E&S PERFECTING. Prepaid Card Fraud: An Industry Primer. An E&S Consulting White Paper. April 2015 PAYMENTS

Size: px
Start display at page:

Download "E&S PERFECTING. Prepaid Card Fraud: An Industry Primer. An E&S Consulting White Paper. April 2015 PAYMENTS"

Transcription

1 April 2015 Prepaid Card Fraud: An Industry Primer 2015 E&S Consulting, LLC. All rights reserved. E&S Consulting is a payments industry consultancy that advises merchant acquirers, retailers, card marketers and issuers in a broad range of payment and financial services domains including prepaid program management, competitive research, training, marketing, POS hardware and software managment and partner recommendations.

2 PREPAID CARD FRAUD: AN INDUSTRY PRIMER Over the past few years, the popularity of prepaid cards has skyrocketed as consumers seek alternatives to checking accounts and credit cards and as the unbanked/under-banked population attempt to handle their finances in a more efficient manner. According to the Nilson Report, the top 50 largest U.S. banks and credit union issuers of general purpose reloadable (GPR) prepaid cards accounted for $ billion in spending at merchants in 2013 (the last year for which figures are available), up by 6.1 percent from Mercator Advisory Group has pegged the amount of money loaded on GPR cards as having almost tripled between 2008 and 2012, rising to $76.7 billion. That number is expected to rise to $168.4 billion by But with such growth comes the challenge of the phenomena known as prepaid card fraud. Prepaid card fraud is not only a real phenomena, it is packing a significant financial wallop. In 2013, the Federal Trade Commission (FTC) noted that Americans alone had reported collective losses of $42.86 million to schemes involving prepaid cards. By most accounts, such losses are in truth much higher: Consumers embarrassment at having fallen for such schemes, coupled with their reluctance to pursue legal recourse for prepaid card fraud based on the difficulty of doing so, has prevented many individuals from bringing these occurrences to authorities attention. Reported or not, most prepaid card fraud is perpetrated using GPR cards. These cards are issued by financial institutions and have long-term expiration dates. They can be sold at bank branches and retail stores and may be re-loaded after all or some of their initial value has been depleted. And as fraudsters become increasingly sophisticated, the types of fraud committed with these cards turns ever more complex, making mitigation, which has always been a priority, of utmost and unparalleled importance. Understanding Prepaid Card Fraud Industry players must maintain a handle on the ins and outs of established and emerging schemes alike as well as on strategies for addressing them if mitigation initiatives are to be effective. An understanding of prepaid card fraud is also imperative for all industry constituents, including issuers, prepaid program managers, and merchants: In the event that such fraud remains unaddressed, consumers may avoid purchasing prepaid products, in turn impacting revenues throughout the entire payment chain. Skimming One of the most common flavors of prepaid card fraud, skimming involves magnetic stripe cards. In a skimming scenario, thieves steal packages of cards from prepaid card malls or fixtures in stores. They then remove the cards, skim the magnetic stripes from the back, and return the cards to the display. An unsuspecting consumer then buys and activates one of the cards, while at the same time the thieves repeatedly check online to determine which has been activated and is ready to be used.

3 Skimming (cont d) Pre-skimming magnetic stripe checks are generally performed with bot malware that does the job via an automatic dialer or by entering card numbers on issuers websites every few minutes to check the account activation status and balance. Assessing activations with this level of frequency allows thieves to exploit the interval between the moment the card is activated and the time the customer first uses it, but there is more to the equation. With a counterfeit card created from the skimmed data, perpetrators spend the remaining balance after it has been skimmed and a new card created or used online--and before the actual customer tries to use it. By the time the real cardholder is ready to spend the money he thought was on the card, the account is empty. The only bright spot in this scenario: Skimming proves to be cost-effective only if fraudsters are engaging it on a large scale in other words, skimming gift cards with balances of up to $500. Counterfeit Barcodes This is another scheme perpetrated in-store. Fraudsters begin by applying barcoded stickers over the genuine barcodes of prepaid cards. When a sticker is scanned, the activation is directed away from the card the consumer is purchasing and to the thief s blank card. The consumer gets a card that is not activated a problem he will discover only after he attempts to utilize it. He has no proof of activation (and hence, no way to recover the money) because the activation scan was re-directed from his legitimate card to the thief s blank card. Misdirection Fraud Misdirection fraud is considered by some to be the dirtiest trick in prepaid, primarily because its common victims include low-income recipients of government-issued benefits. Misdirection fraud assumes many guises. Under the umbrella known as benefit misdirection, perpetrators steal victims identities and use them to open fraudulent accounts, layering the proceeds (primarily Medicare, social security or WIC payments or tax refunds) onto GPR cards. These GPR cards are obtained by passing standard required ID verification methods, and are subsequently used to withdraw cash at an ATM or to purchase high-end goods with the latter sold through ebay, Craigslist, pawn shops, and similar entities to raise cash. Another iteration of misdirection fraud is victim-assisted misdirection fraud designated as such because information harnessed to carry out the scheme is supplied by victims themselves. In both cases,fraudsters instruct victims to load money onto GPRs for seemingly legitimate reasons e.g., to immediatelypay a utility bill, thereby avoiding disconnection, or to cover the tax and shipping cost of a prize won in a contest. Once victims have done so, they are told to provide the account number and PIN of the GPR they have purchased to a representative of the entity that requested it.however, the entity does not exist. Instead, human money mules enlisted in the scheme use the supplied information to empty the card of the money that has been loaded onto it.

