Velocity Checks and Fraud Prevention

Payment fraud often involves large-scale, coordinated operations rather than the sporadic actions of lone fraudsters. These frauds exploit stolen debit and credit card information quickly to avoid detection, particularly on e-commerce platforms. Such fraudulent activities result in financial losses and harm the business’s reputation. For merchants processing online payments, implementing velocity checks is crucial. These checks monitor transaction frequency within a specific timeframe to thwart fraudsters’ quick exploitation tactics. This strategy effectively helps prevent various types of online payment fraud, protecting both profits and business integrity.

Understanding Credit Card Fraud Dynamics

Fraudulent activity on eCommerce websites often involves unauthorized purchase attempts by individuals engaged in credit card fraud. These fraudsters usually obtain credit card information from accomplices, including valid and invalid details. To verify the authenticity of the data, fraudsters typically test each card number on an eCommerce site.

If a transaction is declined, it likely indicates incorrect card information. Conversely, successful transactions confirm the validity of the card data, which fraudsters might then use for further illicit purchases. This risk persists until the legitimate card owner detects the unauthorized activity.

When multiple cards are tested and used for fraudulent transactions, the eCommerce site may face increased chargebacks, thus incurring potential financial liabilities.

To combat such threats, merchants can employ velocity checks, which effectively identify and prevent fraudulent transactions.

What Are Velocity Checks?

Velocity checks, also known as “velocity limits,” are essential tools for eCommerce merchants in the fight against fraud. This system helps detect potential fraud by monitoring how frequently a buyer submits multiple transactions.

Fraudsters often obtain card numbers that might be invalid and engage in a “testing” phase, repeatedly attempting transactions to verify the validity of the card information. A declined transaction signals invalid card details, while an accepted transaction confirms the card’s validity, providing a brief window to misuse the data before the cardholder notices the unauthorized activity.

Once a valid card number is confirmed, fraudsters typically try to maximize the credit available by processing numerous transactions, often leading to significant financial loss through stolen information and resultant chargebacks for the merchant.

Velocity checks are designed to examine transaction details closely, and flag repeated submissions of the same data within a set period. This helps identify suspicious activities, such as card testing or multiple unauthorized transactions, safeguarding merchants from financial repercussions like chargebacks, additional costs, and lost revenue.

The system analyzes customer data across various parameters, including:

• Email Address
• Device Information
• First and Last Name
• Billing Address
• IP Address
• Card Number
• Shipping Address

These data points are integrated into a complex algorithm that identifies behavior patterns by comparing them against historical data within a specific timeframe. For example, if a customer’s current buying pattern suddenly includes a burst of transactions that deviates from their usual behavior, the velocity-checking system flags these transactions as potentially fraudulent. This proactive approach allows merchants to manage risk and effectively protect their business from fraudsters.

Examples of Velocity Checks

The application of velocity checks varies based on business type. Essentially, any piece of data that raises suspicion when it recurs across different customers warrants monitoring. Identifying the correct indicators of potential fraud is crucial.

Velocity checks are an essential tool for businesses to monitor and detect fraudulent activities. Such checks typically involve three crucial elements: the quantity, the specific data element, and the timeframe.

For example, a velocity check may include questions like: How much total amount has a customer spent in the last 24 hours? How many transactions has a customer completed in the last 24 hours? How many orders have been made using the same credit card number but different shipping addresses within the last 24 hours? How many transactions have originated from a single device in the past 24 hours? How many billing zip codes have customers used with their loyalty cards in the past 30 days? How many transactions have come from the same IP address in the last 24 hours?

The three critical variables are evident in each instance. The checks start with a question about the number or total of a particular data element. This is followed by specifying the monitored data element, which could range from individual customer transactions, transaction amounts, device IDs, credit card numbers, shipping addresses, and IP addresses to billing zip codes and customer loyalty cards.

Lastly, the timeframe for these checks is outlined. Merchants must tailor the timeframe of their velocity checks to align with their specific business practices. Some businesses may consider frequent transactions from a single customer in a day as normal, while it could signal fraudulent activities for others. Hence, it is essential to customize the timeframe of velocity checks to match the specific practices of the business.

