Presenter: Dennis Pope Executive Manager Merchant Fraud, Compliance & Chargebacks National Australia Bank (NAB) Ph: Mob:

Slides:



Advertisements
Similar presentations
Weighing the Risks and Benefits of Online Financial Transactions
Advertisements

Identity theft Protecting your credit identity. Identity Theft Three hundred forty three million was lost from consumers in 2002 The number of complaints.
Session 4: Data Privacy and Fraud Moderator: Bill Houck, Director, Risk Management, UATP Panelist: Peter Warner, EVP, Retail Decisions Cherie Lauretta,
MURC Purchase Card (P-Card). Policy & Procedure Manual Read thoroughly Covers most questions P-cards are a privilege that may be revoked for violations.
CARIBBEAN CREDIT CARD CORPORATION LTD.
Limiting Exposure to Fraudulent Transactions & What to do if you suspect fraud Facilitator: Janiere Frank Fraud & Compliance Analyst June 16, 2011.
Zenith Visa Web Acquiring A quick over view. Web Acquiring Allows merchants to receive payments for goods and services through the Internet Allows customers.
Credit Card Fraud The Scale of the Problem Michael Moore Regional Security & Fraud Investigation Manager 14 – 17 Nov 2005 Security & Safety – Middle East.
1. 2 Someone steals your personal information to commit fraud. A “buy now, pay never” shopping experience. What is Identity Theft?
CARD ACCEPTANCE PROCEDURES Facilitator: Kristy A Stanley Fraud and Compliance Officer June
Chapter 19 Protecting E-Commerce systems. Is IT different? There is some discussion that IT today is no different than past enabling technologies Telegraph.
Uniqueness of user names is enforced Customer information logged to database Require contact information as well as address address will.
PAYMENT WITH A DEBIT-CARD Merchant swipes debit card Debit rather than credit transaction like credit card.
FINANCIAL SOCCER Module 3 Credit, debit and prepaid cards Collect a quiz and worksheet from your teacher.
Corporate Purchasing Card Enhanced Reporting January 2015 Web Version 1.
Electronic Payment Systems University of Palestine University of Palestine Eng. Wisam Zaqoot Eng. Wisam Zaqoot March 2010 March 2010 ITSS 4201 Internet.
EFTPOS and credit Card payments Jana Skriveris Line 4 Due: 14 th Nov Business Admin.
Cyber crime on the rise. Recent cyber attacks How it happens? Distributed denial of service Whaling Rootkits Keyloggers Trojan horses Botnets Worms Viruses.
3.1.G1 © Family Economics & Financial Education – Revised October 2004 – Consumer Protection Unit – Identity Theft Funded by a grant from Take Charge America,
Identity Theft  IDENTITY THEFT occurs when someone wrongfully acquires and uses a consumer’s personal identification, credit, or account information.
E-commerce Vocabulary Terms. E-commerce Buying and selling of goods, services, or information via World Wide Web, , or other pathways on the Internet.
E-commerce Vocabulary Terms By: Laura Kinchen. Buying and selling of goods, services, or information via World Wide Web, , or other pathways on the.
IDENTITY THEFT. Illegally obtaining personal information such as name, social security, drivers license, or mothers maiden name, address, bank/credit.
CRC Energy Efficiency Scheme Complying and Reporting Requirements 2012 and rest of Phase 1 Dr Hugh McGinn NIEA ANTRIM CIVIC CENTRE Tuesday 15th May 2012.
Controlling Fraud Risk Exposure and Loss Sherri Goodman Director of Fraud Operations September 22, 2005.
Business Administration term project 2 (25%) financial Management Systems Debit card and credit card payments By Ashleigh Gray.
Available from BankersOnline.com/tools 1 FACT ACT RED FLAG GUIDELINES.
e-Learning Module Credit/Debit Payment Card Acceptance and Security
Identity Theft: Prepare and Protect Yourself. What is Identity Theft? Identity theft occurs when someone uses your personal information, without your.
BUSINESS CLARITY ™ PCI – The Pathway to Compliance.
Checking & Savings Accounts Economics What is a Checking Account?  Common financial service used by many consumers (a place to keep money)  Funds.
T O S H I B AT O S H I B A Fraud & Disputes – Know Who You Are Trading With.
Step 2 – Register a Card To register a UR Card, you can send an to or fill out the registration form at one of our awesome
How to Manage Risk. This is the process involves the process for any application from a: Individual Cardholder Company or Corporate cards Merchants Any.
Trusted source for all your payment processing needs.
Commercial Card Expense Reporting (CCER) The Trustees of Roanoke College An internet solution Accessed via Wells Fargo’s secure Commercial Electronic Office.
CNP Fraud. Occurs when a fraudster falsifies an application to acquire a credit card using an individual’s personal information. (Eg: postal intercept)
Commercial Card Expense Reporting (CCER) The Trustees of Roanoke College An internet solution Accessed via Wells Fargo’s secure Commercial Electronic Office.
Fraud Procedures Tips for Mitigation Fraud Case Process.
2016 FRAUD.
Protecting Your Assets By Preventing Identity Theft
Presented By: Mark Jordan
Presented by: Assistant Superintendent Debra Thompson
Card fraud in Hungary (case study ) and MON™ fraud prevention system
Regular Payments First and Subsequent Payments
Gift Card Risk Mitigation – Presentation A
Electronic/Online Banking & Bill Pay
M-COMMERCE.
Own Your Identity.
UGA Extension Credit Card Processing Training
Checking Account & Debit Card Simulation
Switchover from Teledeposit to VIRTUAL TERMINAL Moneris Solutions
Red Flags Rule An Introduction County College of Morris
Welcome To Money pad November 23, 2018 Sample footer.
UCO BANK HONOURS YOUR TRUST
Own Your Identity.
Fraud Prevention.
Protecting Yourself from Fraud including Identity Theft
What is BankMobile? A process to select how to receive student refunds and student payroll payments It is fast, secure, and convenient. Go to:
Protecting Your Identity
Take Charge of Your Finances
Protecting Yourself from Fraud including Identity Theft
Clemson University Red Flags Rule Training
Wissam Maroun- CAMS Head Of Compliance- BBAC S.A.L
Protecting Your Credit Identity
Product Training Credit Cards
Ski Clubs and E-Commerce
Citi Commercial Cards – Fraud Early Warning
Wolves of the Internet: Where do fraudsters hunt for data online?
Presentation transcript:

Presenter: Dennis Pope Executive Manager Merchant Fraud, Compliance & Chargebacks National Australia Bank (NAB) Ph: 03 8697 6627 Mob: 0411 248 558 Email: Dennis.Pope@nab.com.au

How is NAB Supporting its Merchants? Merchant Fraud Team - our aim is to assist merchants through the use of sophisticated fraud tools and pro-active merchant education in fraud detection and prevention, to help minimise the risk of merchants being exposed to such fraud losses. ‘Pro-active Risk Manager’ or PRM - monitors irregular trading patterns. When a Transaction occurs outside the normal trading behaviour of a merchant and or meets a ‘rule’ criteria the transaction will alert to a team member for assessment and follow up. In many instances, the use of PRM has resulted in the NAB alerting a merchant to the use of counterfeit cards or other fraudulent activity in a real time environment and resulting in a saving to the merchant.

NAB Fraud Education February 2007 Nab released it’s new look education material and a revised Merchant Agreement. The documents work in conjunction with each other and are now distributed to all new merchants to the NAB at sign up. The Merchant Fraud Education Pack contains a DVD and reference booklet along with a card security features poster. Education is also provided in the form of statement messages and the NAB Talking Shop Magazine issued each quarter. Educational seminars are also held in conjunction with the Card Schemes for merchants and members of Law Enforcement.

How Can Card Data Be Compromised ? Lost/Stolen Fraudsters steal a cardholder’s card from wallets or via the mail. If stolen via the mail they may sign the cards with their own signature and in some instances provide fake ID with the transaction that matches the card. Alternatively they may skim the card and create a counterfeit card with new identity details i.e.: change cardholder name.

Skimming What is Skimming? The contents of the magnetic stripe of a genuine card are read with an electronic device or via bluetooth and recorded. The information is then encoded onto the magnetic stripe of another card either stolen or counterfeit.

Counterfeit Cards Factories Creating Counterfeit Cards

Card Number Generation Fraudsters have developed programs to generate card numbers using only the BIN (first 6 digits) of any card. Card numbers are tested by processing transactions via websites, which is commonly known as a BIN attack. Fraudsters do not know if the card numbers are valid or if they have not been blocked nor do they know the expiry dates on the cards. BIN attacks can be identified as they will utilise smaller ticket sizes, there will be a large number of declines and the transactions will usually be within seconds of each other. Information obtained via skimming devices or via data compromises may also be tested in the same way however in these instances, BIN’s and card numbers may differ from transaction to transaction.

Data Compromise Information held on databases or payment gateways that is not protected or encrypted may be accessed by hackers. Information such as card details, names, addresses, expiry dates and possibly CVV2 data may be stolen possibly allowing an identity takeover. This information is usually then on sold via hacker websites, via auction sites, the black market or in person. How the information is then used is dependant on the quality and amount of information obtained. For this reason the Payment Card Industry Data Security Standard (PCI DSS) has been introduced to restrict the type of information stored and to ensure that cardholder data is protected.

Card Acceptance Card Present - typically these transactions are face-to-face where the customer presents a card and the card and transaction details are captured either electronically by ‘swiping’ the card or by the use of a manual imprinter. Card NOT Present - these transactions are generally non face-to-face transactions such as Mail Order / Telephone Order ( MOTO) and Internet transactions. Fallback/Offline Transactions - are transactions that are processed when the terminal is not communicating with the Bank i.e.: Technical failure

Acceptance Risk

Recent Fraud Trends Email orders requesting goods be shipped to Nigeria/Ghana and additional funds be transferred via Western Union to non-existent shipping companies. False merchant applications with the purpose of processing refunds or counterfeit cards. Funds are withdrawn from the settlement account next day. Additional goods or services requested with original sale that the merchant does not usually sell i.e.: mobile phones and laptops. Large orders cancelled and refunds requested via a telegraphic transfer or to a credit card other than the original purchase card.

International Orders   While all international orders carry an increased risk, transactions originating from the below locations have shown to generate high levels of credit card fraud: Nigeria Ghana Indonesia Singapore Eastern Europe

Fraud Scenarios Cardholder attempted to purchase a Ferrari over the phone. Merchant processed $310K over 3 domestic counterfeit cards.($10,000 approved). PRM alerted on transactions and merchant was contacted. Compromised US cards were used to book accommodation ($24,591 attempted and $10,791 approved) Merchant was also asked to pay a commission to a car rental business via Western Union. Merchant became suspicious, contact NAB fraud team and did not proceed with the transaction. Email received from a ‘Reverend” requesting a caravan be sent to orphanage in Africa. The merchant was asked to split the transaction over 3 US Cards. Merchant became suspicious, contact NAB fraud team and did not proceed with the transaction. Over a 6 week period an employee stole $15K by processing refunds to their own card. Merchant fraud contacted proprietor to advise and employee has since been arrested.

Fraud Scenarios cont… Mobility Scooters to Ghana ($14,000) Golf tours for the deaf to Ghana ($70,000) Plasma TV to Indonesia ($40,000) Sunglasses to Indonesia ($260,000) Car Rental pre-auth completions ($332,000) Piano to Togo ($9,000) Staff Refunds ($65,000 ) BIN Attack on US Cards ($159,000) Syndicated merchant facility applications Proprietor Transactions

Contact Us Merchant Fraud Team: Ph: 1300 668 046 Fax: 03 8697 6683 eMail: merchant.fraud@nab.com.au Or Visit: www.national.com.au/merchantfraud After hours contact EFTPOS support helpdesk: Ph: 1300 369 852

thank you