4 Misdirection Fraud (cont d) Of particular concern when grappling with misdirection fraud is the fact that identifying and attacking it has proven to be much more difficult than banning it. Embarrassment about having fallen for a misdirection fraud scam often prevents victims from coming forward and reporting them, especially when the sum of money lost is relatively insignificant, as can be the case. Even in instances that involve marked loss, tracing its source frequently is tricky: Perpetrators tend to execute schemes against individual victims by ordering them to purchase multiple prepaid cards in smaller denominations transactions that simply do not stand out as larger ones would. Cyber-Attacks Cyber-attacks on retailers databases, along with merchant-level data breaches have been a point of entry to prepaid card fraud. Hackers cannot determine whether a given stolen card number is associated with a credit card account or a prepaid card account. However, they do utilize stolen card numbers to fabricate fraudulent white cards to be used at the POS, as well as to purchase open or closed loop gift cards. Addressing this variety of prepaid card fraud can also be challenging because the scope of a single incident can expand quickly, making timely curtailment almost impossible. For instance, a few years ago, several perpetrators hacked into RBS WorldPay s computer network and breached the data encryption on prepaid debit cards used by WorldPay clients to pay their employees. Members of the ring loaded more than $9 million onto 44 fake prepaid debit cards, which were then employed by mules to withdraw the money from more than 2,100 ATMs in at least 280 cities around the world in under 12 hours. Fraud alerts were issued, the cards were invalidated, and the ringleader was apprehended and convicted, but the withdrawals were made so quickly that it was not possible to stem the loss. Reg. E Error Resolution With the exception of payroll cards and some types of government-administered cards, most issuers do adhere to Regulation E error resolution procedures for reloadable cards. The provisional credit portion of the regulation holds that funds must be temporarily redeposit onto cards in instances where a consumer dispute cannot be investigated and resolved within specific time frames (10 business days). Fraudsters method of abusing the provisional credit mandate involves disputing prepaid card transactions in order to receive from issuers provisional credits to their prepaid card accounts. Once issuers have granted such good-faith credits, perpetrators spend the money, and never use or load the card again. Before issuers can determine that these disputes are not legitimate and once again debit the appropriate sum from fraudsters accounts, both money and cardholders have disappeared.

5 PREPAID FRAUD CONTROLS While automated,off-the-shelf prepaid card fraud monitoring tools have yet to be developed, issuers have come to consider repeat value checks on un-activated prepaid cards an indicator of imminent fraudulent activity, and have instituted the precautionary practice of shutting down any prepaid card account for which a seemingly excessive number of such checks have been performed. However, a far more comprehensive approach to combating or at least minimizing the phenomena and its impact is needed. The elements of this approach encompass: Tamper-evident/Tamper-resistant Packaging Despite its cost, tamper-resistant packaging for prepaid cards displayed on fixtures with j-hooks constitutes an effective first line of defense against both skimming and the use of fake bar codes. In fact, it is a component of brand requirements. Merchants must maximize the potential of such packaging to deter the purchase of prepaid instruments for illegitimate purposes by training sales clerks to identify signs of tampering. This includes small tears, creasing, and similar evidence that packaging has been open and re-closed and that the replacement of cards inside a package may have occurred, as well as the appearance of stickers on packaging. Clerks should be instructed that they should never activate any prepaid card when evidence of tampering exists, but rather, to destroy it immediately or give it to a manager who can do the same. Prepaid cards also feature numbering and sequencing to prevent would-be fraudsters from replacing prepaid cards inside packages or otherwise altering packaging in order to perpetrate their schemes. Consequently, in-store procedures for detecting tampering should also involve a scan of the number imprinted on a given prepaid card itself (visible through the packaging window) with the number printed on its packaging. A mismatch flags the possibility of a replacement or fake barcode and renders card activation impossible. Customer Approval Controls Prepaid card fraud is, in most cases, identity theft. No consumer should be approved to open a prepaid card account until customer approval controls have been applied. This starts with the verification of customer addresses through USPS Address Verification; if the address provided and information on file do not match, an account should not be opened. Requesting that applicants show a photo ID, voter registration card, or recent utility bill (with a canceled postmark) can deter fraud as well. Another equally critical customer approval control is knowledge-based authentication (KBA), wherein each prospective cardholder s answers to certain questions (i.e., social security number (SSN), driver s license number) is compared to information contained in public records. Any individual who provides an SSN that is determined to belong to a deceased or imprisoned party should automatically be denied a prepaid account.

6 Additional Identity Theft Control Beyond customer approval controls, it behooves the issuing community to flag indicators that prepaid card fraud, rather than the legitimate purchase of a prepaid card, is in progress. This should entail the catching of SSNs with addresses, telephone numbers, addresses, and IP addresses. Attempts should be made to pinpoint instances in which high-risk telephone numbers (both pager numbers and invalid numbers) and addresses (non-verifiable addresses and those with oddly formatted domain addresses) have been supplied, and in which multiple recipient address changes within a user-defined period of time have been requested (such changes should, under ideal circumstances, be prohibited). Equally essential are the leveraging of IP location services to limit activations from foreign countries and the utilization of velocity controls. Velocity controls may include checks for multiple cards associated with a single address (per day, week, or month) and multiple activations per ANI, IP or device ID or cards per phone, physical address or address. Online fraud monitoring software, too, is valuable in identity theft control, as is assistance from third-party verification services. Many of the latter provide high-risk response codes when irregularities are detected during the identity verification process. Such irregularities may encompass, but are not limited to, the use of SSNs that are invalid, were never issued, belong to a deceased person, or are associated with multiple individuals; invalid telephone numbers or pager numbers; forwarding addresses; and addresses of mail drops, commercial businesses, and prisons. Money-On Controls For Tax Deposits And Benefits When tax refunds and benefits are loaded onto prepaid cards, it is imperative that the tax or benefits authority include the recipient s SSN or the last four numbers thereof on the Automated Clearing House (ACH) transfer, along with a reference that funds comprise either tax refund or benefits monies. Multiple deposits to single prepaid card accounts should be limited. Additionally, mismatches between names indicated on ACH entries and beneficiary names contained in tax or agencies records, as well as other questionable information, should trigger a return of funds using the R17 refund mismatch return code. Money-On Controls For Card Re-loads In addition to leveraging the identity verification methods covered above, money-on controls for card reloads must always entail ensuring that reloads come from a single, verified funding source. Placing limits on the value of reloads also bodes well for minimizing the use of GPR cards for fraudulent activities.