Types of Velocity Checks

Velocity limits can be set based on two key indicators:

• Credit Card Velocity Checks: These checks monitor the usage of a credit card over a defined period. The system is configured to detect and flag any unusually high transaction volume associated with a specific credit card, helping to identify potential fraudulent activity.
• IP-Based Velocity Checks: This approach involves tracking the number of access attempts made from a specific IP address within a given timeframe. The system can identify and alert multiple submissions from the same IP address, which may indicate fraudulent or automated attempts.

What are Velocity Rules?

Velocity rules are conditional expressions that analyze data fields by comparing them with values, percentages, or other fields across specified time periods. These rules are instrumental in detecting unusual user activities, such as atypical behavior patterns or shifts in usage habits. For instance, a velocity rule might analyze aggregated values or a series of values within a designated timeframe or across multiple repeating timeframes.

Constructed from specific data points and time intervals, velocity rules can be summarized by the formula: “If X occurs within Y timeframe, then do Z.” For example, a rule might adjust the price of a product in response to the speed of its sales. Payment service providers leverage these rules to monitor and assess user behavior during purchase attempts on a website. They implement these rules in real time before processing the transaction with a bank, aiming to reduce the risk of fraudulent activities.

How Do Velocity Checks Work?

Velocity checks are crucial tools in online fraud prevention. They monitor the frequency and timing of transactions on your site to detect potential fraud.

The key element in velocity checks is time. For instance, a few failed transactions spread over a day or a week may not be worrying, as these could be due to simple errors like incorrect card details or using an expired card. However, multiple attempts within a short period, such as five transactions within 20 minutes, are a red flag that triggers further scrutiny.

Here’s how Velocity Checks Operate:

• Data Point Identification: Using AI and machine learning, velocity checks analyze your historical transaction data, distinguishing between normal and suspicious behaviors. This helps the system learn which patterns are likely to be fraudulent.
• Creation of Velocity Rules: Based on this data, velocity rules are formulated. These rules are conditional statements that link specific actions to be taken if certain activities occur within a predefined time frame—for example, “if X number of transactions happen within Y minutes, then take action Z.”
• Rule Application: Your payment service provider, such as Checkout.com, integrates these velocity rules into their fraud detection systems. These systems continuously monitor transactions, applying the rules to each transaction in an attempt to evaluate potential fraud instantly.
• Responsive Actions: When a transaction meets the criteria set by a velocity rule, predefined actions are triggered. These might include requiring the user to re-verify their identity, assigning a higher risk score to the transaction, or even blocking the transaction entirely.
• Continuous Optimization: The effectiveness of velocity checks can be enhanced over time by adjusting rules based on evolving insights and your business’s unique needs, ensuring that your fraud prevention measures remain robust and responsive.

Velocity checks also use IP addresses to circumvent fraudsters who use multiple accounts or cards to avoid detection. This allows them to assess not just the user or the card information but also the device and location, offering a more comprehensive approach to detecting and preventing fraud.

How Does Velocity Checking Reduce Fraud and Chargebacks?

• Comprehensive Data Monitoring:

Velocity checking extends beyond simply tracking multiple orders from the same account. It scrutinizes various transaction data elements, such as IP addresses, device signatures, and billing and shipping addresses. This wide-ranging monitoring helps identify discrepancies and unusual patterns that could indicate fraudulent activity.

• Detection Across Multiple Data Points:

By analyzing multiple data points, velocity checks can more effectively spot fraud. For example, tracking IP addresses can reveal if multiple cards or accounts are being operated from a single computer, even if fraudsters use technologies like VPNs to disguise their activities. Device signatures and shipping addresses provide additional layers of security, catching fraudsters who might manipulate only one aspect of their transaction data.

• Enhanced Fraud Filters and Manual Review:

Velocity-checking tools help refine fraud filters and identify suspicious orders for manual review. Suppose a regular customer’s order suddenly comes from an unusual IP address or a new shipping location. In that case, the system can flag this for immediate verification, allowing for proactive fraud prevention without the need for multiple suspicious transactions.

• Reducing Chargebacks with Immediate Verification:

When suspicious activity is detected, contacting customers directly for verification can prevent chargebacks. If done promptly, this verification process reassures customers about the security measures in place, potentially enhancing their trust and satisfaction.

• Balancing False Positives:

While velocity checking is a potent tool against fraud, it carries the risk of false positives—legitimate orders mistakenly flagged as suspicious. To mitigate this, merchants need to closely monitor their anti-fraud systems, adjust settings as necessary and have quick processes for verifying flagged orders. This minimizes customer inconvenience and avoids lost sales due to delays in order processing.

