Fraud Detection in Banking – Part1

Fraud Management

Financial organizations around the globe lose approximately 5 percent of annual reve­nue to fraud, and while direct losses due to fraud are staggering in dollar amounts, the actual cost is much higher in terms of loss of productivity and loss of customer confidence (and possible attrition), not to mention losses due to fraud that goes undetected.

To detect fraudulent activity, many banks use transaction monitoring systems – often homegrown, niche software that requires manual intervention. Still, traditional systems can work well for detecting individual real-time, point-of-sale fraud. But that’s only one slice of the fraud pie and not the biggest slice, either. Few banks have strong, enterprise-wide fraud management programs that can correlate a customer’s behavior across all contact channels and products to identify “bust-out” scenarios, social networks and cross-channel fraud.

In near future, the pervasive plans for new fraud prevention will include stronger caller authentication for customers that phone call centers; enterprise fraud detection that manages fraud across customer channels and accounts; and a case management system for managing fraud. This would lead to better protection against fraud at the point and time of transaction, and more accurate detection of incidents of fraud in completed transactions.

Driven by metadata, all records are exhaustively linked based on combinations of attributes within the data. Then, using statistical techniques, common entities are identified and collapsed to produce single views of entities within networks. Discrete, bounded networks within the data are also generated, representing statistically relevant groups of activities and relationships.

New generation banking fraud system goes beyond the typical customer view to provide a holistic view of fraudulent activity – including related perpetrators and unrelated channels – and enables a much deeper understanding of customer behavior. Each transaction – account opening, ATM access, an online banking transaction, call center encounter, etc. – is passed through a set of rules and predictive models.

In real time, the system checks transaction activity against vast, enterprise-wide intelligence about the customer and potentially suspicious behavior. Is this an unusually large deposit for this individual? Is this account linked to another account known to be in a suspected fraud ring? Does this entity holds multiple accounts or similar identities in unusual ways?

Within milliseconds (for most transactions), the system delivers a score that accurately predicts fraudulent activity – within, or across channels. Even though the system can operate on billions of records, this transaction monitoring doesn’t bog down real-time decision making and authorization. Every night fraud detection system would run a batch process of existing customer accounts to detect and investigate existing fraud as well as prevent new fraud. The system parses the data and creates a complete update of all account holders and their key links.

An advanced scoring engine uses independent and combined scores based on three core paradigms:

• Application scoring based on scorecard-driven models and text analysis.

• Scoring of individual customers and their full histories.

• Scoring of associated networks, including behavioral data (transaction patterns, network growth rates, activity levels) and other data provided (current/previous addresses, contact numbers, employers).

A hybrid approach combines basic business rules with advanced analytics and social networking. The combination of assessment techniques enables extremely robust fraud detection, whether fraud patterns are known or unknown, and complex.

Types of fraud and financial crimes in banking are

Card Fraud

Banks are under pressure to detect and prevent card related fraud losses at the point-of-sale without sacrificing customer service, loyalty, and retention.

Card related fraud types are:


This type of fraud occurs when a person falsifies an application to acquire a credit card. Application fraud can be committed in three ways:

Assumed identity, where an individual illegally obtains personal information of another individual and opens accounts in his or her name, using partially legitimate information.
Financial fraud, where an individual provides false information about his or her financial status to acquire credit.


A card is lost/stolen when a legitimate account holder receives a card and loses it or someone steals the card for criminal purposes.


This type of fraud occurs when a fraudster illegally obtains a valid customers’ personal information. The fraudster takes control of (takeover) a legitimate account by either providing the customers account number or the card number.


The creation of counterfeit cards, together with lost / stolen cards pose highest threat in credit card frauds. Fraudsters are constantly finding new and more innovative ways to create counterfeit cards. Some of the techniques used for creating false and counterfeit cards are 1.) Erasing the magnetic strip, 2. Creating a fake card, 3.) Altering card details

4. Skimming (a process where genuine data on a card’s magnetic stripe is electronically copied onto another).

Merchant Related Frauds

Merchant related frauds are initiated either by owners of the merchant establishment or their employees. The types of frauds initiated by merchants are described below:


This type of fraud occurs when merchant owners and/or their employees conspire to commit fraud using their customers’ (cardholder) accounts and/or personal information. Merchant owners and/or their employees pass on the information about cardholders to fraudsters.


The fraudster in this type of fraud operates from a web site. Goods are offered at heavily discounted rates and are also shipped before payment. The fraudulent site appears to be a legitimate auction or a traditional sales site. The customer while placing orders online provides information such as name, address and valid credit card details to the site. Once fraudsters receive these details, they order goods from a legitimate site using stolen credit card details. The fraudster then goes on to purchase other goods using the credit card numbers of the customer.

Internet Related Frauds

The Internet has provided an ideal ground for fraudsters to commit credit card fraud in an easy manner. Fraudsters have recently begun to operate on a truly transnational level. With the expansion of trans-border or 'global' social, economic and political spaces, the internet has become a New World market, capturing consumers from most countries around the world. The most commonly used techniques in internet fraud are described below:

1. Site cloning: Site cloning is where fraudsters clone an entire site or just the pages from which you place your order. Customers have no reason to believe they are not dealing with the company that they wished to purchase goods or services from because the pages that they are viewing are identical to those of the real site. The cloned or spoofed site will receive these details and send the customer a receipt of the transaction via email just as the real company would. The consumer suspects nothing, whilst the fraudsters have all the details they need to commit credit card fraud.

2. False merchant sites: These sites often offer the customer an extremely cheap service. The site requests a customer’s complete credit card details such as name and address in return for access to the content of the site. Most of these sites claim to be free, but require a valid credit card number to verify an individual’s age. These sites are set up to accumulate as many credit card numbers as possible. The sites themselves never charge individuals for the services they provide. The sites are usually part of a larger criminal network that either uses the details it collects to raise revenues or sells valid credit card details to small fraudsters.

3. Credit card generators: Credit card number generators are computer programs that generate valid credit card numbers and expiry dates. These generators work by generating lists of credit card account numbers from a single account number.


With all the negative impacts of fraudulent credit card activities – financial and product losses, fines, loss of reputation, etc, and technological advancements in perpetrating fraud – it's easy for merchants to feel victimized and helpless. However, technological advancements in preventing fraud have started showing some promise to combat fraud.

Merchants and Acquirers & Issuers are creating innovative solutions to bring down on fraudulent transactions and lower merchant charge-back rates. One of the main challenges with fraud prevention is the long time lag between the time a fraudulent transaction occurs and the time when it gets detected, i.e., the cardholder initiates a charge-back. Analysis shows that the average lag between the transaction date and the charge-back notification could be as high as 72 days. This means that, if no fraud prevention is in place, one or more fraudsters could easily generate significant damage to a business before the affected stakeholders even realize the problem.

No Comments Yet.

Leave a comment