We ardently wish that card fraud didn’t exist. Unfortunately, there are bad actors who look for vulnerabilities to exploit to commit fraud. Staff education and implementing comprehensive monitoring tools are key to protecting members. Synergent is pleased connect credit unions with tools like Risk Office and Tranblocker to monitor and reduce fraud.
“Card based fraud is constantly evolving with perpetrators becoming more savvy each time they obtain cardholder data,” stated Rebekah Higgins, Synergent’s Payment and Fraud Consultant. “While it is difficult to stay in front of them, the suite of fraud monitoring tools available to our credit unions, especially the services offered via Risk Office and TranBlocker, allow credit unions to stay close in step to minimize fraud losses. By leveraging these tools effectively and efficiently, credit unions have the ability to maintain the ever important balance of declining fraudulent activity while also recognizing legitimate cardholder transactions to be approved.”
Credit unions who use Risk OfficeSM leverage this tool as both an investigative and consultative service to help identify and prevent card fraud. It blends automated monitoring tools with expert risk analysts to help protect members by promptly detecting and responding to potentially fraudulent activity. Risk Office complements other risk tools, such as EMV and tokenization, ultimately reducing card fraud exposure and loss of fee income.
TranBlocker is a card risk mitigation tool that complements Risk Office. It is web-based and enables credit unions to create rules to block card transactions that could be fraudulent. TranBlocker can be combined with EnFact to automatically create a case for any denied transaction to ensure the cardholder is promptly contacted about any suspect transactions on their card.
Best Practices Update: TranBlocker for International Travelers
In order to stay ahead of constantly evolving fraud trends, TranBlocker is regularly updated and new guidelines are released for users to make the most of this valuable tool. Recently, the best practices for using the Tranblocker application for cardholders traveling internationally were updated, focusing on country, Merchant Category Code (MCC), and Merchant Identifier (MID) blocking to mitigate fraud losses. The updated guidelines include the following:
1. Rule Additions & Modifications
Any rule additions and modifications you make will take effect nearly immediately.
2. TranBlocker Rules: Pre-Authorization Messages
TranBlocker rules apply only to pre-authorization transaction messages (110, 210, etc.). They do not apply to forced posts or completions.
3. Cardbase/Card Class/BIN-Level Rules
Cardbase, Card Class, and BIN-level rules will apply if there is no exception rule on the card number in the authorization request. This exception can be EnFact, TranBlocker, or on the Exemptions page in the Card Management record.
4. Traveling Cardholder Exemptions
When placing an exemption for a cardholder who will be traveling, avoid opening up ‘All International’ since that will open up all risky countries. Instead, create a ‘dummy’ rule consisting of up to 200 risky countries set to deny, apply it to that card number, then open the specific country or countries where the card will be used.
You may find better options using the Card Management – Exemptions page. Card Management lets you define countries as well as states the cardholder will be traveling to. Once these are set, TranBlocker will ignore its country rules while still applying the MID and MCC rules. If specific transaction types need to be defined, you’ll need to set your cardholder exemption rule in TranBlocker and Card Management for EnFact. Avoid adding the United States to any BIN-level rules.
5. Adding or Changing a Country, MCC, or MID
When adding or changing a country, MCC, or MID, use the EDIT function, not the ‘Add Rule’ function. ‘Add Rule’ should only be used when you are adding a new BIN rule. If you do not use edit, you will be placing an entirely new rule and most likely NOT removing a country, MCC or MID.
6. Rule Components
There are seven different transaction types that can be blocked.
- ATM PIN’d – a PIN’d transaction at an ATM
- ATM PIN-less – a PINless transaction that shows “ATM” in the transaction source column of Transaction Journal
- POS PIN’d – a swiped or EMV (chip) purchase with a PIN
- POS PIN-less – a swiped or EMV (chip) purchase without a PIN
- POS PIN-less Manual – a card-not-swiped transaction where the card information is keyed into the terminal. These include transactions that are automatic recurring such as utility, phone, and gym membership purchases; mail order and telephone order (MOTO) purchases; and transactions where a merchant keys in the card information.
- eCommerce Verified – a 3D Secure internet purchase (Visa Secure or Mastercard Identity Check, formerly known as Verified by Visa and Mastercard SecureCode)
- eCommerce Unverified – a non-3D Secure internet purchase
7. Adding a Country Rule
Perform the following steps to add a country rule in TranBlocker for a cardholder:
- Login to client-central.com.
- Open the TranBlocker application.
- Enter client logo and click Continue.
- Ensure Search Criteria is set to Current/Future Rules and Additional Search Criteria is set to All.
- Select Search.
- A listing of all rules will display both on the Cardbase and for specific cardholders.
- Highlight the Cardbase rule and select View Rule button.
- Verify under the Country section if client is set to either International or has individual countries listed.
- At top of the page, select Transaction Blocking tab.
If Cardbase rule shows individually listed countries:
- Highlight the Cardbase rule and select Copy Rule button
- Click on the Details tab
- Change the Type from Cardbase to Card Number
- Uncheck the box titled Non-Expiring under the Expiration Date field and enter requested expiration date in MM/DD/YYYY format
- In the card Number field, enter the cardholders full card number
- Ensure the field titled Exception is No and click OK
- Select the Country tab
- Locate country(s) cardholder will be traveling or making purchase through
- Determine what specific transaction type the cardholder will be allowed to perform and select OK
- Continue (C) will allow transaction, Deny (D) will decline the transaction
- Click OK and Save to complete
If Cardbase rule shows country rule as International:
- Locate the “dummy” rule created for cardholders. (If you don’t have a dummy rule, see the below instructions on how to create one.)
- To create a ‘dummy rule’, please see the instructions below.
- Once the ‘dummy rule’ is selected, click Copy Rule.
- Select the Details tab.
- Add cardholder full card number.
- Un-check the box titled Non-Expiring under the Expiration Date field and enter requested expiration date in MM/DD/YYYY format.
- Ensure the field titled Exception is No and click OK.
- Select the Country tab.
- Locate country(s) cardholder will be traveling or making purchases through.
- Determine what specific transaction type the cardholder will be allowed to perform and select OK.
- Continue will allow transaction, Deny will decline the transaction.
- Click Save.
8. Creating a Dummy Card Number Rule
Perform the following steps to create a dummy card number rule in TranBlocker:
- Log in to client-central.com
- Select the TranBlocker application
- Choose client logo and click Continue
- On Transaction Blocking tab click Search (current rules will be displayed)
- Highlight the Cardbase Rule
- Click on Copy Rule
- Go to the Details tab
- Under Rule Description select:
- Type: Card Number
- Expiration Date: Non-Expiring
- Card Number: after BIN, enter 10 9’s (i.e. 4321909999999999)
- Exception: No
- Click OK
- Under Country tab, click Add / Delete Countries button:
- Click Countries radio button and choose from Available Countries list (up to a maximum of 200)
IMPORTANT: Risk Office recommended countries list is attached. If a dummy rule currently exists, we recommend adding any countries on the list that may not be in your current dummy rule. For Risk Office clients, please consult your risk analyst before making any changes; your dummy rule is likely adjusted to your FI and may not need changes.
- Click Continue
- Determine what specific transaction type to allow/deny and select Continue
- No Action: allow transaction
- Deny: decline the transaction
- Click OK
- Click Save
9. Rule Component Actions
Because transactions are being scored in real time, the only TranBlocker action you need is ‘deny.’ Anything not set to ‘deny’ will be routed to EnFact for scoring in real time.
If you have any questions about the updated best practices outlined here, please contact Customer Service, or email CustomerService@synergentcorp.com.