Walmart Anti-fraud check of payments
Detecting and combating fraudulent transactions is one of the key tasks of all international payment systems. The security of online payment transactions is monitored by many systems at different levels and stages of the payment process.
International payment systems Visa and MasterCard are the largest financial organizations that coordinate payment flows in the world. They develop and implement technologies, set and recommend card security standards, continuously supplementing them.
Antifraud systems (from the English "fraud") of various acquiring banks, thanks to the integrated control and exchange of data with other banks, expose hundreds of criminal, fraudulent groups operating in different countries of the world and committing crimes using payment cards. Monitoring and anti-fraud control is carried out in automatic and manual modes.
Walmart is interested in providing the highest quality services to service your travel, however, it cannot influence the decisions of payment systems. In accordance with the Anti-Fraud Policy, we comply with all necessary anti-fraud requirements. Like any other organization that accepts payments, especially in the e-commerce sector, our service tries to reduce risks and ensure control over the movement of accepted funds, the earliest possible detection of signs of fraud and prompt response to any suspicious cases.
Typical reasons when a transaction can be considered suspicious by anti-fraud filters:
- Online payment is not made in the country where the payer's bank card is issued.
- The card is on the “black list” of anti-fraud systems.
- The payment system has blocked the acceptance of cards issued in certain countries. As a rule, these are some countries in Asia, Africa, Latin America and others, where, according to international statistical reports, the maximum number of risks and crimes with bank cards is recorded.
- Other reasons why a bank card may not be accepted for payment.
How do various anti-fraud systems respond to suspicious cases:
- after entering the card data, the card is automatically blocked by anti-fraud filters if it does not meet the settings. The reason for the error usually appears on the screen;
- the payment system blocks the payment attempt without explaining the reasons for the suspicions;
- sends an email to the payer with a request to document the ownership of the card specified during payment;
- invites the payer to go through a simple online check to make sure that he really is the owner of the bank card.
The first filter is black and white lists. Whitelisting contains information on transactions that the system accepts without fail. In black - information about fraudsters, their accounts, as well as signs that allow you to identify fraudulent transactions.
After the black and white lists have worked, the transaction enters the rules system, which reveals uncharacteristic parameters. Let me give you an example: a person always paid a certain amount for utilities, and suddenly the payment increased tenfold. Our system will detect this thanks to the built-in rules engine. Another example of uncharacteristic behavior is that a person starts withdrawing money very abruptly. If his usual limit was, say, $ 10,000, and at one point he cashes out one and a half million, this is a reason to contact him and find out if he is accurately withdrawing money from his account.
Another example is when payments are sent from one account to several places with the same amount at once. The transfer of small amounts of money to many different accounts can also be a sign of fraud. Such operations raise suspicions in the anti-fraud system. They are recorded, processed and transmitted to the operator, who receives data on who conducts transactions, to which accounts and what the purpose of the payment is. This helps in making a decision.
If the transaction went through white and black lists, as well as the rules mechanism, and the system could not decide that the transaction was legitimate, then such a controversial issue is forwarded to the operator. The operator begins to find out whether the transaction is really legitimate, whether it can be passed.
Detection of common types of online fraud with antifraud system in Walmart:
New account
By accurately distinguishing between legitimate and high-risk customer account registrations, Walmart can selectively apply additional actions or verification operations based on assessed risks. For example, during the customer account registration workflow, the system requires you to perform additional steps to verify the email address and phone number only when registering accounts for which there are signs of a high level of risk.
Do not register an account with IP addresses (soсks) and vpn that are blacklisted. Before registering, check the purity of your account in online services. Register an email under the name of the cardholder, in the account itself, enter the cardholder data. Pick a valid soсks or RDP for the address (city) of the card holder.
If possible, purchase ready-made "old" accounts from verified log sellers.
Online transactions
Reduce your chances of detecting online payment fraud by avoiding suspicious online transactions during payment processing and order fulfillment. The anti-fraud system evaluates new orders and marks suspicious orders, which it checks before processing payments.
Payment for goods using guest accounts
Identify potential fraudsters even among customers who do not have a transaction log. The service assesses the risk of potential fraud and decides what needs to be done: accept the order, check it or collect additional information about the customer.
To bypass the protection, do not rush to place an order, but "warm up" the store the longer the better. Climb on it for a long time, type cookies. Read product descriptions. Behave like a good user and interested customer so as not to arouse suspicion.
