Rippleshot Blog

Holiday Shopping Weekend Data: Suspicious Transactions Rose 29%

Posted by Anna Kragie on Dec 13, 2019 11:41:33 AM

Midway through December, data indicates holiday fraud is rising sharply as expected.

The latest data from Digital Transactions indicates that over the five-day holiday shopping period there was a 29% increase in suspected fraud when compared with the same time period in 2018. This uptick in fraud comes with increased holiday spending, particularly online. 

Black Friday brought in $7.4 billion in just e-commerce sales, with Cyber Monday clocking in a record $9.4 billion. That was a 20% increase in spending from 2018, according to Adobe Analytics. For suspicious transactions Black Friday appeared to be the most impactful day of all, accounting for both the most fraud and legitimate sales (26% of the four-day total).

It's clear fraudsters are following shopper's habits. As more and more shoppers spend online, so does the amount of fraudulent attempts across CNP channels.

Read More

Are You Ready For The Holiday Card Fraud Rush?

Posted by Anna Kragie on Dec 6, 2019 1:15:43 PM

The uptick in holiday shopping card fraud leaves financial institutions in a tough position: Manage the fallout from higher declines or take on additional fraud risk to minimize cardholder disruption. Getting proactive about holiday card fraud can alleviate that burden.

To help you keep your cardholders protected, we've brought back our team's tips on how to manage incidents during this peak fraud season.

Read More

Topics: Fraud

What Financial Institutions Should Know About the Macy's Online Data Breach

Posted by Anna Kragie on Nov 22, 2019 11:47:44 AM

News broke this week that Macy's online payment portal on its ecommerce site was hacked by Magecart, a cyber criminal group known for injecting payment card skimmers into ecommerce websites. From what's been reported, we know payment data stolen was submitted by shoppers onto payment/checkout pages. 

Macy’s reported that it received an alert about "a suspicious connection between macys.com and another website,” which led to an immediate investigation. The hacker group reportedly injected computer code onto two pages at macys.com: The checkout page if credit card data was entered and an order was placed, and the wallet page of a shopper’s account page.

The questions left for financial institutions is what can they do about it, how can they protect their cardholders and how can they protect themselves in the future? We answer those questions in our latest breach alert. 

Click here to get your copy of our full report: Inside the macys.com Online Card Breach

Read More

Study: Consumers Blame Financial Institutions After Card Compromised

Posted by Anna Kragie on Nov 15, 2019 7:00:00 AM

A new industry study about consumer perception around fault over card compromises is a good reminder for financial institution leaders about what their cardholders are concerned about most this holiday shopping season. 

A November 2019 study from Terbium Labs titled "How Fraud Stole Christmas" details that a majority of consumers, or 68%, responded in a survey that they would hold their financial institution "at least partly responsible for fraudulent activity, regardless of how the compromise occurred." Even if the merchant was the source of the breach, consumer perception over how their bank or credit union is protecting them appears to play a role in who a cardholder is most likely to point the finger at after an incident occurs.

Read More

Rippleshot Gives Community Banks and Credit Unions Competitive Edge with AI-Driven Fraud Protection

Posted by Anna Kragie on Nov 5, 2019 8:00:00 AM

Rippleshot is excited to announce Rules Assist™, an AI-driven decision rules analytics solution to empower community banks and credit unions in the fight against emerging fraud trends.

E-commerce fraud now accounts for roughly 75% of all card fraud, causing financial institutions to race to keep up with fraudsters. In response, top Fortune 500 financial institutions have embedded artificial intelligence and machine learning into their core business models. The four biggest banks in the U.S. budgeted a collective $38.4 billion for innovation and technology in 2019 alone.

Faced with more limited resources, community banks and credit unions often lack the technological edge to keep pace with innovations that greatly impact customer experience. Rippleshot Rules Assist was developed to address technology gaps smaller financial institutions face in their back office to efficiently protect their customers. Financial institutions will be able to cost effectively leverage AI and Machine Learning within their existing infrastructure without adding IT resources or staff. 

Read More

Topics: Rippleshot News, Machine Learning, Data Analytics

Financial Institution Tips: Protecting Customers From Holiday Card Fraud

Posted by Anna Kragie on Nov 1, 2019 7:00:00 AM

With Halloween behind us, it's time to start thinking about what's next: The holiday rush. For banks and credit union leaders, this means thinking about the holiday card fraud rush that comes along with the increased card spend activity.

