be performed 5 minutes before the start time.
The web seminar has not yet started: A sound check will be performed 5 minutes before the start time. COPYRIGHT NOTICE USE OF WEBEX LOGIN/PASSWORD FOR ACAMS WEB SEMINARS Each site license entitles registrant
More informationIdentity Theft Policies and Procedures
Identity Theft Policies and Procedures Davis & Wehrle, LLC 1104 S. Mays, Suite 105 Round Rock, TX 78664-6700 United States (512) 346-1131 Davis & Wehrle Identity Theft Policies & Procedures September 2017
More informationCity of New Haven Water, Sewer and Natural Gas Utilities Identity Theft Prevention Program
City of New Haven Identity Theft Prevention Program, October 2008, page City of New Haven Water, Sewer and Natural Gas Utilities Identity Theft Prevention Program Adopted by Resolution of the Mayor and
More informationExecutive Summary of the Prepaid Rule
1700 G Street NW, Washington, DC 20552 October 5, 2016 This summary is current as of October 5, 2016. It has not been updated to reflect final rules, guidance, or other interpretations issued after this
More informationRed Flag Policy and Identity Theft Prevention Program
Unified Government of Wyandotte County and Kansas City, Kansas Adopted: 5/11/2011 Red Flag Policy and Identity Theft Prevention Program Authority: The Mayor and the Board of Commissioners are responsible
More informationMaintaining Trust: Visa Inc. Payment Security Strategy
Maintaining Trust: Visa Inc Payment Security Strategy Ellen Richey 2010 Payments Conference Chicago Federal Reserve Global Electronic Payments Protecting the payment system is a shared responsibility among
More informationAgreement Between the Per Diem Prepaid Cardholder and U.S. Bank National Association ( U.S. Bank ) (Dated January, 2014)
Non-Consumer Per Diem Cardholder Agreement Agreement Between the Per Diem Prepaid Cardholder and U.S. Bank National Association ( U.S. Bank ) (Dated January, 2014) IMPORTANT: The enclosed U.S. Bank Per
More informationProtect Yourself From. Identify Theft
Protect Yourself From Identify Theft What is Identity Theft? Identity theft occurs when someone uses another person identifying information without their permission in order to access resources, obtain
More informationIdentity Theft Prevention Policy
Identity Theft Prevention Policy Purpose of the Policy To establish an Identity Theft Prevention Program (Program) designed to detect, prevent and mitigate identity theft in connection with the opening
More information[Utility Name] Identity Theft Prevention Program
[Utility Name] Identity Theft Prevention Program Effective beginning, 2008 Minnesota Municipal Utilities Association Sample Red Flag policy I. PROGRAM ADOPTION The [Utility Name] ("Utility") developed
More informationIdentity Theft Prevention Program. Effective beginning August 1, 2009
Identity Theft Prevention Program Effective beginning August 1, 2009 I. PROGRAM ADOPTION Christian Brothers University developed this Identity Theft Prevention Program pursuant to the Federal Trade Commission's
More informationNational Travel Associates
National Travel Associates Fraud Prevention Module 2012 National Travel Associates Fraud In The Travel Industry With the popularity of online booking engines in the 90 s there was a huge insurgence of
More informationHow. Biometrics. Expand the Reach of Mobile Banking ENTER
How Biometrics Expand the Reach of Mobile Banking ENTER Table of Contents 01 The Mobile Banking Opportunity 02 What s Suppressing Mobile Adoption? 03 Onboarding Challenges: Proving One s Identity 04 Authentication
More informationPRIVACY AND ONLINE DATA: CAN WE HAVE BOTH?
