There’s a new trend in the ATM fraud space. Not only is ATM fraud skyrocketing in recent years, fraudsters are getting smarter, faster and more effective. Today, fraudsters are targeting high balance accounts and withdrawing large sums in a short time span.
The latest data from FICO showed card skimming losses rose 70% between 2015 and 2016. That’s on top of the 546% increase seen in 2015. As for how 2017’s figures will shape up? We’ll have to wait and see. But based on the attention both in the mainstream media and within the financial services ecosystem on this subject, the problem appears as though it will get worse before it gets better.
There’s no silver-bullet solution to tackling the rise of ATM fraud, but there are technologies that can help mitigate the spread of fraud to lessen its impact.
For example, industry data shows that the most effective ways to reduce ATM fraud is to implement technology that addresses ATM skimming prevention and detection. The key to detection is the rate at which the compromised ATMs/cards are caught in order to stop the spread of fraud before it spreads. Beyond that, there are things like biometrics, malware detection and ATM system monitoring.
The difficulty with all types of fraud is the speed at which it evolves. ATM fraud, in particular, is evolving at a rapid pace. Banks are using new tools to fight fraud — machine learning, automation, cloud technology, etc. — but so are the fraudsters. The problem? The fraudsters are getting better at their jobs. The monetization of compromised cards has become a sophisticated industry.
The auctioning of compromised cards across the dark web to commit and monetize card fraud occurs faster than a bank can detect a compromise, identify compromise cards, reissue the cards and call the cardholders. We address much of these issues in our latest report, The State of Fraud: 2017, which explores evolving threats, emerging fraud trends and how banks and credit unions can enhance their card fraud management strategies.
Debit Card and ATM Fraud Remains a Pain Point for Banks
The rise in debit card and ATM fraud has forced banks and credit unions to implement better fraud controls and continually upgrade their security features in order to think smarter about their fraud management strategies.
In Early August, J.P. Morgan Chase announced it was cutting a popular debit card replacement option .As reported in The Wall Street Journal, the problem with ATM fraud wasn’t just from skimmers or stolen cards. It was actually a case of stolen identities. Chase was seeing an increased number of people that visited physical branches with fake IDs that matched a customer in order to get a new debit card.
Because Chase had a program to replace the cards in that same visit, the bank would issue a new card (with a new PIN) that was then used by fruadsters at the bank’s ATM to withdraw cash. Chase told The Journal they fixed the issue two years ago, stopping that particular problem. The bank says the more recent decision to cut the debit card feature is in response to customer’s shifting toward new technology for their banking needs, like mobile banking and mobile payments.
Regardless, across the country banks and credit unions of all sizes continue to grapple with how to tackle ATM fraud. Fraud tools today shouldn’t take 90 days to implement, require complicated platforms, have integration delays with core systems or complex modeling iterations.
Solutions need to be fast, efficient, and actionable before the “horses are out of the barn.” Banks need tools that give them a quick alert on which cards are compromised on a daily basis, the ability to detect skimmers on ATMs in two hours, and the option to reset PINs immediately — opposed to the two week-period associated with CAMS alerts.
Solution providers who want to bring the value of machine learning to banks to help detect ATM breaches, thwart compromised cards, and reduce fraud need to be able to deliver a streamlined solution that takes days (not months) to implement, that does not burden a bank’s overloaded IT department, and delivers results in hours (not days or months).
Successful machine learning solutions also reduces the time from detection of fraud, or of compromised cards, to action to reduce as much fraud as possible from compromised cards/accounts, skimmed ATMs, etc.
Rippleshot’s Case Study
Banks typically have less than 48 hours after an ATM compromise before money is out the door. Banks need to quickly identify compromised ATMs and cards to get a handle on the scope of the problem — a process that can take weeks.
With Sonar ATM Fraud Detect, we were able to find three ATM skimmers and nearly 400 compromised cards for a regional bank were detected in about two hours. The end result? The bank reset compromised card PINs within 24 hours, stopping an estimated $110,000 of fraud, slashing reissuance costs, and lessening customer disturbance.
Sonar ATM Fraud Detect enables a quick-launch ability and minimal data requirements, ATM Fraud Detect processes data in near real-time to equip fraud teams with actionable activity reports in as little as two hours. ATM Fraud Detect provides card issuers with reports on potentially compromised ATMs and cards. Armed with this knowledge, fraud teams can take action faster on the affected cards — reducing fraud losses and client impact.