• Customer Relations:

Effective communication is crucial when an order is flagged. Promptly contacting customers through their verified contact information for confirmation can prevent a chargeback and demonstrate the merchant’s commitment to protecting their customers. This often results in positive customer perception of the merchant’s fraud prevention diligence.

Why are Velocity Checks Important?

Velocity checks are highly adaptable measures that allow you to customize the fraud indicators most relevant to your business needs. These checks enable you to determine how to respond to each scenario effectively. Using these controls correctly can significantly improve your understanding of fraudster behaviors and establish a benchmark for countering friendly fraud.

Velocity checks are particularly useful in identifying various types of threats, including:

• Account takeover fraud: This occurs when a criminal accesses a legitimate cardholder’s account and uses it for unauthorized purchases, withdrawals, or to change account information. When an activity reaches a predefined threshold under a velocity rule, it triggers an identity verification requirement, reducing the potential for a successful account takeover.
• Synthetic identity fraud: In this type of fraud, a fraudster mixes real and fabricated details to create a new identity. This identity is then used to open fraudulent accounts or make purchases. Velocity checks help by marking suspicious accounts as high-risk, thereby mitigating the impact of synthetic identity fraud on your business.
• Card testing fraud: This fraud involves a fraudster using multiple attempts to validate stolen card information through small transactions. Velocity checks are effective here as they can detect and alert to excessive or repeated transactions from a single card or IP address, helping to prevent further misuse.
• Bots and bot farms: Bots are automated scripts or software programmed to perform repetitive tasks online, such as clicking or generating IP addresses. A bot farm aggregates multiple bots, often controlled via a central device, and can consist of numerous smartphones or tablets. These farms complicate distinguishing between legitimate users and automated systems, but identifying activity patterns can help mitigate their effects.

It is important to remember that relying solely on one type of anti-fraud measure is not advisable, as improper deployment of these tools could potentially lead to drawbacks.

Why is a Multi-Layered Approach Required?

Although well-calibrated velocity checks can help prevent fraudulent transactions, it’s impossible to catch every one of them. Employing a single fraud prevention method may discourage some malicious activities, but it cannot eradicate all fraud attempts. This is because fraud is an ever-evolving challenge, with criminals regularly devising new methods and strategies to exploit vulnerabilities in your system and harm your customers.

However, this doesn’t mean that velocity checks are ineffective or unnecessary. Rather, it underscores the importance of not relying solely on them as the only measure of fraud detection.

Relying on a single data point to determine a transaction’s legitimacy is unsafe and can be dangerous. Therefore, it is wise not to rely solely on one type of fraud prevention tool. Instead, it is recommended that velocity checks be integrated with other fraud prevention mechanisms to enhance their effectiveness.

Some tools that can be included in a comprehensive fraud management strategy are CVV Verification, Proxy Piercing, Address Verification Service (AVS), Affiliate Fraud Screening, and Biometrics. These tools should be part of a dynamic fraud scoring system that evaluates each transaction in real-time, providing a data-driven score to assess the risk level of each transaction.

This approach enables automatic rejection of high-risk transactions or manual review on a case-by-case basis, allowing for a more effective fraud management system.

Conclusion

Velocity checks are indispensable in the ongoing battle against payment fraud, particularly in e-commerce. By scrutinizing the frequency and patterns of transactions, these checks offer merchants a proactive defense mechanism against fraudsters’ ever-evolving tactics. By leveraging historical data and sophisticated algorithms, velocity checks can swiftly identify and flag suspicious activities, allowing merchants to take timely action to mitigate risks.

Implementing velocity checks is essential for safeguarding profits and preserving the integrity of online transactions. By monitoring various data points such as IP addresses, device information, and transaction history, merchants can effectively detect and prevent fraudulent activities, reducing the likelihood of financial losses and chargebacks. Moreover, the ability to customize velocity rules enables merchants to tailor fraud detection measures to their specific business needs, further enhancing their efficacy.

However, it’s crucial to recognize that velocity checks are just one comprehensive fraud prevention strategy component. Employing a multi-layered approach that integrates velocity checks with other fraud detection mechanisms such as CVV verification, biometrics, and affiliate fraud screening is paramount. By combining these tools and continuously optimizing fraud prevention measures, merchants can stay one step ahead of fraudsters and protect their businesses and customers from potential harm.

FAQ