PAPER PRIVACY AND ONLINE DATA: CAN WE HAVE BOTH? By Peter Varhol www.actian.com ignificant change has arrived in how computing and storage consumes data concerning individuals. Merchants, data collection
More informationA Step By Step Guide To Use PayPal
A Step By Step Guide To Use PayPal Table of Contents Introduction... 3 Creating an Account... 4 PayPal Verification... 5 Verification Process... 5 Utility of Each Account... 7 Transfer of Funds... 8 Checking
More informationOnline Fraud and Identity Theft Guide. A Guide to Protecting Your Identity and Accounts
A Guide to Protecting Your Identity and Accounts As part of SunTrust s commitment to protecting your accounts and identity, we ve created the Online Fraud & Identity Theft Guide, which provides information
More informationA Layered Approach to Fraud Mitigation. Nick White Product Manager, FIS Payments Integrated Financial Services
A Layered Approach to Fraud Mitigation Nick White Product Manager, FIS Payments Integrated Financial Services Session Agenda Growing Fraud Concerns Old Habits Die Hard Maneuvering through the Barriers
More informationPhishing: When is the Enemy
Phishing: When E-mail is the Enemy Phishing, once only a consumer worry, is creating headaches for e-mail administrators as businesses become the next target. CONTENTS Understanding the Enemy 2 Three Things
More informationFrauds & Scams. Why is the Internet so attractive to scam artists? 2006 Internet Fraud Trends. Fake Checks. Nigerian Scam
Frauds & Scams Why is the Internet so attractive to scam artists? Anonymity Low cost Rapid growth Easy to adapt Be Cyber Savvy with C-SAFE 118 2006 Internet Fraud Trends Average Loss Online Auctions 34%
More informationTHE SMALL BUSINESS FRAUD PREVENTION MANUAL
THE SMALL BUSINESS FRAUD PREVENTION MANUAL TABLE OF CONTENTS PART 1: INTERNAL FRAUD THREATS I. INTRODUCTION TO EMPLOYEE FRAUD The Shocking Cost of Employee Theft and Fraud... 1 The Cost of Fraud to Small
More informationSafeguarding Your Dealership from Fraud
Safeguarding Your Dealership from Fraud Fraud continues to be a problem at dealerships and the risks are only getting greater. Today s fraud schemes are more elaborate than ever and often employ an astonishingly
More informationMarco Polo Card User Guide
Marco Polo Card User Guide Catalogue 1. About Marco Polo Card... 2 2. Card Usage... 3 Card Activation... 3 SMS Functions... 3 Card Login... 4 View Account Details... 5 View Transaction History... 6 Edit
More informationsecurity FRAUD PREVENTION Business Checklist Safeguard your money, your credit and your good name.
security FRAUD PREVENTION Business Checklist Safeguard your money, your credit and your good name. Security for Your Business Mitigating risk is a daily reality for business owners, but you don t have
More informationSmall Business FRAUD PREVENTION Manual
Small Business FRAUD PREVENTION Manual TABLE OF CONTENTS PREFACE... ix PART 1: INTERNAL FRAUD THREATS I. INTRODUCTION TO EMPLOYEE FRAUD The Shocking Cost of Employee Theft and Fraud... 1 The Cost of Fraud
More informationPayment Security: Attacks & Defences
Payment Security: Attacks & Defences Dr Steven J Murdoch University College London COMPGA03, 2014-12-02 UK fraud is going up again Chip & PIN deployment period Losses ( m) 0 50 100 150 200 250 300 Card
More informationThe Dime Bank Security Tips
The Dime Bank Security Tips Debit Card Fraud The Dime Bank Debit MasterCard Chip Technology Beware of Unsolicited Phone Calls Are You a Safe Internet User? Information Security - Account Hijacking What
More informationGuide to credit card security
Contents Click on a title below to jump straight to that section. What is credit card fraud? Types of credit card fraud Current scams Keeping your card and card details safe Banking and shopping securely
More informationDonor Credit Card Security Policy
Donor Credit Card Security Policy INTRODUCTION This document explains the Community Foundation of Northeast Alabama s credit card security requirements for donors as required by the Payment Card Industry
More informationPRODUCT DISCLOSURE SHEET
PRODUCT DISCLOSURE SHEET KINDLY READ THIS PRODUCT DISCLOSURE SHEET BEFORE YOU DECIDE TO TAKE UP ANY TUNE MONEY SDN BHD ( TUNE MONEY ) PREPAID CARD. PLEASE MAKE SURE YOU ALSO READ THE TERMS AND CONDITIONS
More informationA STUDY OF TWO-FACTOR AUTHENTICATION AGAINST ON-LINE IDENTITY THEFT
A STUDY OF TWO-FACTOR AUTHENTICATION AGAINST ON-LINE IDENTITY THEFT Seungjae Shin, Mississippi State University, 1000 HWY 19N Meridian MS 39307, sshin@meridian.msstate.edu, (601)484-0160 Jerry Cunningham,
More informationIdentity Theft Victim s Complaint and Affidavit
Average time to complete: 10 minutes Identity Theft Victim s Complaint and Affidavit A voluntary form for filing a report with law enforcement, and disputes with credit reporting agencies and creditors
More informationWHAT IS CORPORATE ACCOUNT TAKEOVER? HOW DOES IT HAPPEN?
WHAT IS CORPORATE ACCOUNT TAKEOVER? Corporate Account Takeover (also referred to as CATO) is a type of fraud where criminals gain access to a business financial accounts to make unauthorized transactions.
