Fraud Scoring Systems- Are They Outdated Part Two

In this part I will also examine what takes place when card information is used and systems fail to recognize the obvious.

Every merchant or company that accepts payments by way of the mentioned methods of Credit Cards, Debt Cards, Mobile Payments, and other similar payment methods are assigned into a Merchant Category Code also know as an MCC number. This allows financial institutions to control what type of merchants and products they will accept payments from. Online gaming, which is illegal in the US, has an MCC code of 7995. This allows all US credit card companies to block all transactions from taking place by stopping all transactions that are attempt from merchants assigned to this MCC code. Credit card companies can block other MCC codes for a variety of reasons.

Credit Card companies and credit card issuers place certain risk factors on the various MCC codes. This is done to protect all parties involved from some losses that could take place. Looking at two MCC codes assigned to merchants and companies who provide the same product but in slightly different manner. MCC code 5541 is assigned to Service Stations that dispense fuel and may have stores where goods or services can be purchased. MCC 5542 is assigned to the same or similar merchant or companies that utilize Automated Fuel Dispensers. MCC 5542 will be used if you pay at the pump and MCC 5541 will be used to recognize the transaction as being used inside the store and a point of sale device being used.

Because there is a greater risk of losses for MCC 5542 the Credit Card Company or financial institutions view the fraud scoring of these transactions differently, or at least the should. I have read reports over the years that cards have been attempted to be used at the pump and when they were rejected they were just dropped on the ground. Some reports have listed dozens of cards that were either stolen or cloned being attempted then discarded when it was rejected.

One case study I performed showed several cards had been subject to skimming. After the people checked out of their hotel the cards were used at several pay at the pump sites to steal over fifty thousand dollars ($50,000.00) in fuel over a long four day weekend. This was done by using modified fuel containers. The difficult thing to understand in this case was, these cardholders did not live in the state the cards were being used in. The cards had never been previously used for the MCC 5542 code, automated fuel purchase, and as many as five pumps were authorized within 3 minutes at one station, with a single card. Somewhere in the required steps to validate the card for these purchases one of the fraud scoring systems should have “recognized” a potential problem.

When a party uses a piece of financial information to complete a financial transaction  by utilizing a credit card, debt card, the new mobile payment method, or any of the multiple ways companies accept payment for their goods or services certain events take place to authorize the payment method. Examine a Credit Card, Debit card or Mobile payment transaction. The information is captured from the item being used to make payment. The captured information is transmitted to that merchants’ or companies payment processor. The payment processor in turn transmits the information to the financial institution or credit card association for validation of the card information.  Because a number of parties are involved in the acceptance and approval process for transactions like the ones above it is difficult for cardholders to understand how or why several transactions were allowed to be completed using their financial information.

Losses like the above example take place everyday. This is one of the reasons I believe the current fraud scoring systems need new ways to recognize and fight fraud. Tomorrow I will examine what some of these tools could be.

Al Cameron

612-367-7679