With more holiday shopping taking place online, CNP fraud continues to rise. E-commerce, or CNP, fraud is 81 percent more likely to occur than in-store, or card-present fraud. As seen every holiday season, we anticipate a surge in fraud this year. The holiday season is also a busy time for fraudsters who prey on financial institutions who are reluctant to decline a transaction or re-issue cards in order to lessen customer impact.

Being prepared to combat holiday card fraud means proactively preparing long before the storm hits. As a refresher for 2019, we’ve brought back our team’s tips on what issuers can do to manage incidents during this peak fraud.

Read More

Breach Notification Law Adds Biometrics, Passport Data

Posted by Anna Kragie on Oct 25, 2019 7:00:00 AM

California has set a new precedent for breach notification laws that is continuing to gain ground nationwide. A bill was signed into law by Gov. Gavin Newsom that adds passports and biometric data ad part of the PII covered by California’s data breach notification law. 

California now joins15 additional states that require notification if a resident’s fingerprint or other biometric information is breached. The other states include: Arizona, Colorado, Delaware, Illinois, Iowa, Louisiana, Maryland, Nebraska, New Mexico, New York, North Carolina, South Dakota, Wisconsin, Wyoming and Washington.

“Now, California law will require companies to treat consumers’ passport numbers and unique biometric data with the same security that they would a credit card or Social Security number — if you collect it, you must protect it,” California Attorney General Xavier Becerra said.

This addition to the data breach notification law follows trends across the country that aim to crack down on how quickly businesses and government organizations must alert customers about their personal data being compromised. Conversations about how data breach legislation will impact how banks and credit unions approach consumer privacy and protecting personal credentials is an ongoing topic in Congress as well.

Read More

Why Community Banks and Credit Unions Need AI and Machine Learning

Posted by Anna Kragie on Oct 17, 2019 7:00:00 AM

The push for greater digitization across the financial services ecosystem has created another challenge for financial institutions: New channels for fraudsters to exploit and monetize. 

Banks must keep up with customer demand and offer more to compete, but they must also be mindful of the security measures needed to keep up with these trends. This has left many FIs with a Catch-22. Fraud trends are changing as fraudsters get more sophisticated in the methods they use to breach personal and financial data.

Big banks are proactively working to get ahead of fraudsters, but many smaller institutions are still relying on time-consuming, manual methods to spot fraud patterns — or count on their call centers to alert them when fraud occurs. This approach involves a lot of upfront time, money and analysis, only to fall short in being able to accurately pinpoint where an organization's biggest risks and how to get ahead of those trends. 

 The bigger banks with deep pockets are gaining a FinTech edge with teams of data scientists and sophisticated software tools to keep their fraud detection tools aligned with what the market demands. Smaller FIs know to compete they must embrace new technologies such as AI and machine learning. But knowing how and where to start can be the biggest hurdle.

Read More

Topics: Fraud

Inside CUNA's 'Stop The Data Breaches' Congressional Push

Posted by Anna Kragie on Sep 27, 2019 7:00:00 AM

As we approach the 10th month of the year, it's clear that 2019's data breach statistics will once again be one for the record books. The Credit Union National Association (CUNA) has made addressing this rapidly-growing problem part of its mission as it continues to push the U.S. Congress to pass meaningful data security legislation.

Last month, CUNA created ‘Stop the Data Breaches’ MAP campaign (member activation program) directed "credit unions to make Congress aware that there cannot be data privacy without data security." Earlier this month, CUNA continued on its mission with additional updates to the campaign.

“Credit unions already know that they bear the costs of these data breaches, so the goal of the campaign is to educate credit unions members about the issue in order to have them reach out to their Members of Congress to demand action,” said Adam Engelman, CUNA’s director of federal grassroots and programs. “Congress has indicated they are aware of the privacy issue, our mission is to get them to realize we cannot have privacy without security, and we need a data security standard for all entities that handle sensitive consumer information.”

Read More

How to Educate Your Customers When A Data Breach Occurs

Posted by Anna Kragie on Sep 20, 2019 7:00:00 AM

Data breaches are happening more frequently and when they are occurring the number of impacted consumers is growing. Not to mention, the scope is widening as droves of sensitive data is filling the dark web for fraudsters to monetize for their next big fraud scheme. This story is all too familiar for banks and credit unions leaders today.

At Rippleshot, we're in the business of proactively protecting our customers from the impact of data breaches, card fraud and other incidents that put your customer's data at risk. We're here to help you protect your own customers. We also recognize the reality that data breaches happen when gaps exist in other organization's security protocols, which can leave your own customer's sensitive data vulnerable. That's why we're also here: To help you educate your customers and members when the next big data breach happens — and what to do about it.