More informationSeattle University Identity Theft Prevention Program. Purpose. Definitions
Seattle University Identity Theft Prevention Program Purpose The purpose of the program is to establish an Identity Theft Prevention Program designed to detect, prevent and mitigate identity theft in connection
More informationPayCard and Payroll Best Practices Presenter: Brian Slowik. PayCard and Payroll Best Practices 1
PayCard and Payroll Best Practices Presenter: Brian Slowik PayCard and Payroll Best Practices 1 Agenda The Paycard Industry The Compass Principles and Guiding Values- CFSI Compass Guidelines to Payroll
More informationProtecting Your Business From Hackers
Protecting Your Business From Hackers Technology Has Changed Real Estate Today, consumers have access to vast troves of information that enable them to make decisions faster than ever before Real estate
More informationTransaction Security Challenges & Solutions
Transaction Security Challenges & Solutions A REPORT FROM NEWNET COMMUNICATION TECHNOLOGIES, LLC Copyright NewNet Communication Technologies, LLC. 700 East Butterfield Road, Suite 350, Lombard, IL 60148
More information6 Vulnerabilities of the Retail Payment Ecosystem
6 Vulnerabilities of the Retail Payment Ecosystem FINANCIAL INSTITUTION PAYMENT GATEWAY DATABASES POINT OF SALE POINT OF INTERACTION SOFTWARE VENDOR Table of Contents 4 7 8 11 12 14 16 18 Intercepting
More informationYou can use your PIN to complete your purchases at point-of-sale and for ATM transactions.
Westpac Business Prepaid MasterCard FAQs General Questions Is the Business Prepaid card a credit card? No. The Business Prepaid card has funds loaded on it by your employer. You can use the Business Prepaid
More informationOuachita Baptist University. Identity Theft Policy and Program
Ouachita Baptist University Identity Theft Policy and Program Under the Federal Trade Commission s Red Flags Rule, Ouachita Baptist University is required to establish an Identity Theft Prevention Program
More informationRetail/Consumer Client Internet Banking Awareness and Education Program
Retail/Consumer Client Internet Banking Table of Contents Securing Your Environment... 3 Unsolicited Client Contact... 3 Protecting Your Identity... 3 1) E-mail Risk... 3 2) Internet Risks... 4 3) Telephone
More informationSection 1: Assessment Information
Section 1: Assessment Information Instructions for Submission This document must be completed as a declaration of the results of the merchant s self-assessment with the Payment Card Industry Data Security
More informationVoice Authorization QUICK REFERENCE GUIDE
QUICK REFERENCE GUIDE Voice Authorization Get credit card authorizations using any touch-tone telephone enter the authorization codes when your POS system is ready. Voice authorization systems allow you
More informationISACA GEEK WEEK SECURITY MANAGEMENT TO ENTERPRISE RISK MANAGEMENT USING THE ISO FRAMEWORK AUGUST 19, 2015
ISACA GEEK WEEK SECURITY MANAGEMENT TO ENTERPRISE RISK MANAGEMENT USING THE ISO 27001 FRAMEWORK AUGUST 19, 2015 Agenda Coalfire Overview Threat Landscape What is ISO Why ISO ISO Cycle Q&A 2 Presenters
More informationCredit Card Frauds Sept.08, 2016
Credit Card Frauds Sept.08, 2016 Definitions Credit Card A card allowing the holder to purchasing goods or services on credit Debit Card A card allowing transfer of money from a bank a/c electronically
More informationWhy you MUST protect your customer data
Why you MUST protect your customer data If you think you re exempt from compliance with customer data security and privacy laws because you re a small business, think again. Businesses of all sizes are
More informationCREDIT UNION NORTHERN IRELAND PREPAID CARD TERMS AND CONDITIONS BY USING THE PREPAID CARD YOU ARE AGREEING TO THESE TERMS AND CONDITIONS.
