How often do we received a call whom claimed that he is from the Blablabla bank and he wants some of your information in order for them to do updates or anything which he think it necessary for the sake of their work? Do we give those precious information straight away or do we stop there.. and thinking is it a genuine or imposter caller? The latter should be the less what many people would do.Surprising, isn’t?.
I used to worked at Fraud Detection of Credit Card companies and make a hundred calls per day to credit cardholder.Depending on their status, I can easily figured it out which cardholder would be easily co-operate and a person who will stop at no point to ask about me,my staff number,where do I work,whose your supervisor and even hardly pushing me to the limit ” I want to speak with your manager!!”. I guess calling my manager to speak to the customer isn’t a good idea; I shall booked more appointment in my manager room and make him start a talk about “How to keep your job and still doing the same job”. Most of management level working background are brave (or shall I say have some guts) to question why I call to check his credit card particulars and demand some identification of me as an authorized person to make such call. But 70% of the cardholder will feel scared,shocked or become blurry for a while and proceed to co-operate with me. But I know it’s not their fault as it’s common thing to have some alertness for something like this and it’s actually normal; you’re still not an insane. Thus, I can conclude that the important thing that most of the people don’t realized is banking services still didn’t implement a safe and secure ways to introduce themselves over the phone and make smooth the entire process of whatsoever they want it using mobile communication.Did’nt you realized that?
There’s a few tips we avoid some unfortunate things to happen..
1. If you were received a call from your mobile phone, makes sure the call is from a fixed line or any phone number except a mobile phone number.Banks saves a lot of money by installing a line from phone companies using a packages offered and one more thing to remember, bank employee still have their own office, a desk, a PC and so on… they are not ” a mobile staff who needs to make a call to cardholder because their office was collapsed after a earthquake “. They are obligates to use their company phone line.
2. If they are from Fraud Support, they have much time ( or a bit more than the Marketing or Sales team) for you to have a quick chit chat.Just ask them a few questions about how they are really sure about your card has been compromised or suspected were being used by somebody else. Ask them about how can you meet them to discuss about it. Usually the Investigation team is always willing to meet you personally. Each case which will be opened must be carefully considered by both parties and there will be some paper to be signed. So, you can always ask the person who call you about what is their identity and how can you contact them.
3. Never ever reveal your CVV number ( the number behind your card placed at the right side and have a single 3 digit number) to anyone. The banking personnel shall ask you a general question about your card such as embossing name (the name printed on your card),your mother’s maiden name,your card number or your card expired date. The CVV number is anti fraud security feature that shows you are in possession of the credit card your own now. In UK, some credit companies provided the cardholder to have their own PIN number-which is most advisable to have since you’ll have it in your mind and not something which is printed like the CVV number.
4.The banking personnel seems to have formal ways to address themselves the “brotherhood of the bees and honey” (find it yourself..heheh) and unlike the impostor which straightaway asking you to get your credit card information. Sometimes they sounds desperate and have no ethical ways at all.Use your instinct. Don’t be panic.Fight like a man.Fear no enemies.It’s just over the phone and not something like “more than meet the eyes”. Okay, I may have gone too far from the topic of discussion now.
5. If you find yourself talking to someone who you feel something is wrong, you can always call the customer care center or any hotline of the banking services to ask them has anyone from the Fraud Support has called you regarding your credit card.If something is suspicious, they can issued a temporary block to your card and ready for any possible attempt of fraud to your card.For safety issue, you can always seek advice from them and it will be most likely that you have to make a card replacement in order to have a fresh start of using your card again with new cardnumber,CVV number and expired date.
Ridhzuan Harun
How HSBC aims to identify credit card fraud in under a second
Online identity theft might get more publicity these days, but did you know that a quarter of the £400 million lost to credit card fraud in the UK every year is down to good old-fashioned counterfeit cards?
Every credit card provider tries to spot fraud as it happens. But HSBC hopes that the new system it’s introducing to the UK this year will spot fraud faster and more accurately.
This new anti-fraud system could save you from losing money to speculative fraudsters. But it could also mean lots more targeted junk mail too.
How the banks track your credit card
When you make a purchase, you put your credit card in the shop’s card terminal and type in your PIN. The terminal then sends the details back to the credit card issuer to check that you’ve paid your bills and that you’re still under your agreed credit limit.
But the system is also trying to guess whether it’s really you at the till.
HSBC has spent two years working with software modeling expert SAS to build a real-time fraud detection system. This uses a ‘signature’ calculated from your previous behaviour and a complex model of what fraud looks like to calculate the odds that it’s really you – and it does this in 30 to 50 milliseconds.
There’s a fine line between catching fraudsters and annoying customers by questioning too many purchases, so the fewer ‘false positives’ the better. HSBC isn’t saying how much more accurate the new system is, but it’s certainly more efficient.
The new system processes 87 per cent more information (about your shopping and travelling habits as well as what kinds of fraud are happening that day) using 12 per cent less CPU time. But the real change is that the new system will look at more than just your credit card history to work out if you’re really you.
The pattern of shopping
“You are what you buy,” says SAS’s director of fraud solutions T J Horan – and you spend with more than one card. If you have an HSBC credit card, you probably have an HSBC debit card and if your wallet is stolen thieves will be using them, along with your cheque book and all your other cards.
By the end of next summer HSBC will check credit and debit cards in the same system, making it easier to spot suspicious behaviour.