Below are our tips to bookmark to remind yourself what steps you should take when that next data breach occurs. True customer service means giving your customers actionable steps to ensuring they're protected. Learn how you protect your organization and your customer's trust with our 10 tips.

Read More

AI and the Impact On Fighting Card Fraud

Posted by Anna Kragie on Sep 13, 2019 7:00:00 AM

Increasingly, as fraudsters get smarter and faster, you'll find the mention of AI in discussions about tools to combat the rise of card fraud. Security professionals have already bought in and are leading the charge for more advanced technology investments.

In fact, a recent Forbes article cited a stat saying "80% of fraud specialists using AI-based platforms believe the technology helps reduce payments fraud." To that same effect, this same percentage of fraud specialist have noted they've seen "AI-based platforms reduce false positives, payments fraud, and prevent fraud attempts." 

What's leading this push toward AI is the application of predictive technology that can help organizations, such as banks and credit union leaders and credit unions, learn how to prevent fraud before it actually happens by proactively spotting patterns. Of course, Rippleshot has bought into this philosophy, as are a growing number of financial institutions. 

That same Forbes piece noted that "63.6% of financial institutions that use AI believe it is capable of preventing fraud before it happens, making it the most commonly cited tool for this purpose." This data was sourced from a PYMNTS.com report, AI Innovation The AI Innovation Playbook that takes into account insight from 200 financial executives from commercial banks and credit union leaders, community banks and credit union leaders and credit unions across the United States.

What's driving this latest attention?

Read More

Card Fraud Intel: 5 Resources For Financial Institution Leaders

Posted by Anna Kragie on Sep 6, 2019 3:29:07 PM

Staying up-to-date with the latest insight into payment fraud trends should top the priority list for any financial institution leader — but there aren't always enough hours in the day to keep up. That's one of the reasons Rippleshot exists. We're here to be your trusted advisor on what we're hearing in the marketplace about fraud trends, fraud benchmark data and what financial institutions should be doing about it all. 

To help keep your team educated about some of the latest trends we've observed, we've gathered 5 resources worth bookmarking when you need to report on how fraud trends are evolving and how your team can stay prepared. For those who would like to chat about these trends more in depth – or would like to share their own card fraud pain points - we are always here to listen and lending a helping hand.

Read More

Topics: Fraud

What Financial Institutions Should Know About the Hy-Vee Data Breach

Posted by Anna Kragie on Aug 23, 2019 10:36:06 AM

The details about the Hy-Vee data breach reported this week show the long-lasting impact to cardholders: The possible sale of lots of credit card data on the dark web. According to Krebs on Security latest report, information has made its way into a popular carding forum indicating card data is being sold on the dark web.

The supermarket chain issued a warning to customers on August 14 revealing that a data breach had occurred at point-of-sale systems used by the firm's fuel pumps, coffee shops, and restaurants including Market Grilles, Market Grille Expresses, and Wahlburgers. The grocery store terminals itself are not believed to be impacted.

According to Krebs On Security, the breach is tied to the sale of 5.3 million new accounts from cardholders in 35 states.

Read More

CNP Fraud Intel: 7 Things To Know

Posted by Anna Kragie on Aug 9, 2019 3:29:41 PM

It was clear shortly after the EMV liability shift that traditional credit card fraud was going to move to another channel: Card-not-present fraud became that vessel. The real question issuers care about today is how this fraud has evolved and what's next? 

Both CNP fraud and CP fraud can take many forms. For example, we've been hearing a lot about how card-present fraud (and CNP fraud) is being perpetrated across digital wallet schemes. These fraudsters are targeting a merchant to acquire small amount of cards, and then acquired sufficient PII associated with those cards to attempt to simultaneously configure dozens of them for digital wallets. Many fraud schemes that used to be reserved for CP fraud are now evolving into new ways to perpetrate fraud without having the physical card on hand. 

What we do know is that CNP fraud is on the rise and it's spreading to new avenues. As new technologies are developed, fraudsters find a way to breach those too. We've gathered the latest CNP fraud intel to help you understand the scope of this ever-evolving problem. 

Read More

What Financial Institutions Should Know About the Capital One Data Breach

Posted by Anna Kragie on Aug 2, 2019 7:00:00 AM

The Capital One data breach was a harsh reminder for financial institutions and their customers that data breaches are an all too common occurrence growing at scale each time the next one hits. 

The sheer scope of this incident shows how the fallout from this breach could be unknown for years: “Consumers and small businesses who applied for Capital One credit cards from 2005 through early 2019 are most at risk,” the company revealed.

The mainstream media highlighted the core of what everyone should know about the breach itself:

Read More