Fraud Strategy Fundamentals - Fraud Library

The Fraud Practice eCommerce Fraud Consulting Services

In this section I will discuss some basics of strategy design to get you started. Saying that, lets talk about the basics of strategy design. There are five major phases of a strategy: Pre-screen, Payment, Post-screen, Review and Accounting. Each phase has distinct goals and techniques that can be used to accomplish those goals.

Enter your search terms Submit search form

Web www.fraudpractice.com

Don't assume anything ...

  In this section I will discuss some basics of strategy design to get you started. Saying that, lets talk about the basics of strategy design. There are five major phases of a strategy: Pre-screen, Payment, Post-screen, Review and Accounting. Each phase has distinct goals and techniques that can be used to accomplish those goals. 

The purpose of breaking the business process into phases is to make you look at your business process in terms of goals. For each phase there is a definitive goal of what you want to achieve. By looking at the business process in this fashion, you can look at new fraud techniques and more quickly envision where they fit into your strategy. 

          The pre-screen phase is used to review an order’s information to determine acceptance criteria. This phase is typically automated, and it conducts rules and checks to attempt to completely rule out orders you will not do business with regardless of any other checks. In the pre-screen phase you are trying to weed out orders, with the intent of saving time and money. Why process authorizations or other fraud-prevention checks on an order if you know you won’t take the order regardless of the outcome? Examples of orders being cut out here are those that are international, when the company only does business in the USA, or the rejecting of an order because the order contains data on your internal hot list.

In the payment phase you are conducting the processes and checks required to accept an order. This includes getting an authorization, address verification information and card security check data.

The post-screen phase is where you perform your advanced reviews on orders that have passed the pre-screen and payment phases. This includes using business logic as well as advanced fraud-prevention techniques. Typically the first thing you want to check in this phase is the positive list to see if you can automatically pass all other tests.

The review phase includes all of the post-screening checks you do to attempt to catch fraud or to convert orders. This phase is a manual phase, and can be as simple as doing spot checks on orders to having review queues and manual sorting.

The accounting phase starts once an order has been fully accepted and lasts until 12 months after the sale. This includes processing credits, settlements, reauthorizations, charge-backs and tuning of the overall fraud-prevention strategy.

Typically the pre-screen, payment and post-screen phases are automated and occur in real-time. The review and accounting phases will make use of automation tools but are mainly manual processes.  

Designing a Strategy Based on Risk Exposure  

One approach to designing a strategy is looking at the level of risk your company is exposed to. The higher your risk, the more you will rely on fraud-prevention techniques and the more extensive the checks will have to be.

For some merchants the level of risk they are exposed to is so small that the standard address verification and card security schemes offered by the credit card associations will be more than enough. For example the education, utilities and government sectors can reach out and touch their consumers, de-frauding them is much more unlikely. Not that it doesn’t happen — it’s just not that high of a concern.

The following chart provides a break out of fraud-prevention techniques by the level of risk a merchant is exposed to. View the three levels of risk and determine which category you fall into. In looking at the characteristics, they are not meant to be all-inclusive — you may only meet one or two of the criteria listed. These characteristics are meant to form a guide to determine the level of risk you may be exposed to.

Property of The Fraud Practice, all rights reserved, no unauthorized duplication, reproduction or distribution without the express written permission of The Fraud Practice.