Fraud & Risk Analysis Keeps Credit Unions One Step Ahead

Keeping one step ahead of credit card fraudsters is a priority objective at Vermont State Employees Credit Union. Here’s how the Montpelier credit union collaborated with card processor TMG to protect its 30,000 cardholding members.

 

By The Members Group

 

Vermont State Employees Credit Union (VSECU) is among the most aggressive financial institutions in the U.S. when it comes to protecting its members against fraud. As such, TMG hand-picked the credit union to test its newly launched Fraud & Risk Analysis program in the summer of 2008.

With nearly 30,000 cardholding members, VSECU must take a proactive stance to reduce fraud. "On a daily basis, we are monitoring card activity, reviewing fraud forums for new developments, implementing new strategies, updating our Website and communicating changes to members," said Victoria Boudreault, VSECU's deposit operations manager.

Mining the Data

TMG began by digging into one-year's worth of VSECU's credit and debit fraud cases and compiled a detailed analysis, reporting when, where and how VSECU's member accounts were compromised. Because the analysis covered a period of time during which a large data breach at a supermarket chain impacted hundreds of VSECU's accounts, TMG was careful to isolate fraud related to the breach so that VSECU had the most clear picture of its fraud situation as possible.

Analysis found that the number-one fraud type reported for VSECU was card present fraud, which accounted for more than 60 percent of all cases. Cards swiped and account numbers keyed in by fraudsters or unsuspecting merchants had the largest impact on the credit union in terms of total dollars lost. Geographically, VSECU's fraud cases originated domestically 94 percent of the time.

Next the data was compared to similar credit unions, as well as to those credit unions that are clients of TMG. What they found were several similarities, such as a heavy occurrence of fraud in California. However, some patterns were unique to VSECU, like the fraud in Italy, the country leading in VSECU’s international fraud cases.

The company went beyond reporting what had occurred and used the data mined to suggest enhanced fraud strategies. Supporting their suggestions was TMG's Falcon system Estimator, a tool allowing analysts to simulate a particular strategy to see how, if implemented, it would likely perform over a 10-day period.

Pinpointing the Right Strategy

One of the first suggestions made was to adjust the fraud score qualifier in VSECU’s lost/stolen strategy. Based on Falcon's neural network scoring technology, the fraud score assesses the fraud probability of transactions and ranges from 0 (fraud not likely) to 999 (fraud likely). The fraud score alone does not affect the processing of the authorization request. However, as a parameter in a strategy, a fraud score can impact the authorization and the queue in which the transaction is placed for analysis.

VSECU's existing lost/stolen strategy called for all transactions with a fraud score of 600 or greater to be approved but queued for analysis. It was recommended that VSECU maintain its approve/queue action for all scores between 600 and 979, but change its strategy so that all scores above 980 would trigger a decline/queue action.

According to Karen Postma, TMG's cards risk senior manager, the changes recommended to VSECU combined high fraud-prevention with minimal member impact.

"It's important to TMG that our credit union clients be able to modify their existing strategies in a way that is completely transparent to members," said Postma. "We are skilled in our ability to carve out exactly the strategies that will decrease fraud without sacrificing interchange income or disrupting the cardholder experience."

VSECU's Boudreault shares Postma's prioritization of member experience. "We've worked very hard to implement strategies in a way that is mindful of our members. During the TMG analysis, we gave a lot of thought to the dollar amounts that would trigger a protection response. When geography was a factor, we ran lists of our members to see where they lived, worked and traveled. We continue to educate our members on keeping us involved in their travel plans so we can make adjustments to the strategies on an as-needed basis."

Strategies Recommended to VSECU

Because approving authorizations for true cardholders was a priority, the company needed to be careful when working to prevent fraud in California. Because VSECU's California fraud transactions closely resembled legitimate cardholder spending patterns, analysis turned to more intensive Falcon strategies, namely interval violations.

  • Interval violations measure the speed between transactions during a 48-hour period. They are extremely effective at stopping fraudsters who use stolen cards as quickly as possible before the account is closed. It was recommended that VSECU add a strategy incorporating interval violation flags for the top five merchant codes where cards were swiped. For VSECU, this top five was composed of pay-at-pumps, supermarkets, service stations, department stores and discount stores.
  • TMG is alerted to new fraudsters every day in the form of merchant probes. As such, the company recommended several new merchant numbers for VSECU's existing merchant block strategy and ran the Estimator program to test the effectiveness of adding the new codes. Two Estimator tests -- ran both before and after the suggested strategies were put in place -- predicted TMG's beefed-up merchant block strategy would have declined several fraudulent transactions, potentially saving the credit union nearly $20,000.
  • Enhancing VSECU's country block strategy was another recommendation. Because the industry considers Japan high in fraud activity, TMG recommended that VSECU add this country to VSECU's current blocked countries (Taiwan, Malaysia and Thailand). An ATM merchant category code was also recommended as an addition to the strategy, as TMG's analysis revealed that ATM activity had the greatest impact on VSECU's portfolio. In addition, the velocity amount was suggested to be set at $250 to allow for minimal impact on cardholders traveling to blocked countries.

Stopping the Fraudsters Cold

Of the strategies recommended, Boudreault believes the merchant block strategy has had the largest impact on the credit union’s ability to prevent fraud.

"We add to the merchant block strategy weekly," said Boudreault. "Our goal is to stay one step ahead of the perpetrators, and this strategy really helps us do that."

VSECU has implemented each of the strategies TMG recommended and reports that the methods are extremely effective. "Working in tandem with TMG. we are stopping fraudsters cold," said Boudreault.

This sponsored content article is provided to the credit union community for shared insights and knowledge from a recognized solutions provider in the industry. Please note that the views and opinions offered here do not reflect those of Callahan & Associates, and Callahan does not endorse vendors or the solutions they offer.

If you are interested in contributing an article on CreditUnions.com, please contact our Callahan Media team at ads@creditunions.com or 1-800-446-7453.

 

May 11, 2009


Comments

 
 
 
  • But if you don't keep non top of it, you WILL get hit. Solutions are fine, but people monitoring it are key.
    Anonymous
     
     
     
  • The success of our credit union partners is very important to us. We work with our clients to set fraud parameters and monitor activity on a daily basis. To our client who posted the message, we’d like to help you resolve these issues. Please contact us at your convenience.
    Georgann Smith, Director of Marketing & Communications
     
     
     
  • There really is no such thing as "stopping fraudsters cold". That is an uninformed, and very dangerous position.
    Anonymous
     
     
     
  • Larger losses occur at pay at pump gas stations where the authorization for $1.00 is sent for approval and does not trigger a higher fraud score, no matter how many times the card is swiped in a short period of time. Our credit union lost almost $3,000 through TMG fraud monitoring miss of this 'hole' in their fraud monitoring system.
    Anonymous
     
     
     
 
Advertisement