7 Money-Out Controls On Prepaid Card Spending Cardholder spending warrants careful monitoring for potentially suspicious transactions, including those initiated in foreign countries and at high-risk merchants. The spending of prepaid card funds in foreign nations can and should be limited or blocked, with these limitations/blocks instituted on a country-by-country basis should activity warrant. CONCLUSION The contest between fraudsters and prepaid card industry stakeholders will continue as perpetrators exercise increased creativity and aptitude at finding new vulnerabilities within the prepaid ecosystem and exploiting existing ones. Thus, it benefits all industry constituents issuers, prepaid card program managers, and merchants alike to familiarize themselves with emerging and well-developed prepaid card fraud schemes, and to consistently share their knowledge with those outside their own lines of business. The end-result of such cooperation and communication will render fraud a less frequent occurrence and less of a concern not only to the prepaid community, but to consumers as well. For more information, contact E&S Consulting at info@eandsconsultingllc.com or give us a call at

Target Breach Overview

Target Breach Overview Target Breach Overview Q: Media reports are stating that Target experienced a data breach. Can you provide more specifics? A: Yes, Target has confirmed that it experienced unauthorized access to its systems

More information

Fraud Risks Facing Credit Unions. ALLIED SOLUTIONS LLC SERVICE CENTER 210 East Main Street, Suite 200, Niles, MI Fax:

Fraud Risks Facing Credit Unions. ALLIED SOLUTIONS LLC SERVICE CENTER 210 East Main Street, Suite 200, Niles, MI Fax: Fraud Risks Facing Credit Unions Today s Session Global risks Share how the bad guys are getting in Focus on Cyber and Card Risk Discuss what the credit union can do to prevent the risk Open discussion

More information

Prepaid Access MIDWEST ANTI-MONEY LAUNDERING CONFERENCE Federal Reserve Bank of Kansas City March 5, 2014

Prepaid Access MIDWEST ANTI-MONEY LAUNDERING CONFERENCE Federal Reserve Bank of Kansas City March 5, 2014 Prepaid Access 2014 MIDWEST ANTI-MONEY LAUNDERING CONFERENCE Federal Reserve Bank of Kansas City March 5, 2014 Discussion Points Emerging Technology Prepaid Access What is it and how does it work? Open

More information

NOT-FOR- PROFIT SERVICES GROUP Client Information Bulletin

NOT-FOR- PROFIT SERVICES GROUP Client Information Bulletin NOT-FOR- PROFIT SERVICES GROUP GUARDING AGAINST CYBERTHEFT The Problem: There has been an increase in electronic funds transfer (EFT) fraud being perpetrated on small to medium-size businesses in the past

More information

How does the Prepaid Travel Card work?

How does the Prepaid Travel Card work? How does the Prepaid Travel Card work? The American Airlines Federal Credit Union ( Credit Union ) Prepaid Travel Card is a reloadable prepaid card, which means you can spend up to the value placed on

More information

COMMON WAYS IDENTITY THEFT CAN HAPPEN:

COMMON WAYS IDENTITY THEFT CAN HAPPEN: COMMON WAYS IDENTITY THEFT CAN HAPPEN: OLD FASHIONED STEALING / DUMPSTER DIVING Thieves typically steal wallets and purses. They also steal mail such as credit card and bank statements, pre-approved credit

More information

6 th Annual Prepaid Assessment Measuring The 2008 Prepaid Market

6 th Annual Prepaid Assessment Measuring The 2008 Prepaid Market 6 th Annual Prepaid Assessment Measuring The 2008 Prepaid Market Reviewing Three Reports: Open Loop Assessment Published August 2009 Closed Loop Assessment Published September 2009 2009 to 2012 Forecast

More information

( Utility Name ) Identity Theft Prevention Program

( Utility Name ) Identity Theft Prevention Program ***DRAFT*** ( Utility Name ) Identity Theft Prevention Program Implemented as of, 2008 *** This document is intended to give guidance to municipal utilities in their understanding of the FTC Red Flag Rule.

More information

Red Flags/Identity Theft Prevention Policy: Purpose

Red Flags/Identity Theft Prevention Policy: Purpose Red Flags/Identity Theft Prevention Policy: 200.3 Purpose Employees and students depend on Morehouse College ( Morehouse ) to properly protect their personal non-public information, which is gathered and

More information

Prevention of Identity Theft in Student Financial Transactions AP 5800

Prevention of Identity Theft in Student Financial Transactions AP 5800 Reference: Fair and Accurate Credit Transactions Act (Pub. L. 108-159) The Board recognizes that some activities of the Shasta-Tehama-Trinity Joint Community College District, "District," are subject to

More information

STOCKTON UNIVERSITY PROCEDURE DEFINITIONS

STOCKTON UNIVERSITY PROCEDURE DEFINITIONS STOCKTON UNIVERSITY PROCEDURE Identity Theft Prevention Program Procedure Administrator: Director of Risk Management and Environmental/Health/Safety Authority: Fair and Accurate Credit Transactions Act

More information

Baptist Financial Services

Baptist Financial Services Baptist Financial Services BFS Visa Prepaid PayCard FREQUENTLY ASKED QUESTIONS (FAQ S) Questions for Employers 1 What is a BFS Visa Prepaid PayCard? 2 How do I get a BFS Visa Prepaid PayCard? 3 How does

More information

Global Prepaid Card Market with Focus on The United States ( ) April 2016

Global Prepaid Card Market with Focus on The United States ( ) April 2016 Global Prepaid Card Market with Focus on The United States (2016-2020) April 2016 Global Prepaid Card Market Report Scope of the Report The report titled Global Prepaid Card Market with Focus on The United

More information

Page 1 of 6 Bank card and cheque fraud

Page 1 of 6 Bank card and cheque fraud Page 1 of 6 happens when criminals steal your cards or chequebook and gain access to funds in your account. More about bank card and cheque fraud Criminals steal your bank cards or cheque book; or they

More information

BFS VISA PREPAID CARDS FREQUENTLY ASKED QUESTIONS (FAQ S)

