Get Sandbox Keys
Guides

Introduction to Fraud

Suggest Edits

If you offer financial services you will inevitably encounter fraud. Since it is impossible to completely prevent fraud, you need to plan for fraud related losses as natural part of doing business. However, steps can be taken to mitigate the impact of fraud on your business such as the following:

  • Understanding Fraud Patterns: Mbanq can help you stay current on common types of fraud such as identity theft, account takeover, phishing scams, and insider fraud. Knowing these patterns helps in building a proactive defense.
  • Incorporating Prevention Tools: Mbanq uses tools like AI-driven fraud detection systems, device finger printing, and transaction monitoring software. These tools can help in identifying suspicious activities in real-time.
  • Risk Management Strategies: You should regularly conduct assessments of your vulnerabilities to fraud as well as your planned response strategies.
  • Employee Training: Your employees are often the first line of defense in confronting and combating fraud. It is important to provide regular training programs covering fraud attacks like recognizing phishing attempts, handling sensitive information securely, and understanding internal fraud risks.
  • Customer Education: Of course, helping your Client customers recognize fraud attacks goes a long way toward preventing fraud before it starts. You should consider including fraud prevention tips as part of client marketing communications.
  • Continuous Improvement: Fraud prevention is an ongoing process. You should regularly review and update your fraud prevention strategies based on emerging threats and industry best practices.
  • Crisis Management: As noted, you cannot completely prevent fraud, so you should have a crisis management plan in place to minimize damage to reputation and customer trust.

Remember, you are not confronting fraud on your own. Mbanq is here to support you with our industry-leading software solutions, training modules and policy and procedures support.

Fraud Types

There are three main categories of fraud:

  • First-Party: occurs when someone knowingly misrepresents their identity or gives false information. For example when a client makes a card purchase and then disputes the transaction as unauthorized.
  • Second-Party: occurs when someone knowingly shares their identity information to another person so that the second person can commit fraud. Similar to the preceding example, a customer gives their card to a friend, who makes a purchase, and then the cardholder disputes the transaction.
  • Third-Party: occurs when someone’s identity details are used without their knowledge or consent. This can include synthetic or manufactured identities using stolen and false information. For example when a fraudster uses the victim’s personal information to apply for a loan and runs off with the proceeds.

Where We Find Fraud

Fraud can occur in just about any process or interface with the Client or even Third Party providers. It is important to know where to look and where fraud typically occurs:

Account - Opening and Loan Originating

Accounts can be opened by fraudsters with fake or stolen identities, or the Client themselves can later claim that they did not open the account or take out a loan.

Detection and Mitigation Methods

  • KYC and Selfie: helps to verify the Client's identity at the time of account opening
  • Device Fingerprints and IP Address Verification: can detect when a fraudster is attacking from outside the Client's home region.
  • Fraud Lists: can limit exposure to known fraudsters
  • Client Notification: while not preventing the fraud occurrence, it does put you on notice to begin taking corrective action.

Account - Takeover

This type of fraud involves the takeover of a legitimate account by a third party. This typically occurs when the fraudster uses some sort of scam to get the Client to divulge their login credentials and other information.

Detection and Mitigation Methods

  • Strong Passwords: requiring strong passwords can reduce the exposure to this type of fraud.
  • Two Factor Authentication: requiring both a password and a second external form of authentication can make perpetrating this type of fraud more difficult. This should be done for both login as well as for high value transactions.
  • Transaction Limits: setting limits will not eliminate the fraud, but can minimize the damage until it is detected and stopped.
  • Monitor Login Patterns: look for anomalies such as login time of day and location logging in from.

Transaction - ACH

When funds are pulled from an external ACH account, the account information can be fraudulently obtained, and since it takes days for a return response or a refund request the fraudster and the funds can be long gone.

Detection and Mitigation Methods

  • Third Party Account Verification: third party services such as Plaid, Yodlee and GIACT can help to verify account ownership, good funds, and other transactions which can help to identify and prevent fraudulent transactions.
  • Monitoring Behavior: monitoring a client user or account behavior can help identify potential fraud patterns such as excessive transaction returns, account holds, etc.
  • Limits: while not preventing fraud, they can help to limit the extent of financial losses due to fraud and allow time to detect and take corrective action once fraud is detected.
  • Fund Holds: can help deter fraud by placing transaction proceeds on hold before they can be moved further, which provides time for the Client user to see and report the suspected fraud.

Transaction - Card

Online (card not present) transactions can be fraudulently initiated with an unsuspecting merchant. In addition, limit stops can be subverted when the full amount of the purchase is not recorded initially, but is force posted afterwards. For example when the fraudster purchases a $20 pizza and then gives them a $500 tip.

Detection and Mitigation Methods

  • Lock the Card: when fraud is detected or suspected, automatically lock the card until the Client calls in to unlock it.
  • Limits: while not preventing fraud, they can help to limit the extent of financial losses due to fraud and allow time to detect and take corrective action once fraud is detected.
  • 3D Secure: provides a way for the merchant to request a two factor authentication before proceeding with the card transaction.
  • Block Unexpected Regions: monitor card spending patterns and flag or block transactions that fall out of the expected shopping area for the Client.

Transaction - RDC

When processing checks remotely, care must be taken to avoid counterfeit documents. With only an image of the check it is possible to use photo editing tools to make it appear real. Third party software tools should be used to detect such fakes.

Detection and Mitigation Methods

  • Verify Required Elements: validations can be performed to determine the authenticity of the check document. Such validations include: ensuring the endorsement matches the Client's name, that the front of the check has been signed, that the MICR line matches bank information on the check, and the like.
  • Fund Holds: can help deter fraud by placing transaction proceeds on hold before they can be moved further, which provides time for the Client user to see and report the suspected fraud.
  • Manual Review: having a human review of the check document image is often one of the best ways to spot fakes.

Disputes

It is not uncommon to see first party fraud in disputes where a Client made a transaction and later disputes having ever made it. In addition, some informed fraudsters know that most networks and issuers ignore fraud investigations for amounts under $25 so they try to fly below the radar.

Detection and Mitigation Methods

  • Patterns: track and look for patterns of frequent disputes.
  • Limits and Balances: while not preventing fraud, imposing balance restrictions can reduce the dispute risk exposure and stop it from continuing once detected.
  • Flag Questions About Disputes: Clients asking questions about the dispute process prior to submitting a dispute can be a red flag for impending fraud.

Available Fraud Detection and Prevention Tools

Mbanq employs a number of tools and processes to detect and prevent fraud of multiple types.

  • Identity Verification: these tools include KYC, KYB and external account ownership checks against third party services and databases.
  • Device Fingerprints and IP Address Checking: these tools check for the use of VPNs to mask fraud being perpetrated from outside the country and compare devices to know fraud device lists.
  • Limits: these tools help to limit the extent of financial losses due to fraud and allow time to detect and take corrective action once fraud is detected.
  • Funds Holds: can help deter fraud by placing transaction proceeds on hold before they can be moved further, which provides time for the Client user to see and report the suspected fraud.
  • AI Fraud Pattern Detection: these tools use machine learning and artificial intelligence to identify patterns of known fraud and flag new instances that closely match known fraud patterns.

Updated 9 months ago