January 28, 2019
Eric Kraus, Line of Business Executive – Fraud Management, FIS
A successful fraud-fighting strategy requires credit unions to develop a holistic playbook to mitigate risk. As predicted with the transition to EMV chip cards in the United States, card present fraud is on the ropes but, card not present (CNP) fraud continues to rise as more consumers shop online. A new study by Javelin predicts that retailers will lose around $130 billion in digital CNP fraud between 2018 and 2023.
To help credit unions stay out in front of the battle against fraud, the following five tactics represent key building blocks in executing a sound strategy.
Tactic 1: Identify your weakest points of defense. The more knowledge about how your defenses can be penetrated, the better the remedy.
For example, does your onboarding process leave you vulnerable to synthetic identity fraud? From where is your card fraud stemming? Are your employees and members at risk for social engineering schemes? And, are you monitoring your social media presence and online domain?
Tactic 2: Harness your data to identify trends quickly. The more accurate the data, the more predictive your models will be.
Gathering data – often from disparate sources – will provide meaningful and actionable information. Define a data strategy that enables reconciliation of front- and back-office data to identify where gaps in the system allow for fraud – for example, authorizations, chargebacks, disputes. Also, by collecting indicators, such as geolocation for card and digital transactions, you can combine them with knowledge of members’ behaviors to ward off fraud and reduce false positives.
Tactic 3: Layer your defenses. The more layers, the stronger line of defense.
Start by establishing business rules to manage the amount of risk you’re willing to take and work with third parties to incorporate additional data, such as attempts elsewhere to open fraudulent accounts, to pre-empt fraudulent card use. Additionally, consider employing risk-based authentication tools like 3-D Secure 2.0, for example, to reduce risk in the ecommerce channel. Credit unions should employ a robust cyber monitoring program to detect potential malware and unauthorized penetration of your network. And, you will want to formalize a social media and online domain monitoring system to protect your brand integrity.
Tactic 4: Enlist and educate. The more you enlist and educate members and employees in the fight, the better the defense.
Let your members know what your credit union will and will not ask for. Educate members at all points of contact and encourage the use of strong passwords and dual authentication. Empower your members with alerts, notifications, card controls. Conduct phishing tests with employees and train call center employees to identify suspicious requests.
Tactic 5: Collaborate with other credit unions and partners. The more open that collaborations are with others, the sooner that risks can be identified.
Connect with other credit unions through associations to share common challenges and learnings in fighting fraud. Enlist your vendors in identifying potential weak points in your defenses and suggesting solutions to fill the gaps.
Jumpstart your day in a matter of seconds with quick snapshots of industry trends and leading perspectives delivered straight to you. Sign up for RISE here.