CREDIT UNION NORTHERN IRELAND PREPAID CARD TERMS AND CONDITIONS BY USING THE PREPAID CARD YOU ARE AGREEING TO THESE TERMS AND CONDITIONS. These terms and conditions apply to Your Prepaid Card. You must
More informationOracle Banking Digital Experience
Oracle Banking Digital Experience Islamic Banking Retail Accounts User Manual Release 17.1.0.0.0 Part No. E83887-01 March 2017 Islamic Banking Retail Accounts User Manual March 2017 Oracle Financial Services
More informationQNB Bank-ONLINE AGREEMENT
This is an Agreement between you and QNB Bank ("QNB"). It explains the rules of your electronic access to your accounts through QNB Online. By using QNB-Online, you accept all the terms and conditions
More informationProtect Your Data the Way Banks Protect Your Money
Protect Your Data the Way Banks Protect Your Money A New Security Model Worth Understanding and Emulating Enterprise security traditionally relied on a fortress strategy that locked down user endpoints
More informationStop in the name of EMV! Is merchant regulation breaking your heart? April 4, Amegy Bank, a division of ZB, N.A. Member FDIC
Stop in the name of EMV! Is merchant regulation breaking your heart? April 4, 2017 Introductions Ana Chandler AVP, Treasury Management Sales Julie Fairbanks VP, Merchant Sales William (Bill) Rogers VP
More informationPanda Security 2010 Page 1
Panda Security 2010 Page 1 Executive Summary The malware economy is flourishing and affecting both consumers and businesses of all sizes. The reality is that cybercrime is growing exponentially in frequency
More informationTOP RISK CONCERNS MERCHANT DATA BREACHES. Presented by Ann Davidson, VP of Risk Consulting at Allied Solutions
TOP RISK CONCERNS MERCHANT DATA BREACHES Presented by Ann Davidson, VP of Risk Consulting at Allied Solutions Today s Webinar Will Cover: Current state of merchant data breaches Impact of merchant data
More informationWith certain types of prepaid account, you can do just about everything a traditional bank account allows you to do, including using your prepaid
With certain types of prepaid account, you can do just about everything a traditional bank account allows you to do, including using your prepaid card to shop in store and online. But the key is you cannot
More informationOTHER PEOPLE S MONEY: THE BASICS OF ASSET MISAPPROPRIATION (NO )
: THE BASICS OF ASSET MISAPPROPRIATION (NO. 99-5402) TABLE OF CONTENTS I. INTRODUCTION The Pervasive Threat of Employee Theft... 3 Asset Misappropriations... 5 ACFE s Occupational Fraud and Abuse Survey...
More informationPaying Employees by Paycard with JD Edwards EnterpriseOne Payroll O R A C L E W H I T E P A P E R J U L Y
Paying Employees by Paycard with JD Edwards EnterpriseOne Payroll O R A C L E W H I T E P A P E R J U L Y 2 0 1 7 Table of Contents Introduction 1 Paycard Trends 1 About Paycards 2 How do Paycards Work?
More informationNewcomer Finances Toolkit. Fraud. Worksheets
Newcomer Finances Toolkit Fraud Worksheets Ottawa Community Loan Fund Fonds d emprunt Communautaire d Ottawa 22 O Meara St., Causeway Work Centre, Ottawa, ON K1Y 4N6 Tel: 613-594-3535 Fax: 613-594-8118
More informationWestpac Credit cards. Prepaid Cards
Westpac Credit cards Prepaid Cards As at 1 July 2017 Whether you re planning on sending money overseas or you just want a simple way to buy things online or around the world, we have a card to help you.
More informationFAQ S About Unicâmbio Prepaid Card
FAQ S About Unicâmbio Prepaid Card What are the advantages of the Unicâmbio Prepaid Card when compared with a credit or debit card? Security. It is common knowledge that the risks of credit and debit cards
More informationSite Data Protection (SDP) Program Update
Advanced Payments October 9, 2006 Site Data Protection (SDP) Program Update Agenda Security Landscape PCI Security Standards Council SDP Program October 9, 2006 SDP Program Update 2 Security Landscape
More informationThese terms and conditions apply to your Prepaid Card. You must read them carefully. In these terms and conditions: -
These terms and conditions apply to your Prepaid Card. You must read them carefully. In these terms and conditions: - Authorised Cardholder means the person you have authorised to use a prepaid card connected
More informationNOT PROTECTIVELY MARKED PHISHING. July 2016
- PHISHING July 2016 1 Introduction: The purpose of this document is to provide an analysis of the most prevalent trends and characteristics of phishing campaigns in the UK in July 2016. The analysis is
More informationNavigating the PCI DSS Challenge. 29 April 2011
Navigating the PCI DSS Challenge 29 April 2011 Agenda 1. Overview of Threat and Compliance Landscape 2. Introduction to the PCI Security Standards 3. Payment Brand Compliance Programs 4. PCI DSS Scope
More informationOracle Banking Digital Experience
Oracle Banking Digital Experience Retail Accounts User Manual Release 18.1.0.0.0 Part No. E92727-01 January 2018 Retail Accounts User Manual January 2018 Oracle Financial Services Software Limited Oracle
More informationOracle Banking Digital Experience
Oracle Banking Digital Experience Islamic Banking Retail Accounts User Manual Release 17.2.0.0.0 Part No. E88573-01 July 2017 Islamic Banking Retail Accounts User Manual July 2017 Oracle Financial Services
More informationCredit Union Cyber Crisis: Gaining Awareness and Combatting Cyber Threats Without Breaking the Bank
Credit Union Cyber Crisis: Gaining Awareness and Combatting Cyber Threats Without Breaking the Bank Introduction The 6,331 credit unions in the United States face a unique challenge when it comes to cybersecurity.