BFS VISA PREPAID CARDS FREQUENTLY ASKED QUESTIONS (FAQ S) BFS VISA PREPAID CARDS FREQUENTLY ASKED QUESTIONS (FAQ S) 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 What is a BFS Visa Prepaid

More information

IDENTITY THEFT PREVENTION Policy Statement

IDENTITY THEFT PREVENTION Policy Statement Responsible University Officials: Vice President for Financial Operations and Treasurer Responsible Office: Office of Financial Operations Origination Date: October 13, 2009 IDENTITY THEFT PREVENTION Policy

More information

Red Flags Program. Purpose

Red Flags Program. Purpose Red Flags Program Purpose The purpose of this Red Flags Rules Program is to document the protocol adopted by the University of Memphis in compliance with the Red Flags Rules. Many offices at the University

More information

Policy 24 Identity Theft Prevention Program IDENTITY THEFT PREVENTION PROGRAM OF WEBB CREEK UTILITY DISTRICT

Policy 24 Identity Theft Prevention Program IDENTITY THEFT PREVENTION PROGRAM OF WEBB CREEK UTILITY DISTRICT Policy 24 Identity Theft Prevention Program IDENTITY THEFT PREVENTION PROGRAM OF WEBB CREEK UTILITY DISTRICT The Utility maintains accounts for its customers to pay for utility service where bills are

More information

IT Audit and Risk Trends for Credit Union Internal Auditors. Blair Bautista, Director Bob Grill, Manager David Dyk, Manager

IT Audit and Risk Trends for Credit Union Internal Auditors. Blair Bautista, Director Bob Grill, Manager David Dyk, Manager IT Audit and Risk Trends for Credit Union Internal Auditors Blair Bautista, Director Bob Grill, Manager David Dyk, Manager 1 AGENDA Internet Banking Authentication ATM Security and PIN Compliance Social

More information

Identity Theft, Fraud & You. PrePare. Protect. Prevent.

Identity Theft, Fraud & You. PrePare. Protect. Prevent. PrePare. Protect. Prevent. Identity Theft, Fraud & You Fraud and identity theft incidents claimed fewer victims in 2010 than in previous years. But don t get too comfortable. Average out-of-pocket consumer

More information

Payment Systems Department

Payment Systems Department Note: Please follow these guidelines for your safety as you enjoy the convenience of technology. However these guidelines are general; therefore, specific precautions may be taken as warranted by the situation

More information

The web seminar has not yet started: A sound check will be performed 5 minutes before the start time.

The web seminar has not yet started: A sound check will be performed 5 minutes before the start time. The web seminar has not yet started: A sound check will be performed 5 minutes before the start time. COPYRIGHT NOTICE USE OF WEBEX LOGIN/PASSWORD FOR ACAMS WEB SEMINARS Each site license entitles registrant

More information

Identity Theft Policies and Procedures

Identity Theft Policies and Procedures Identity Theft Policies and Procedures Davis & Wehrle, LLC 1104 S. Mays, Suite 105 Round Rock, TX 78664-6700 United States (512) 346-1131 Davis & Wehrle Identity Theft Policies & Procedures September 2017

More information

City of New Haven Water, Sewer and Natural Gas Utilities Identity Theft Prevention Program

City of New Haven Water, Sewer and Natural Gas Utilities Identity Theft Prevention Program City of New Haven Identity Theft Prevention Program, October 2008, page City of New Haven Water, Sewer and Natural Gas Utilities Identity Theft Prevention Program Adopted by Resolution of the Mayor and

More information

Executive Summary of the Prepaid Rule

Executive Summary of the Prepaid Rule 1700 G Street NW, Washington, DC 20552 October 5, 2016 This summary is current as of October 5, 2016. It has not been updated to reflect final rules, guidance, or other interpretations issued after this

More information

Red Flag Policy and Identity Theft Prevention Program

Red Flag Policy and Identity Theft Prevention Program Unified Government of Wyandotte County and Kansas City, Kansas Adopted: 5/11/2011 Red Flag Policy and Identity Theft Prevention Program Authority: The Mayor and the Board of Commissioners are responsible

More information

Maintaining Trust: Visa Inc. Payment Security Strategy

Maintaining Trust: Visa Inc. Payment Security Strategy Maintaining Trust: Visa Inc Payment Security Strategy Ellen Richey 2010 Payments Conference Chicago Federal Reserve Global Electronic Payments Protecting the payment system is a shared responsibility among

More information

Agreement Between the Per Diem Prepaid Cardholder and U.S. Bank National Association ( U.S. Bank ) (Dated January, 2014)

Agreement Between the Per Diem Prepaid Cardholder and U.S. Bank National Association ( U.S. Bank ) (Dated January, 2014) Non-Consumer Per Diem Cardholder Agreement Agreement Between the Per Diem Prepaid Cardholder and U.S. Bank National Association ( U.S. Bank ) (Dated January, 2014) IMPORTANT: The enclosed U.S. Bank Per

More information

Protect Yourself From. Identify Theft

Protect Yourself From. Identify Theft Protect Yourself From Identify Theft What is Identity Theft? Identity theft occurs when someone uses another person identifying information without their permission in order to access resources, obtain

More information

Identity Theft Prevention Policy

Identity Theft Prevention Policy Identity Theft Prevention Policy Purpose of the Policy To establish an Identity Theft Prevention Program (Program) designed to detect, prevent and mitigate identity theft in connection with the opening

More information

[Utility Name] Identity Theft Prevention Program

[Utility Name] Identity Theft Prevention Program [Utility Name] Identity Theft Prevention Program Effective beginning, 2008 Minnesota Municipal Utilities Association Sample Red Flag policy I. PROGRAM ADOPTION The [Utility Name] ("Utility") developed

More information

Identity Theft Prevention Program. Effective beginning August 1, 2009

Identity Theft Prevention Program. Effective beginning August 1, 2009 Identity Theft Prevention Program Effective beginning August 1, 2009 I. PROGRAM ADOPTION Christian Brothers University developed this Identity Theft Prevention Program pursuant to the Federal Trade Commission's

More information

National Travel Associates

National Travel Associates National Travel Associates Fraud Prevention Module 2012 National Travel Associates Fraud In The Travel Industry With the popularity of online booking engines in the 90 s there was a huge insurgence of

More information

How. Biometrics. Expand the Reach of Mobile Banking ENTER

How. Biometrics. Expand the Reach of Mobile Banking ENTER How Biometrics Expand the Reach of Mobile Banking ENTER Table of Contents 01 The Mobile Banking Opportunity 02 What s Suppressing Mobile Adoption? 03 Onboarding Challenges: Proving One s Identity 04 Authentication

More information

PRIVACY AND ONLINE DATA: CAN WE HAVE BOTH?

