Under Attack! Threats to Deposit Accounts: an Interview with FICO Fraud Solutions

Formada Social

March 12, 2010

I had the opportunity to speak with Mike Urban, FICO Senior Director of Fraud Solutions, about how criminals are enhancing their margins in ATM and debit card fraud.

The trend towards ATM compromises is largely a result of increased point of sale security.  Criminals move to the weaker link, or the easiest approach, and ATMs are accessible 24/7 with no one to confront the person doing the tampering.  Criminals are focusing their efforts on compromising PINs and debit cards to increase their profit margins in card fraud.

Encrypted PIN pads have been forcing criminals to capture PINs on the other side of the PIN pad. The ingenuity going into devices on the front of ATMs can be seen in a January article from Krebs on Security.   The use of false fronts and pinhole cameras is hard to detect, even with a trained eye.

ATM compromises to obtain the unencrypted card track information have also been combined with alternative approaches to stealing PINs.  Criminals have devised several ways to compromise PINs beyond their traditional methods of video capture.  PINs can be compromised with ”spear phishing” or the newer SMS text message initiated version “SmiShing” or through other bank channels like online banking, telephone and automated voice response banking.  Much of these compromises start with a physical change to the facade of the ATM.

Every financial institution and ATM location needs a plan to prevent ATM tampering.  While bank ATMs are not immune to skimming, they are generally under surveillance and a less-attractive target for cyber-thieves than ATMs in convenience stores, gas stations, airports, etc.  FICO suggests the following precautions for ATM managers:

  • Have a plan that is reviewed with employees in associated departments and/or third parties
  • Adopt visual standards and keep a picture readily available to compare
  • Frequent inspection of ATM facades and and surrounds
  • Contact law enforcement if there is any evidence found
  • Increase inspections when there is a known threat, including after hours
  • Consider upgrading video surveillance
    • Image sent to 24 hr monitoring service with sound and voice
    • Identify changes in the image
    • Identify specific motions, sounds
    • Identify long time intervals for a single user
    • Link video to transaction

Working together, financial institutions are more likely to spot fraud.   Three opportunities for collaboration are recommended by FICO:

  1. The Fraud Alert Network Forum is a secure portal for financial institution, law enforcement and industry peer-to-peer collaboration www.FraudAlertNetwork.com – enables fraud characteristics and specific incidents sharing with the 6,000 plus registered users.
  2. FICO also supports an ATM photo resource guide to create a directory of participating financial institutions and their contacts that handle ATM photo requests; and
  3. Fraud Forum monthly calls are ideal for peer-to-peer communication.

FICO Fraud Solutions offers several products that can support financial institutions in detecting fraudulent debit transactions and/or compromised ATMs, including Falcon Fraud Manager, which although traditionally known for credit card transaction monitoring can be used for DDA and debit card transaction monitoring as well.

FICO has developed a specialized PIN debit model that ties cards across ATM and the debit network.   Transactions are scored relative to what is normal for a cardholder.  These cardholder profiles take a few weeks to mature in the model and then live forever to identify what is normal or abnormal behavior and score the risk of transactions across products.   Real time use of transaction scores enables transaction to be blocked before funds are removed from the deposit account.

For a white paper on Deposit Fraud see the FICO website here.

Based on our work with analytic and technology solution providers, Glenbrook believes Financial Institutions should work to optimize their detection models for PIN Debit and ATM transactions.   Having an enterprise perspective for fraud is helpful for data architecture and cross-channel attacks, but specific channel and product fraud experience is critical to successful fraud detection and reduction of false positives.  Financial institutions should also implement an ATM inspection plan working from photos to detect changes to the façade of the ATM.  The third equally important step in fighting criminals is to share compromise data across the industry.

These three steps will help combat fraud making it harder for criminals to make money from debit products and the ATM.  Early discovery will reduce the long-term, sustained losses possible in ATM and Debit fraud.

Recent Payment Views

Payments Post #17: Cutting Costs

Payments Post #17: Cutting Costs

In this Payments Post, we discuss the DOJ bringing a lawsuit against Visa that alleges the company operates an illegal monopoly in the debit card space. Does the argument have merit in our non-legal minds? And if so, what could the DOJ’s move mean for an evolving payments landscape?

read more
Payments Post #17: Cutting Costs

Payments Post #16: The Apple Drops

It’s time for another edition of Payments Post and (surprise!) we’re thinking about the Visa Flexible Credential again. Now that Apple has plans to open up the NFC chip and Secure Element to third party developers, we’re scratching our heads. Who benefits from this newfound NFC access? What opportunities can fintechs unlock? How will conventional financial institutions react? And to tie it all back, does the VFC still matter?

read more
Payments Post #17: Cutting Costs

Payments Post #15: BNPL Battles

In this month’s Payments Post, we revisit the prime use case for Visa Flexible Credential (VFC): BNPL. How are buy now pay later providers positioning themselves in the current environment, how are consumers using their tools, and how are regulators and issuers responding?

read more

Glenbrook Payments Boot CampTM workshop

Register for the next Glenbrook Payments Boot Camp®

An intensive and comprehensive overview of the payments industry.

Train your Team

Customized, private Payments Boot CampsTM workshops tailored to meet your team’s unique needs.

OnDemand Modules

Recorded, one-hour videos covering a broad array of payments concepts.

GlenbrookTM Company Press

Comprehensive books that detail the systems and innovations shaping the payments industry.

Launch, improve & grow your payments business