Velocity checks in fraud detection

The top 10 phrases used in the fraud industry (and an explanation of what they really mean!) An educational 10 part series

Smishing’ is a legitimate fraud term to describe the act of inputting personal information such as a credit card number through a text message that was prompted by a fraudster. The number of people who know what ‘Smishing’ is can probably be tallied on a single hand. To no one’s surprise, it takes some research and industry knowledge to understand fraud industry phrases such as ‘Proxy Detection’ or ‘Device Fingerprinting’.

But in an increasingly busy corporate environment, the time and effort to look up what is and is not top tools used to stop fraud can seem like an overwhelming task. Even more futile for those of us in the fraud industry can be describing how our products work to customers who clearly have limited or zero knowledge of what this lingo we’re slinging at them is and how to rank the importance of these words we are describing to them.

Image

‘Smishing’ huh? I’ll Google that….just after I reply to my 2000 emails

#1 Velocity Detection

At a first read over, velocity detection might seem like some complicated instrument mechanics would use at a theme park on a broken roller coaster. But in reality velocity detection is defined as checking the historical shopping patterns of an individual and matching that record against their current purchases to detect if the number of orders by the cardholder match up or if there appears to be an irregularity.

According to Experian , checking for velocity should be an important basic step for any fraud department. As mentioned in the linked blog post, a fraudster will often experiment with one fraudulent transaction to see if a card will work. If it passes through your system without raising any internal flags, a multitude of orders will most likely be purchased until the card is maxed out.


Image
I think I will get one of EVERYTHING!

The resulting mess will most likely have you being contacted by Visa or MasterCard notifying you that the legitimate card holder just noticed that a large number of purchases not made by them though your website was charged, and you are about to take a heavy loss for accepting and shipping that transaction.

So how do you start checking for velocity?

Big Data Republic recently posted an interesting video on what you should first look for in a velocity attack, a great video in my opinion and neat follow up to this post.

With velocity, you should look for the number of times a specific data element occurs within a given interval. For example, if you sell cameras online, one would expect that your customers would have no more than one purchase within a 12-month period. It would be suspicious if a customer bought more than one camera per day from a single computer, keeping in mind that could buy multiple cameras as part of the same order.

Typical data elements used for velocity are the email address, phone number, credit card number, billing address and shipping address. Name does not work very well because there could be multiple people with the same name and this could affect good customers in the process.

Thanks for reading this first post, our goal here is to be a resource for those looking to battle fraud. Continue to follow us as we go through the other 9 types of fraud checks throughout the rest of this month! For additional reading Signifyd recommends blog posts by Internet Retailer, who has a great collection of articles such as this one relating to fraud.