PRIVACY AND ONLINE DATA: CAN WE HAVE BOTH? PAPER PRIVACY AND ONLINE DATA: CAN WE HAVE BOTH? By Peter Varhol www.actian.com ignificant change has arrived in how computing and storage consumes data concerning individuals. Merchants, data collection

More information

A Step By Step Guide To Use PayPal

A Step By Step Guide To Use PayPal A Step By Step Guide To Use PayPal Table of Contents Introduction... 3 Creating an Account... 4 PayPal Verification... 5 Verification Process... 5 Utility of Each Account... 7 Transfer of Funds... 8 Checking

More information

Online Fraud and Identity Theft Guide. A Guide to Protecting Your Identity and Accounts

Online Fraud and Identity Theft Guide. A Guide to Protecting Your Identity and Accounts A Guide to Protecting Your Identity and Accounts As part of SunTrust s commitment to protecting your accounts and identity, we ve created the Online Fraud & Identity Theft Guide, which provides information

More information

A Layered Approach to Fraud Mitigation. Nick White Product Manager, FIS Payments Integrated Financial Services

A Layered Approach to Fraud Mitigation. Nick White Product Manager, FIS Payments Integrated Financial Services A Layered Approach to Fraud Mitigation Nick White Product Manager, FIS Payments Integrated Financial Services Session Agenda Growing Fraud Concerns Old Habits Die Hard Maneuvering through the Barriers

More information

Phishing: When is the Enemy

Phishing: When  is the Enemy Phishing: When E-mail is the Enemy Phishing, once only a consumer worry, is creating headaches for e-mail administrators as businesses become the next target. CONTENTS Understanding the Enemy 2 Three Things

More information

Frauds & Scams. Why is the Internet so attractive to scam artists? 2006 Internet Fraud Trends. Fake Checks. Nigerian Scam

Frauds & Scams. Why is the Internet so attractive to scam artists? 2006 Internet Fraud Trends. Fake Checks. Nigerian Scam Frauds & Scams Why is the Internet so attractive to scam artists? Anonymity Low cost Rapid growth Easy to adapt Be Cyber Savvy with C-SAFE 118 2006 Internet Fraud Trends Average Loss Online Auctions 34%

More information

THE SMALL BUSINESS FRAUD PREVENTION MANUAL

THE SMALL BUSINESS FRAUD PREVENTION MANUAL THE SMALL BUSINESS FRAUD PREVENTION MANUAL TABLE OF CONTENTS PART 1: INTERNAL FRAUD THREATS I. INTRODUCTION TO EMPLOYEE FRAUD The Shocking Cost of Employee Theft and Fraud... 1 The Cost of Fraud to Small

More information

Safeguarding Your Dealership from Fraud

Safeguarding Your Dealership from Fraud Safeguarding Your Dealership from Fraud Fraud continues to be a problem at dealerships and the risks are only getting greater. Today s fraud schemes are more elaborate than ever and often employ an astonishingly

More information

Marco Polo Card User Guide

Marco Polo Card User Guide Marco Polo Card User Guide Catalogue 1. About Marco Polo Card... 2 2. Card Usage... 3 Card Activation... 3 SMS Functions... 3 Card Login... 4 View Account Details... 5 View Transaction History... 6 Edit

More information

security FRAUD PREVENTION Business Checklist Safeguard your money, your credit and your good name.

security FRAUD PREVENTION Business Checklist Safeguard your money, your credit and your good name. security FRAUD PREVENTION Business Checklist Safeguard your money, your credit and your good name. Security for Your Business Mitigating risk is a daily reality for business owners, but you don t have

More information

Small Business FRAUD PREVENTION Manual

Small Business FRAUD PREVENTION Manual Small Business FRAUD PREVENTION Manual TABLE OF CONTENTS PREFACE... ix PART 1: INTERNAL FRAUD THREATS I. INTRODUCTION TO EMPLOYEE FRAUD The Shocking Cost of Employee Theft and Fraud... 1 The Cost of Fraud

More information

Payment Security: Attacks & Defences

Payment Security: Attacks & Defences Payment Security: Attacks & Defences Dr Steven J Murdoch University College London COMPGA03, 2014-12-02 UK fraud is going up again Chip & PIN deployment period Losses ( m) 0 50 100 150 200 250 300 Card

More information

The Dime Bank Security Tips

The Dime Bank Security Tips The Dime Bank Security Tips Debit Card Fraud The Dime Bank Debit MasterCard Chip Technology Beware of Unsolicited Phone Calls Are You a Safe Internet User? Information Security - Account Hijacking What

More information

Guide to credit card security

Guide to credit card security Contents Click on a title below to jump straight to that section. What is credit card fraud? Types of credit card fraud Current scams Keeping your card and card details safe Banking and shopping securely

More information

Donor Credit Card Security Policy

Donor Credit Card Security Policy Donor Credit Card Security Policy INTRODUCTION This document explains the Community Foundation of Northeast Alabama s credit card security requirements for donors as required by the Payment Card Industry

More information

PRODUCT DISCLOSURE SHEET

PRODUCT DISCLOSURE SHEET PRODUCT DISCLOSURE SHEET KINDLY READ THIS PRODUCT DISCLOSURE SHEET BEFORE YOU DECIDE TO TAKE UP ANY TUNE MONEY SDN BHD ( TUNE MONEY ) PREPAID CARD. PLEASE MAKE SURE YOU ALSO READ THE TERMS AND CONDITIONS

