Tata AIG General Insurance Company - Insurer Innovation Award 2024
5.2.1 red alerts
1. Tiltproof Incorporated
Document No. 5.2.1
Effective Date 03/06/2007
Fraud Red Alerts Revision Date 02/02/2008
Approval GN
1.0
Purpose: This document establishes how to process Red Alerts.
2.0 1) Red Alert team
Persons
Affected:
3.0 1) Printable version: tpfs1nwworkflow$HANDBOOK-FRAUDPrint
Forms, VersionsFraud Handbook5.2.1 Red Alerts.doc
Checklists,
Flowchart:
4.0 1) Fraud Red Alerts are designed to detect fraud in a timely manner.
Policy: Certain player actions will trigger an alert for us to investigate.
2) Alerts are any trigger for new deposits at this time.
3) It is the responsibility of the Red Alerts (RA) team on each shift to
make sure that all players are analyzed and not left for the next shift to
handle.
4) The deposit report lists new players that have deposited $500 or more
over a three day threshold.
Day 1: Player deposits $200
Day 2: Player deposits $100
Day 3: Player deposits $300
The Player ID will not show up in the report on Day 1 or Day
2 since the cumulative deposit is under $500.
The Player ID will show up on Day 3 or Day 4 (depending on
the time of deposit), since the cumulative deposit is over
$500.
5) Red Alerts are processed during Morning and Grave.
6) If you need to communicate anything to the RA team, send an email to
<redalerts@tiltproof.ca>.
2. Tiltproof Incorporated
5.0 A) Run the Deposits Report
Procedure:
1) Open Command Prompt from your desktop.
2) Type “deposits”
3) Press “Enter” and the report will start running, taking about 1.5 hours
On Grave, you can start running the report as soon as you
start your shift
On Morning, start running the report between 9:30 AM and
10 AM
4) Type “deposits.txt” in the Command Prompt window once it’s finished
to bring up the report
It can also be found in [C:FT_Toolsdeposits]
B) Red Alerts Excel Workbook
1) Open [S:JEFF SAVERYRed Alerts]
2) Select the appropriate year
3) Select the appropriate month
4) Open Red Alert Daily Log.xls
5) Select the appropriate date from the tab at the bottom of the spreadsheet
6) Adjust the Excel Security Settings in order to be able to use Macros
a) Select “Tools”
b) Select “Macros”
c) Select “Security”
d) Under the “Security Level” tab select “Medium”
e) When you open the spreadsheet select “Enable Macros” when
prompted
7) Open the Deposits Report from the Command Prompt or
[C:FT_Toolsdeposits]
8) Type CTRL+A
9) Type CTRL+C
10) Go to the correct RA spreadsheet
11) Select "Transfer Data" in the top left hand corner
The "Transfer Data" program will transfer the Player ID,
name, country, and your username in the appropriate
columns.
12) Select “Search Duplicates”
The “Search Duplicates” program will search for players on
the report that have already been analyzed on a previous
shift.
If you are on Mornings go to the next day’s RA spreadsheet
to ensure that the “Search Duplicates” program will also
search through the players analyzed by Grave
If you are working on Jan 10th RAs, go to Jan 11th and
transfer the data in that spreadsheet
13) Cut and paste the information into the correct spreadsheet
14) Open WAT
3. Tiltproof Incorporated
15) Select a player ID and search for it in WAT
16) Right-click on your mouse and select “Select All” to highlight the
players account, data and labels
17) Type CTRL+C
18) On the Excel spreadsheet, select any cell on the row of the player ID
19) Select “Deposits”
The program will transfer the player’s account status (open,
passed, trapped), the deposit details (for both successful and
failed deposits), and the player’s current monetary and FTP
point balance
C) Analyzing Players for Potential Fraud Red Flags
1) Multiple deposits with different credit cards/payment processor
accounts
2) Multiple successful deposits with the same credit card within minutes of
each other
Fraudulent player is trying to get as much money off the card
as possible
3) Player is from a country in 5.2.12 Fraud Watch List.
4) Player has lost all funds deposited but has a low number of FTP points
Lost $600 balance and only has 30 FTP points
5) Run a know100 if a player appears suspicious
a) The player logs in from a different county than the one stated on
their account
Player’s address is listed as the US, but logins are from
France
b) A player that has changed their name
c) Chip dumping, usually to other players with a low number of
logins
d) Deposits with stolen credit cards or accounts, and money losses
quickly to non-fraudulent players
e) Serial relationship with other fraudulent players
D) Processing Fraudulent Players
1) Trap the account
2) Notate the account “TRP: This player is under
investigation as a possible member of a fraud ring. Sent
to Jeff for review. DO NOT RE-OPEN until all
investigations are complete.”
3) Trap players that are serial related, have received chip dumped funds
and/or p2ps from the fraudulent player
4) Ask a team lead to trap the serials used by the fraudulent player/s
5) In the RA spreadsheet, change the player’s status to “Trapped” and
write a short description on why the player was trapped in the
“Comments” column
6) Send an email to < fraudoperations@fulltiltpoker.com >
Subject: trapped Player ID/s
4. Tiltproof Incorporated
Content: explanation of why accounts are trapped
Attach: Players’ Know100s
E) Finalize the Work
1) Save your work and make sure that you have entered it in the correct
spreadsheet
2) Make sure that you have analyzed all players except duplicates
6.0
Definitions:
7.0 Feb 02/08
Revision Policy – New Fraud Watch List location
History: