Credit card, gift card, and payment fraud in general, are problems that many retailers, banks, and payment providers have encountered at some point. Although it is an on-going problem that organizations continue to fight against, it is often an “invisible” crime until a high-profile case emerges. Recently, a case involving perhaps the most recognizable brand in the world, Apple, has been front page news, bringing much greater attention to this criminal activity.

Apple giftcard fraud

In October 2015, an Apple store employee was charged with using tampered credit cards to purchase Apple gift cards, which they sold on at a fraction of the face value. They reportedly re-coded Visa and American Express prepaid credit and debit cards to purchase the gift cards, at no personal cost. The gift cards, worth approximately $2,000 each, were then sold on for around $200. The total fraud is reported to have amounted to just short of $1,000,000.

This recent incident does not mean that Apple should be singled out. However, the fact it happened to Apple has certainly given the issue of payment fraud a higher-profile, and has brought it into sharp focus for banks and retailers. Indeed, banks themselves have received much of the criticism, with some of them alleged to have failed to undertake adequate identification verification measures when credit cards are linked to payment platforms. While no retailer, bank or payment processor is intentionally lax in this area, it is time for them to re-evaluate just how robust their anti-fraud measures really are. This may be particularly true for gift card payments, which are often used for money laundering operations.

The suspect illicitly buying and selling the cards in the Apple case has been traced and arrested, but the end-users of the gift cards have not, and probably never will be. Why? The reason is simple. As credit cards purchases require verification processes, even if false or stolen credentials details are given, transactions are somewhat traceable because there are always identifiers associated with them. With purchases made with gift cards, this is not the case. Like with cash purchases, gift card transactions require no customer identification to be provided.

What can be done?

Ogloba’s Fraud Detection Solution is based on an industry-leading product which provides a highly functional and user-friendly fraud defense system. The system monitors all transaction-related data using both advanced statistical modeling techniques and user rules to detect adaptive fraud patterns. This offers a dynamic, adaptive approach to fraud which in turn offers high levels of detection, coupling user experience with advanced probability modeling.

The Fraud Detection solution will analyze transaction information from the system, out of the Authorization messages. These are received as real-time messages from the system, which then automates the decision with blocking rules based on 65+ parameters such as:

  • 3D-Secure authentication, real-time authorisations and verifications (AVS, CVV/CV2)
  • Black, grey and white lists for various parameters including IP address, card data, name, phone, e-mail, unique customer ID, etc.
  • Set minimum and maximum amounts per transaction for each payment method
  • Hide specific payment methods from customers in a certain country or from customers paying in a certain currency
  • Velocity checks per card, IP address and/or e-mail

If clients require post-mortem analysis of merchant fraud to include the e-commerce channels, the Fraud Detection Solution will also include a feed of transactions from the e-commerce platform via the Transaction Data warehouse.