More information

A STUDY OF TWO-FACTOR AUTHENTICATION AGAINST ON-LINE IDENTITY THEFT

A STUDY OF TWO-FACTOR AUTHENTICATION AGAINST ON-LINE IDENTITY THEFT A STUDY OF TWO-FACTOR AUTHENTICATION AGAINST ON-LINE IDENTITY THEFT Seungjae Shin, Mississippi State University, 1000 HWY 19N Meridian MS 39307, sshin@meridian.msstate.edu, (601)484-0160 Jerry Cunningham,

More information

Identity Theft Victim s Complaint and Affidavit

Identity Theft Victim s Complaint and Affidavit Average time to complete: 10 minutes Identity Theft Victim s Complaint and Affidavit A voluntary form for filing a report with law enforcement, and disputes with credit reporting agencies and creditors

More information

WHAT IS CORPORATE ACCOUNT TAKEOVER? HOW DOES IT HAPPEN?

WHAT IS CORPORATE ACCOUNT TAKEOVER? HOW DOES IT HAPPEN? WHAT IS CORPORATE ACCOUNT TAKEOVER? Corporate Account Takeover (also referred to as CATO) is a type of fraud where criminals gain access to a business financial accounts to make unauthorized transactions.

More information

Seattle University Identity Theft Prevention Program. Purpose. Definitions

Seattle University Identity Theft Prevention Program. Purpose. Definitions Seattle University Identity Theft Prevention Program Purpose The purpose of the program is to establish an Identity Theft Prevention Program designed to detect, prevent and mitigate identity theft in connection

More information

PayCard and Payroll Best Practices Presenter: Brian Slowik. PayCard and Payroll Best Practices 1

PayCard and Payroll Best Practices Presenter: Brian Slowik. PayCard and Payroll Best Practices 1 PayCard and Payroll Best Practices Presenter: Brian Slowik PayCard and Payroll Best Practices 1 Agenda The Paycard Industry The Compass Principles and Guiding Values- CFSI Compass Guidelines to Payroll

More information

Protecting Your Business From Hackers

Protecting Your Business From Hackers Protecting Your Business From Hackers Technology Has Changed Real Estate Today, consumers have access to vast troves of information that enable them to make decisions faster than ever before Real estate

More information

Transaction Security Challenges & Solutions

Transaction Security Challenges & Solutions Transaction Security Challenges & Solutions A REPORT FROM NEWNET COMMUNICATION TECHNOLOGIES, LLC Copyright NewNet Communication Technologies, LLC. 700 East Butterfield Road, Suite 350, Lombard, IL 60148

More information

6 Vulnerabilities of the Retail Payment Ecosystem

6 Vulnerabilities of the Retail Payment Ecosystem 6 Vulnerabilities of the Retail Payment Ecosystem FINANCIAL INSTITUTION PAYMENT GATEWAY DATABASES POINT OF SALE POINT OF INTERACTION SOFTWARE VENDOR Table of Contents 4 7 8 11 12 14 16 18 Intercepting

More information

You can use your PIN to complete your purchases at point-of-sale and for ATM transactions.

You can use your PIN to complete your purchases at point-of-sale and for ATM transactions. Westpac Business Prepaid MasterCard FAQs General Questions Is the Business Prepaid card a credit card? No. The Business Prepaid card has funds loaded on it by your employer. You can use the Business Prepaid

More information

Ouachita Baptist University. Identity Theft Policy and Program

Ouachita Baptist University. Identity Theft Policy and Program Ouachita Baptist University Identity Theft Policy and Program Under the Federal Trade Commission s Red Flags Rule, Ouachita Baptist University is required to establish an Identity Theft Prevention Program

More information

Retail/Consumer Client Internet Banking Awareness and Education Program

Retail/Consumer Client Internet Banking Awareness and Education Program Retail/Consumer Client Internet Banking Table of Contents Securing Your Environment... 3 Unsolicited Client Contact... 3 Protecting Your Identity... 3 1) E-mail Risk... 3 2) Internet Risks... 4 3) Telephone

More information

Section 1: Assessment Information

Section 1: Assessment Information Section 1: Assessment Information Instructions for Submission This document must be completed as a declaration of the results of the merchant s self-assessment with the Payment Card Industry Data Security

More information

Voice Authorization QUICK REFERENCE GUIDE

Voice Authorization QUICK REFERENCE GUIDE QUICK REFERENCE GUIDE Voice Authorization Get credit card authorizations using any touch-tone telephone enter the authorization codes when your POS system is ready. Voice authorization systems allow you

More information

ISACA GEEK WEEK SECURITY MANAGEMENT TO ENTERPRISE RISK MANAGEMENT USING THE ISO FRAMEWORK AUGUST 19, 2015

ISACA GEEK WEEK SECURITY MANAGEMENT TO ENTERPRISE RISK MANAGEMENT USING THE ISO FRAMEWORK AUGUST 19, 2015 ISACA GEEK WEEK SECURITY MANAGEMENT TO ENTERPRISE RISK MANAGEMENT USING THE ISO 27001 FRAMEWORK AUGUST 19, 2015 Agenda Coalfire Overview Threat Landscape What is ISO Why ISO ISO Cycle Q&A 2 Presenters

More information

Credit Card Frauds Sept.08, 2016

Credit Card Frauds Sept.08, 2016 Credit Card Frauds Sept.08, 2016 Definitions Credit Card A card allowing the holder to purchasing goods or services on credit Debit Card A card allowing transfer of money from a bank a/c electronically

More information

Why you MUST protect your customer data

Why you MUST protect your customer data Why you MUST protect your customer data If you think you re exempt from compliance with customer data security and privacy laws because you re a small business, think again. Businesses of all sizes are

More information

CREDIT UNION NORTHERN IRELAND PREPAID CARD TERMS AND CONDITIONS BY USING THE PREPAID CARD YOU ARE AGREEING TO THESE TERMS AND CONDITIONS.

