8 Risk Management Services to Help You Fight Fraud

There is a wide range of risk management services that merchants and processors can choose from and implement into their fraud prevention strategies. Some of them are free, while others are paid for and some of them can be used in any type of credit card acceptance setting, while others are specifically designed for card-not-present or face-to-face environment.

In this article I will review eight risk management services developed by Visa to help your business and payment processor detect and prevent fraud.

Fraud Detection Services

1. Falcon Fraud Manager — a customizable platform that performs fraud scoring to capture relationships and patterns and detect and stop potentially fraudulent activity. The primary system components are:

• Falcon Debit — calculates a fraud score for each transaction based on individual cardholder and transaction data. If the score indicates a high probability of fraud, the transaction can be sent to a fraud analyst for review or be blocked. The fraud score can also be used for making real-time authorization decisions.
• Falcon Expert — enables users to define rules to automate fraud prevention procedures by allowing the use of other relevant transaction information, in addition to the fraud score.

2. Flash fraud rules — provide a parameter-based set of rules to help identify and block suspect transactions falling into pre-determined risk categories. The following data fields can be used to block suspicious transactions:

• Merchant country code.
• Merchant category code.
• Merchant ZIP code.
• Acquiring network ID.
• Personal account number (PAN) entry mode.
• Transaction amount range.
• CVV checked indicator.
• CVV result.
• BIN.
• Prior Falcon score.
• Visa Advanced Authorization Risk Score or Risk Condition Code.

Authorization Services

3. Authorization edit checks — can be set at the financial institution, card group, or individual cardholder level. Users can set limits separately for cash and point-of-sale (POS) activity, and timeframes can be set for single- or multiple-day periods. Authorization edit checks include:

• Daily spending limits — monitor amount spent and cash back.
• Velocity checks — monitor the frequency of card use.
• Expiration date checks — verifies if the card is expired and checks for an exact expiration date match.
• Name match — limits the risk of counterfeit cards by comparing the Track 1 names on incoming authorizations to names on file.
• PIN validation — matches entered PIN to the PIN on file (for ATM and select POS transactions).

4. Visa fraud protection services. The following programs verify additional information in the authorization message:

• Cardholder Verification Value (CVV) — validates verifies a unique three-digit code on the magnetic stripe of all Visa cards to detect counterfeit cards.
• Cardholder Verification Value 2 (CVV2) — validates a unique three-digit number, printed on the back side of the card, to limit fraudulent card-not-present transactions.
• Dynamic Cardholder Verification Value (dCVV) — verifies a dynamic three-digit value provided by the chip on a contactless card to detect fraud.
• Address Verification Service (AVS) — enables merchants to validate a cardholder’s billing address by matching it to the one on file with the issuer.

5. Verified by Visa (VbV) — used to authenticate a cardholder’s identity by asking them to enter a password during the authorization process of an online Visa transaction.

6. Visa Advanced Authorization — a risk evaluation system that provides risk information for all authorizations initiated with a U.S.-issued Visa card. Visa has developed fraud rules to stop activity based on pre-defined Visa Advanced Authorization scores. Risk information is provided in the form of:

• Risk scores — indicate the probability that an authorization is fraudulent.
• Risk condition codes — provides information for compromised accounts or ones associated with an account-generation scheme, as identified across the Visa payments system.

7. Stand-in processing — Visa authorizes transactions when the issuer’s host system is unavailable or when the issuer has chosen Visa to process certain transactions on their behalf.

8. Suspect activity reporting — it helps identify excessive or abnormal cardholder activity levels. Reports can be configured to monitor transaction counts and dollar limits.

The Takeaway

Not all of the above services are designed to be implemented on a merchant level. Perhaps you don’t really need to be all that familiar with some of them. Yet, it doesn’t hurt to know what’s being done to fight fraud, especially if you are operating in a high-risk industry. Educating yourself on risk management is the surest way to improve your business’ fraud prevention capabilities.

Image credit: Debitcard.com.au.