More informationUniversity of North Texas System Administration Identity Theft Prevention Program
University of North Texas System Administration Identity Theft Prevention Program I. Purpose of the Identity Theft Prevention Program The Federal Trade Commission ( FTC ) requires certain entities, including
More informationXPERIENCE PROGRAM GENERAL QUESTIONS
XPERIENCE PROGRAM GENERAL QUESTIONS CURRENT XPERIENCE PROGRAM? The current Xperience Program allows you to access an instant amount off of a qualifying treatment through a Mastercard Virtual Account. This
More informationCybersecurity The Evolving Landscape
Cybersecurity The Evolving Landscape 1 Presenter Zach Shelton, CISA Principal DHG IT Advisory Zach.Shelton@DHG.com Raleigh, NC 14+ years of experience in IT Consulting 11+ years of experience with DHG
More informationTRANSCORP INTERNATIONAL LTD. FAQs: TRANSCORP PREPAID CARD. It can be used for Shopping Outlets, online portals and for cash withdrawal at ATMs.
TRANSCORP INTERNATIONAL LTD FAQs: TRANSCORP PREPAID CARD Prepaid Reloadable Card Q. What is a TRANSCORP Reloadable Prepaid Card? Transcorp Prepaid Reloadable Card is a Rupee denominated magnetic strip
More informationHow to Catch a Thief. Trends & Technologies in the Fight Against Fraud. Rohan Langley SAS
How to Catch a Thief Trends & Technologies in the Fight Against Fraud Rohan Langley SAS Global Drivers & Challenges: The Changing Fraud Landscape Fixing Fraud: A Fraud Solution A Real World Example: Online
More informationAbout MagTek. PIN Entry & Management
About MagTek Since 1972, MagTek has been a leading manufacturer of electronic devices and systems for the reliable issuance, reading, transmission and security of cards, checks, PINs and other identification
More informationOracle Banking Digital Experience
Oracle Banking Digital Experience Retail Accounts User Manual Release 17.2.0.0.0 Part No. E88573-01 July 2017 Retail Accounts User Manual July 2017 Oracle Financial Services Software Limited Oracle Park
More informationAction Fraud & the NFIB. DS Martina MCGRILLEN
Action Fraud & the NFIB DS Martina MCGRILLEN 2006 - The Attorney General and Chief Secretary to the Treasury s Fraud Review 2009 - The development of Action Fraud and the NFIB 2014 - The transition of
More informationBest Practices Guide to Electronic Banking
Best Practices Guide to Electronic Banking City Bank & Trust Company offers a variety of services to our customers. As these services have evolved over time, a much higher percentage of customers have
More informationProcessing Payments Securely in the Digital World
Processing Payments Securely in the Digital World Frank J. Leone, SVP, CTP Treasury Management Capital One Bank Mark Kemen Senior Business Analyst & Project Manager Cincinnati Bell William Cohn Head of
More informationGetting it right. Fiona Duncan Head of Prepaid Centre of Excellence Visa Europe. Information Classification as Needed
Getting it right Fiona Duncan Head of Prepaid Centre of Excellence Visa Europe For Visa Member Use Only This information is not intended, and should not be construed, as an offer to sell, or as a solicitation
More informationSecurity+ Guide to Network Security Fundamentals, Fourth Edition. Chapter 1 Introduction to Security
Security+ Guide to Network Security Fundamentals, Fourth Edition Chapter 1 Introduction to Security Objectives Describe the challenges of securing information Define information security and explain why
More informationSecurity Awareness. Chapter 2 Personal Security
Security Awareness Chapter 2 Personal Security Objectives After completing this chapter, you should be able to do the following: Define what makes a weak password Describe the attacks against passwords
More informationBusiness Online Banking & Bill Pay Guide to Getting Started
Business Online Banking & Bill Pay Guide to Getting Started What s Inside Contents Security at Vectra Bank... 4 Getting Started Online... 5 Welcome to Vectra Bank Business Online Banking. Whether you re
More information