CREDIT UNION NORTHERN IRELAND PREPAID CARD TERMS AND CONDITIONS BY USING THE PREPAID CARD YOU ARE AGREEING TO THESE TERMS AND CONDITIONS. CREDIT UNION NORTHERN IRELAND PREPAID CARD TERMS AND CONDITIONS BY USING THE PREPAID CARD YOU ARE AGREEING TO THESE TERMS AND CONDITIONS. These terms and conditions apply to Your Prepaid Card. You must

More information

Oracle Banking Digital Experience

Oracle Banking Digital Experience Oracle Banking Digital Experience Islamic Banking Retail Accounts User Manual Release 17.1.0.0.0 Part No. E83887-01 March 2017 Islamic Banking Retail Accounts User Manual March 2017 Oracle Financial Services

More information

QNB Bank-ONLINE AGREEMENT

QNB Bank-ONLINE AGREEMENT This is an Agreement between you and QNB Bank ("QNB"). It explains the rules of your electronic access to your accounts through QNB Online. By using QNB-Online, you accept all the terms and conditions

More information

Protect Your Data the Way Banks Protect Your Money

Protect Your Data the Way Banks Protect Your Money Protect Your Data the Way Banks Protect Your Money A New Security Model Worth Understanding and Emulating Enterprise security traditionally relied on a fortress strategy that locked down user endpoints

More information

Stop in the name of EMV! Is merchant regulation breaking your heart? April 4, Amegy Bank, a division of ZB, N.A. Member FDIC

Stop in the name of EMV! Is merchant regulation breaking your heart? April 4, Amegy Bank, a division of ZB, N.A. Member FDIC Stop in the name of EMV! Is merchant regulation breaking your heart? April 4, 2017 Introductions Ana Chandler AVP, Treasury Management Sales Julie Fairbanks VP, Merchant Sales William (Bill) Rogers VP

More information

Panda Security 2010 Page 1

Panda Security 2010 Page 1 Panda Security 2010 Page 1 Executive Summary The malware economy is flourishing and affecting both consumers and businesses of all sizes. The reality is that cybercrime is growing exponentially in frequency

More information

TOP RISK CONCERNS MERCHANT DATA BREACHES. Presented by Ann Davidson, VP of Risk Consulting at Allied Solutions

TOP RISK CONCERNS MERCHANT DATA BREACHES. Presented by Ann Davidson, VP of Risk Consulting at Allied Solutions TOP RISK CONCERNS MERCHANT DATA BREACHES Presented by Ann Davidson, VP of Risk Consulting at Allied Solutions Today s Webinar Will Cover: Current state of merchant data breaches Impact of merchant data

More information

With certain types of prepaid account, you can do just about everything a traditional bank account allows you to do, including using your prepaid

With certain types of prepaid account, you can do just about everything a traditional bank account allows you to do, including using your prepaid With certain types of prepaid account, you can do just about everything a traditional bank account allows you to do, including using your prepaid card to shop in store and online. But the key is you cannot

More information

OTHER PEOPLE S MONEY: THE BASICS OF ASSET MISAPPROPRIATION (NO )

OTHER PEOPLE S MONEY: THE BASICS OF ASSET MISAPPROPRIATION (NO ) : THE BASICS OF ASSET MISAPPROPRIATION (NO. 99-5402) TABLE OF CONTENTS I. INTRODUCTION The Pervasive Threat of Employee Theft... 3 Asset Misappropriations... 5 ACFE s Occupational Fraud and Abuse Survey...

More information

Paying Employees by Paycard with JD Edwards EnterpriseOne Payroll O R A C L E W H I T E P A P E R J U L Y

Paying Employees by Paycard with JD Edwards EnterpriseOne Payroll O R A C L E W H I T E P A P E R J U L Y Paying Employees by Paycard with JD Edwards EnterpriseOne Payroll O R A C L E W H I T E P A P E R J U L Y 2 0 1 7 Table of Contents Introduction 1 Paycard Trends 1 About Paycards 2 How do Paycards Work?

More information

Newcomer Finances Toolkit. Fraud. Worksheets

Newcomer Finances Toolkit. Fraud. Worksheets Newcomer Finances Toolkit Fraud Worksheets Ottawa Community Loan Fund Fonds d emprunt Communautaire d Ottawa 22 O Meara St., Causeway Work Centre, Ottawa, ON K1Y 4N6 Tel: 613-594-3535 Fax: 613-594-8118

More information

Westpac Credit cards. Prepaid Cards

Westpac Credit cards. Prepaid Cards Westpac Credit cards Prepaid Cards As at 1 July 2017 Whether you re planning on sending money overseas or you just want a simple way to buy things online or around the world, we have a card to help you.

More information

FAQ S About Unicâmbio Prepaid Card

FAQ S About Unicâmbio Prepaid Card FAQ S About Unicâmbio Prepaid Card What are the advantages of the Unicâmbio Prepaid Card when compared with a credit or debit card? Security. It is common knowledge that the risks of credit and debit cards

More information

Site Data Protection (SDP) Program Update

Site Data Protection (SDP) Program Update Advanced Payments October 9, 2006 Site Data Protection (SDP) Program Update Agenda Security Landscape PCI Security Standards Council SDP Program October 9, 2006 SDP Program Update 2 Security Landscape

More information

These terms and conditions apply to your Prepaid Card. You must read them carefully. In these terms and conditions: -

These terms and conditions apply to your Prepaid Card. You must read them carefully. In these terms and conditions: - These terms and conditions apply to your Prepaid Card. You must read them carefully. In these terms and conditions: - Authorised Cardholder means the person you have authorised to use a prepaid card connected

More information

NOT PROTECTIVELY MARKED PHISHING. July 2016

NOT PROTECTIVELY MARKED PHISHING. July 2016 - PHISHING July 2016 1 Introduction: The purpose of this document is to provide an analysis of the most prevalent trends and characteristics of phishing campaigns in the UK in July 2016. The analysis is

More information

Navigating the PCI DSS Challenge. 29 April 2011

Navigating the PCI DSS Challenge. 29 April 2011 Navigating the PCI DSS Challenge 29 April 2011 Agenda 1. Overview of Threat and Compliance Landscape 2. Introduction to the PCI Security Standards 3. Payment Brand Compliance Programs 4. PCI DSS Scope

