A New Crime-Fighting Partnership Targets CNP Fraud

As much of our lives and our spending has gone online, the criminal’s life has become exponentially easier and the risks of getting caught exponentially smaller. If I can capture enough information about you through your naivety — such as getting you to respond to a phishing e-mail, or through your lack of risk awareness by capitalising on your lack of up-to-date anti-malware — then I can “borrow” your credentials and re-use them without you knowing for hours, days, sometimes weeks or even months. And the chance of the trail leading back to me? Miniscule!

FICO is the longest established and most respected defence against credit card fraud, with more than two-thirds of the world’s credit card payments protected by FICO® Falcon® Fraud Manager, which evaluates every card transaction in speeds faster than the blink of an eye. Despite Falcon’s success, though, some fraudulent transactions – and especially those where the criminal has harvested enough data to successfully create spoof transactions appearing to come from the legitimate cardholder in a Card Not Present context – continue to “slip the net”. This could, of course, be redressed by a bank taking a more sceptical and assertive stance against CNP transactions, but none of us want to see our genuine e-commerce transactions declined because of an over-zealous bank.

So if the criminals are finding it easy to steal our details and pretend to be us, and we do not want to be inconvenienced by erroneous transaction declines, what is the solution?

We have found the way to improve the odds for the customer whilst frustrating the criminals through teaming up with Ethoca, a company that has grown quickly to offer the most comprehensive collaboration solution between card issuers and CNP merchants worldwide. Here’s how this works:

• A transaction that Falcon scores as a high fraud risk, upon confirmation of fraud by the consumer, is routed directly to the Ethoca Global Collaboration Network.
• Ethoca forwards this on to their wealth of almost 200,000 subscribing merchant descriptors, including the vast majority of the top brands that we all use on the internet from day-to-day.
• The speed of advice, or “Ethoca Alerts” as it is known, allows a merchant to intercede in the transaction fulfilment in a manner which legacy Card Scheme Operating Regulations, such as chargebacks, could never facilitate.
• In many instances, this can stop the criminal gaining access to any value by preventing the provision of goods or services or revoking digital permissions, whilst erasing the transaction or effecting a timely refund.
• The customer is not inconvenienced in the way of traditional recovery methods, the bank and the merchant are not dogged by high levels of processing overheads associated with chargeback activity, and the criminal emerges empty handed. 1-0 to the good guys!

When crime doesn’t pay, the criminal moves on to easier targets with greater chance of success and therefore the partnership between FICO and Ethoca effectively drives nefarious activity away from those card-issuing banks that take up the facility and toward those who do not have such a comprehensive fraud protection solution. It’s like connecting a new, working alarm to your house to protect it — the criminal is dissuaded from taking the chance of being detected and interrupted before emerging with value.

Regulators and crime-fighting professionals the world over have often talked of the need for all parties to act collaboratively in protecting and defending against thieves. This is truly a milestone in that collective fight, whilst also opening up a wealth of other opportunities to all parties in the payment value chain, because of the speed and extent of collective engagement. As with all good collaboration therefore, one good initiative will undoubtedly be followed by many others as, together, FICO and Ethoca bolster the Card Not Present defensive armoury.