Online service and misuse of the loyalty program
The system identifies accounts with a high likelihood of misuse of online services, such as loyalty programs or try-before-buy programs, which send clothes and accessories to customers before receiving payments. The system assesses the risk of software abuse by the client, for example, through theft of goods or illegal returns. This allows them to limit risks by introducing appropriate restrictions on the cost of the goods or services provided.
Register a Facebook account in the name of the cardholder, get cookies, do not leave it and do not close the browser window when visiting the Walmart store and paying.
Go to the store strictly from Google, before these visit other sites.
Inside the antifraud itself, in fact, there are quite simple columnar things, there are a lot of tasks for data aggregation. Here's what's going on in the system:
- ip
- fingerprint
- BIN bank
- Merchant ID
- card token
Anti-fraud systems can have the following technologies and capabilities in their arsenal:
Text analytics that is performed using search technologies, content categorization, and entity extraction.
The calculation of statistical parameters, which is used to identify deviations that could indicate fraud.
Network analytics, which is used to identify connections, identify patterns.
Gap testing is about finding any missing elements in the serial data where they shouldn't be.
Login Date Confirmation is used to assess inappropriate or suspicious times for posting or entering information.
Supervised machine learning based on historical data to identify specific patterns.
Unsupervised learning, which involves analyzing and evaluating data that does not contain information about the identified fraud. Used to detect new anomalies.
What filters are there?
I give examples of processing center filters - depending on the system developer, they may be different:
Filter validators. An example is a validator of bank card details. Already in the process of entering on the payment form, the card number is checked by the system according to the Luna algorithm - so the system can understand that the buyer has not sealed it, and the card number entered on the payment form is correct.
Geographic filters. For example, by country of IP addresses. Statistics show that some African countries have a high level of skimming and card compromise, and as a result, payments made from these countries are highly likely to be fraudulent.
Stop-list filters. Example: stoplist of bank cards. If the system receives the data of a card on which payments have already been made marked "fraud", or the cardholder has notified the issuing bank about the compromise of its data, such a card is included in the stop list - the system knows that transactions cannot be skipped on it, since they will turn out to be fraudulent.
Filters matching (coincidence) parameters. Example: matching the country of the payer's IP address and the country of the bank card issuer. If the payment is made from a country other than the country where the card was issued, and the cardholder did not warn the bank in advance about his travels, there is a possibility that the card details were stolen and used by carders.
Authorization limit filters. For example, the limit on the amount of one transaction, the number of authorization attempts from one IP address or from one bank card. To protect both the payer and other participants in the online payment process, there are restrictions on the number and amount of payments made during the day or other period. For some types of business, a particularly large payment, if it turns out to be fraudulent, when returned, can significantly impact profits.
In total, the system can include hundreds of different filters, and the more a business area is susceptible to fraudulent actions, the more filters are turned on and the more subtle each of them is configured for a specific online store or online service.
How the antifraud system works in real conditions
We propose to consider the principle of anti-fraudulent activities using the example of specific solutions used all over the world. They are aimed at protecting the interests of not only users or financial companies, but also the state - reducing the likelihood of money laundering. It is difficult to bypass antifraud - it is not always within the power of even experienced hackers (provided a well-developed system).
The functional components of anti-fraud monitoring are:
Data storage. Systems store a huge amount of important data - this is complete information about each client and his operations, general information about the data structure in the institution, the history of notifications about previously noticed suspicious transactions, various rules.
Scripts. Each scenario is a model of a particular situation to which the system must react in a certain way. Initially, each anti-fraud already contains a database of ready-made scripts, but employees can add their own. They are based on individual events or their entire chains, as well as options for the client's behavior (for example, the mobile number linked to the card was changed, and immediately a large amount was withdrawn from the acc - suspicious).
Proceedings. If, for some reason, a transaction appeared to the system to be unreliable, this does not mean that it will be immediately blocked. Disputes are referred to employees for investigation (as a rule, the bank has a special department for this purpose). During the investigation, information about the client and his transactions is studied in detail, about the specific case under consideration. The system can also provide guesses about possibly related events (for example, several merchants of prohibited goods use the accounts of the same bank). The employee has the authority to mark the operation as false, the anti-fraud will remember this and will take it into account in the future.
Analytics using the built-in engine. This operation is hidden from the user, but for work it is extremely important. The engine processes data arrays, detecting on their basis even such fraudulent schemes, the scenarios of which have not been recorded anywhere at the moment. At the same time, natural language analysis and numerical methods are used. And yet, the final result should still be analyzed by the bank's employees - so far there is nowhere without the human factor.