In the future it will run other transactions through the system too. Thieves often try to change the address for your statements so you won’t notice what they’re spending or the money that they’re taking out of your bank account so they don’t hit your credit card limit. They might even take out a mortgage in your name.
HSBC plans to check mortgage applications, cheques, online payments, transactions on mobile phones, address changes and even the behaviour of its own staff against the system to look for fraud. It could even spot businesses that are about to fail.
What it can’t yet do is check against your other credit cards even though the thieves will be using everything they find in your wallet.
Derek Wylde, the head of group fraud HSBC, hopes we’ll see a consortium of UK banks and credit card providers sharing data about fraud.
But he also plans to use the model the bank builds up of you for marketing. “Using transaction data can be incredibly valuable when pinpointing where to sell products to our customers,” he says. But targeted junk mail may still feel like junk mail.
By Mary Branscombe
http://www.techradar.com
By Michael Chiam
Introduction
Credit card fraud is the biggest risk for the e-merchants. While all businesses accepting credit cards face this, the Internet merchant is even more exposed. Brick-and-mortar businesses can verify a signature to prove the authenticity of the payment, but there is no such protection for businesses on the Internet. Due to this increased risk, the credit card banks hold Internet merchants 100% liable for the losses and expenses incurred as a result of credit card fraud. The defrauded merchants not only suffer because of the loss of product or services, but they are expected to pay a charge to defray the expenses the bank incurred from dealing with the fraud.
The amount of money lost to online credit card fraud is staggering. One market report estimated that more than $230 million in losses were suffered by Internet businesses in 1999 as a result. In a Forbes magazine report, the estimate for 2000 was over $600 million. (See http://www.forbes.com/2000/06/21/mu6.html for more information.). Another report states that in the UK, 9 out of 10 e-businesses were hit by online credit card fraud. Judging from these figures, estimates are that about $18 billion will be lost in 2002.
Internet businesses hardest hit by credit card fraud include computer suppliers (hardware and software), electronics, and music/game Web sites. This is primarily due to the products’ popularity , the ease of resale, and the speed with which a criminal can dispose of them and turn a profit. With the increase in e-commerce business, it’s certain that the amount of money lost to fraud will increase exponentially.
The main reason credit card fraud is so high for Internet businesses is due to the anonymity of the entire transaction. A “fraudster” makes purchases without presenting an actual credit card, signing a receipt, or being seen. Additionally, if physical goods are involved, the criminal will most often use a temporary address to receive shipment. These factors make it very difficult for a small- or medium-sized e-enterprise to track down even a fairly novice online culprit.
Proactive Solutions
While it is difficult to prevent credit card fraud, large e-commerce companies have begun to build systems that proactively check parameters entered on an order form while it’s being processed. Many footprints of glaring information can identify a transaction as a fraudulent one. For example, a survey of more than 200 companies performed by the Saint Hamilton Group shows 163-plus companies reported seeing vulgar words entered as either a first name, a last name, or part of an address in an online order form. The same survey also reports that companies linked directly to their bank processors in realtime via the Web were most susceptible to online credit card fraud. Therefore, I decided to develop a solution that would cut down on such incidences and created a component called SC Profanity Check.
SC Profanity Check
SC Profanity Check is meant to check data form fields for profanity. If profanity is found, it notifies the end user that the system has detected a potential fraud. Note that such an approach often tells the culprit they’ve been detected, thus scaring the hacker into either aborting the transaction or submitting their real information. You can download the component here.
Review the following HTML code:
<html>
<body>
<br>
<FORM action=demo1.asp method=post name=”">
<center><table BORDER=0 CELLSPACING=0 CELLPADDING=0 COLS=1 WIDTH=”50%” >
<tr>
<td>
<table BORDER=0 CELLSPACING=5 CELLPADDING=5 COLS=1 WIDTH=”100%”
BGCOLOR=”#000066″ >
<tr>
<td><b><font face=”Arial,Helvetica”><font color=”#FFFFFF”><font
size=-1>SC Profanity Check</font></font></font></b></td>
</tr>
</table>
<br>
<table BORDER=0 CELLSPACING=5 CELLPADDING=5 COLS=2 WIDTH=”100%” >
<tr>
<td><font face=”Arial,Helvetica”><font size=-1>Text Field</font></font></td>
<td><input type=”text” name=”textfield” size=”30″></td>
</tr>
</table>
<br>
<div align=right><input type=”submit” name=”enter” value=”Check For
Profanity”></div>
<br>
</td>
</tr>
</table></center>
</html>
Now look at how a few lines of code can help prevent credit card fraud.
<HTML>
<HEAD>
<TITLE>SC Profanity Check Demo</TITLE>
</HEAD>
<BODY>
<%
testword = Request.Form (“textfield”)
Set test = Server.CreateObject (“scprofanitycheck.profanity”)
if test.IsProfanity (testword) = “True” then
Response.Write “SC Profanity Check identified at least one profanity entered.”
else
if test.IsProfanity(testword) = “False” then
Response.Write “No profanity”
end if
end if
%>
</BODY>
</HTML>
About the Author
Michael Chiam is the CEO of Saint Hamilton Group, a leading credit card fraud detection and risk-management company. He has been programming in C/C++ since 1993. His areas of expertise include Visual C++, C++, C, Java, Visual Basic, ASP, XML, SQL Server and other expert systems. He’s an expert in credit card fraud detection and credit card processing systems. In his spare time, Michael Chiam is also a venture capitalist and angel investor. He can be reached at michaelchiam@sainthamilton.com.