More information

Oracle Banking Digital Experience

Oracle Banking Digital Experience Oracle Banking Digital Experience Retail Accounts User Manual Release 18.1.0.0.0 Part No. E92727-01 January 2018 Retail Accounts User Manual January 2018 Oracle Financial Services Software Limited Oracle

More information

Oracle Banking Digital Experience

Oracle Banking Digital Experience Oracle Banking Digital Experience Islamic Banking Retail Accounts User Manual Release 17.2.0.0.0 Part No. E88573-01 July 2017 Islamic Banking Retail Accounts User Manual July 2017 Oracle Financial Services

More information

Credit Union Cyber Crisis: Gaining Awareness and Combatting Cyber Threats Without Breaking the Bank

Credit Union Cyber Crisis: Gaining Awareness and Combatting Cyber Threats Without Breaking the Bank Credit Union Cyber Crisis: Gaining Awareness and Combatting Cyber Threats Without Breaking the Bank Introduction The 6,331 credit unions in the United States face a unique challenge when it comes to cybersecurity.

More information

University of North Texas System Administration Identity Theft Prevention Program

University of North Texas System Administration Identity Theft Prevention Program University of North Texas System Administration Identity Theft Prevention Program I. Purpose of the Identity Theft Prevention Program The Federal Trade Commission ( FTC ) requires certain entities, including

More information

XPERIENCE PROGRAM GENERAL QUESTIONS

XPERIENCE PROGRAM GENERAL QUESTIONS XPERIENCE PROGRAM GENERAL QUESTIONS CURRENT XPERIENCE PROGRAM? The current Xperience Program allows you to access an instant amount off of a qualifying treatment through a Mastercard Virtual Account. This

More information

Cybersecurity The Evolving Landscape

Cybersecurity The Evolving Landscape Cybersecurity The Evolving Landscape 1 Presenter Zach Shelton, CISA Principal DHG IT Advisory Zach.Shelton@DHG.com Raleigh, NC 14+ years of experience in IT Consulting 11+ years of experience with DHG

More information

TRANSCORP INTERNATIONAL LTD. FAQs: TRANSCORP PREPAID CARD. It can be used for Shopping Outlets, online portals and for cash withdrawal at ATMs.

TRANSCORP INTERNATIONAL LTD. FAQs: TRANSCORP PREPAID CARD. It can be used for Shopping Outlets, online portals and for cash withdrawal at ATMs. TRANSCORP INTERNATIONAL LTD FAQs: TRANSCORP PREPAID CARD Prepaid Reloadable Card Q. What is a TRANSCORP Reloadable Prepaid Card? Transcorp Prepaid Reloadable Card is a Rupee denominated magnetic strip

More information

How to Catch a Thief. Trends & Technologies in the Fight Against Fraud. Rohan Langley SAS

How to Catch a Thief. Trends & Technologies in the Fight Against Fraud. Rohan Langley SAS How to Catch a Thief Trends & Technologies in the Fight Against Fraud Rohan Langley SAS Global Drivers & Challenges: The Changing Fraud Landscape Fixing Fraud: A Fraud Solution A Real World Example: Online

More information

About MagTek. PIN Entry & Management

About MagTek. PIN Entry & Management About MagTek Since 1972, MagTek has been a leading manufacturer of electronic devices and systems for the reliable issuance, reading, transmission and security of cards, checks, PINs and other identification

More information

Oracle Banking Digital Experience

Oracle Banking Digital Experience Oracle Banking Digital Experience Retail Accounts User Manual Release 17.2.0.0.0 Part No. E88573-01 July 2017 Retail Accounts User Manual July 2017 Oracle Financial Services Software Limited Oracle Park

More information

Action Fraud & the NFIB. DS Martina MCGRILLEN

Action Fraud & the NFIB. DS Martina MCGRILLEN Action Fraud & the NFIB DS Martina MCGRILLEN 2006 - The Attorney General and Chief Secretary to the Treasury s Fraud Review 2009 - The development of Action Fraud and the NFIB 2014 - The transition of

More information

Best Practices Guide to Electronic Banking

Best Practices Guide to Electronic Banking Best Practices Guide to Electronic Banking City Bank & Trust Company offers a variety of services to our customers. As these services have evolved over time, a much higher percentage of customers have

More information

Processing Payments Securely in the Digital World

Processing Payments Securely in the Digital World Processing Payments Securely in the Digital World Frank J. Leone, SVP, CTP Treasury Management Capital One Bank Mark Kemen Senior Business Analyst & Project Manager Cincinnati Bell William Cohn Head of

More information

Getting it right. Fiona Duncan Head of Prepaid Centre of Excellence Visa Europe. Information Classification as Needed

Getting it right. Fiona Duncan Head of Prepaid Centre of Excellence Visa Europe. Information Classification as Needed Getting it right Fiona Duncan Head of Prepaid Centre of Excellence Visa Europe For Visa Member Use Only This information is not intended, and should not be construed, as an offer to sell, or as a solicitation

More information

Security+ Guide to Network Security Fundamentals, Fourth Edition. Chapter 1 Introduction to Security

Security+ Guide to Network Security Fundamentals, Fourth Edition. Chapter 1 Introduction to Security Security+ Guide to Network Security Fundamentals, Fourth Edition Chapter 1 Introduction to Security Objectives Describe the challenges of securing information Define information security and explain why

More information

Security Awareness. Chapter 2 Personal Security

Security Awareness. Chapter 2 Personal Security Security Awareness Chapter 2 Personal Security Objectives After completing this chapter, you should be able to do the following: Define what makes a weak password Describe the attacks against passwords

More information

Business Online Banking & Bill Pay Guide to Getting Started

Business Online Banking & Bill Pay Guide to Getting Started Business Online Banking & Bill Pay Guide to Getting Started What s Inside Contents Security at Vectra Bank... 4 Getting Started Online... 5 Welcome to Vectra Bank Business Online Banking. Whether you re

More information