Along with the convenience of making purchases online comes eCommerce fraud. Unfortunately, the United States leads the world in this type of fraud, representing 33.6% of global losses in 2019 alone. Global losses are projected to increase to $38.5 billion by 2027.
“Preventing fraud at the credit union level, before the member is impacted directly, is always the goal,” explained Rebekah Higgins, Vice President of Payments. “At Synergent, we monitor fraud carefully. Helping credit unions understand the different types of fraud happening, set strategies, and put tools in place to mitigate fraud loss is always our goal.”
In the first three quarters of 2022 alone, the Federal Trade Commission reported receiving 162,985 fraud reports for credit card, debit card and payment app or service methods, totaling $432.3 million in losses. While this accounts for all types of fraud, a portion of this can be attributed to BIN attacks.
“Working with credit unions across the country allows us to see various trends happening in different geographic areas,” continued Higgins. “While we monitor trade statistics carefully, we also have a unique vantage point to see hot spots in one area that we then can inform all our credit union customers of to help prevent further fraudulent activity. It’s not just having the technology in place. Awareness is a huge piece of preventing fraud and really is the first step.”
What Is a BIN Attack?
BIN stands for Bank Identification Number and it typically is the first four to eight digits of a credit or debit card number. In a BIN attack—which is a type of card not present fraud—fraudsters start from a known BIN to test a partial credit card number to determine the rest of the card number. This is often done using a bot, then the fraudsters test the full number to make small, insignificant purchases through a website that are not easily detectable. Once complete card numbers are identified, they are used on larger purchases. Smaller businesses are most at-risk for these types of attacks as they may not have awareness or the right fraud prevention tools in place.
Proactive Steps to Prevent BIN Attacks
There are steps you can take at your credit union to help prevent BIN attacks and minimize fraud losses:
1. Leverage Your Technology
Ensuring your safeguards are implemented and current is a key step to preventing BIN attacks. Firewalls, time-out detection, and implementing a CAPTCHA are all preventive measures you can take. Setting transaction limits, whether for dollar amounts or the number of transactions conducted within a set timeframe, is also a practical step to take. Card velocity rules also can be put into place to monitor merchant sales volumes and halt transactions when time is needed to investigate potential fraud.
2. Note Irregular Transactions Promptly
If multiple daily transactions are declined, this can be a red flag for a BIN attack. Monitor for criteria such as an unusual number of card declines, small transactions, multiple purchases completed in a small timeframe, incorrect expiration date or CVV code entries, or unexpected charges from outside of the country.
3. Empower Your Members
Card controls can be managed by members directly from their phone or other connected device. They can easily track and visualize spending to see where and how their card is being used, can set their own card controls and alerts, and, if concerned, can immediately turn their card “off” while they contact your credit union. Providing tools like CardHub is one step, but launching a member education onboarding or reboarding campaign on how to use the tools available and what to watch for is another.
4. Vary Your Account Numbers and Expiration Dates
Ensuring account numbers are not following a regular pattern and setting varied expiration dates are great ways to throw off fraudsters and automated software that generates card numbers.
5. Complete a Fraud Consultation
Synergent has in-house experts available to our credit union partners. Consultations can review fraud prevention tools already in place at your credit union, opportunities that exist for further fraud prevention, and steps to take to implement a plan for staff to follow.
Contact us today with any questions and to schedule your fraud consultation.