2. Card fraud
Property of Batton Consulting Inc. 2011. Released under 2
3. Fraud penetration points
Device Transaction Data Identity
Industry
protection
level
Property of Batton Consulting Inc. 2011. Released under 3
4. Fraud sources
Card forgery
Phishing Merchant
scams
Transaction spoofing Card theft
Auth data skimming
Application fraud
First party
Account takeover
Site hacking
Property of Batton Consulting Inc. 2011. Released under 4
5. Fraud’s open windows
Device impersonating
Device active until account disabled
Exposed validation keys
Transaction impersonating
Usage verification is heuristic not positive
Identity verification is heuristic not positive
Lack of trend controls for “bust out”
Property of Batton Consulting Inc. 2011. Released under 5
6. Stopping fraud - tools
Electronic device fingerprint
Device registered & controlled for usage
Tokenization of account validation keys on
device and key resolution “behind the wall”
Account-user positive confirmation of
transaction
Biometric verification of account applicant
Biometric capture of account users
“bust out” pattern detection/prediction
Property of Batton Consulting Inc. 2011. Released under 6
7. Fraud tool impact
Transaction
Application
First party
Auth data
Merchant
skimming
Phishing
takeover
Account
hacking
forgery
Device
Device
spoofing
theft
scams
Site
fraud
Device fingerprint
Device registration &
controlled
Tokenization &“behind the
wall” res.
Transaction positive
confirmation
Biometric applicant
verification
Biometric user capture
“bust out” detection/prediction
Property of Batton Consulting Inc. 2011. Released under 7
8. Mitigating fraud impact
Velocity-based exposure controls
1st party fraud clearinghouse
Neural net transaction fraud detection
Fraud detection clearinghouse notification to
merchant to stop delivery
Fraudster attribute database matching (ie. Name,
address, phone, etc.)
Property of Batton Consulting Inc. 2011. Released under 8
9. Fraud tool accommodation
MagCard Mobile NFC EMV
Device fingerprint
Device registration & controlled
Tokenization &“behind the wall” res.
Transaction positive confirmation
Biometric applicant verification
Biometric user capture
“bust out” detection/prediction
Property of Batton Consulting Inc. 2011. Released under 9
10. Fraud improvement w/mobile
Device Transaction Data Identity
Industry
protection
level
Property of Batton Consulting Inc. 2011. Released under 10
11. Conclusion
Fraud incidence is rising and costs are increasing
again despite industry action
Fraud avenues of attack are many & varied
Current approaches still leave several windows
open for fraud attack
The “card based” device is inherently susceptible
to many of these attacks
EMV & NFC are still largely open to attack
Approaches/tools are in reach to
close/significantly reduce those windows
The mobile payment platform presents the best
way to provide these tools and reduce fraud
Property of Batton Consulting Inc. 2011. Released under 11
12. Further information on this
Contact me
BCI provides focused consultation and assistance in the
payment systems area
Payments solution evaluation Project advisory or management
Strategy and issue consultation Architecture direction & rollout
• Quicker and more accurate problem identification and solution
• More dependable delivery of key payment initiatives/projects
• Creative and tested solutions to payment systems improvements
• An objective viewpoint that sees the whole picture
• Deep experience delivering business value through technology
Executive IT help & leadership on payments when you need it
Contact: Mike Batton, President, Batton Consulting Inc. | mike@battonconsult.com | 630-443-7735 (O) 630-862-6799 (M)