Combating Fraud with Transaction Analytics
With all of the recent retailer data breaches, card-related fraud is clearly top-of-mind for financial institutions. How can institutions identify potentially fraudulent activity and use that data to take proactive steps to mitigate risk, minimize financial impact and retain their customers?
The answer: transaction analytics, which enables financial institutions to analyze their customers’ detailed transaction data over time to gain an understanding of customers’ purchasing patterns and behaviors. Armed with this knowledge, institutions can obtain the insights necessary to identify potentially fraudulent activity and evaluate the impact of a breach on their customers and their own organizations – as well as take measures to better manage the risk and minimize the consequences of fraud.
Here are some real-world scenarios and corresponding recommendations:
You know your organization has an unusually high number of cards that have experienced fraud – what are the next steps? You can leverage transaction analytics to review the transactions performed by the group of fraudulent cards to find commonalities and ultimately a common point of compromise. In many instances, this provides insight into a small/local data breach that has not hit the radar of the networks or other fraud organizations. Once you determine the likely point of compromise, you can again analyze your transaction data to look for other customers that may have also been exposed and take the appropriate mitigation steps.
A retailer has experienced a data breach – what do you do now? Once learning of a retailer breach, you can use transaction analytics to identify transactions from that merchant over a specified period of time to determine which customers’ cards were potentially compromised and use that insight to determine the best course of action to reduce the impact on your customers and institution.
You have identified potentially compromised cards – do you re-issue or aggressively monitor? Once you have analyzed transactions and determined likely impacted cards, you can use analytics to determine customers’ cards that you will monitor only and customers’ cards that you will monitor while issuing new cards based on a variety of factors. Those may include expiration date, issue date, VIP status, historical transactional behavior, value to the institution, etc. This helps to control the level of exposure while minimizing the inconvenience to your customers.
To see how this could work for your institution, consider the following real-world example of how an institution used transaction analytics after the Target data breach to act quickly and protect its cardholder customers – a day before press were starting to cover the news of the breach and the institution began receiving notification about cards that were compromised.
This institution learned of the data breach through blog postings, Web chatter and security forums on December 18. That afternoon, using its transaction analytics solution, it was able to quickly identify all of its cards that were used in Target brick-and-mortar stores during the breach period. That evening, it instituted new fraud detection rules and began monitoring spending patterns for the impacted cards. Also, the following morning, in addition to posting a general message on its website letting customers know that there was a possible Target breach, it was able to alert impacted cardholders via targeted messaging delivered within their online banking session, email and direct mail. All of these activities were complete or underway as the press were just starting to cover the news of the breach and as the institution began receiving notification from Visa about cards that were compromised.
The result: By leveraging its transaction analytics solution, this institution experienced less than $2,000 in fraud losses on over 10,000 impacted cards and improved overall customer satisfaction. Consider that the institution had numerous customers reach out to compliment it for the steps it took to protect them following the Target breach. It’s not often that customers proactively contact a financial institution to sing its praises in a situation like this!
This example clearly demonstrates the power that transaction analytics can have on reducing the impact of fraud for both financial institutions and their customers.