Credit Card Risk Management Tool Coming Soon

Banks may soon be able to manage the risk from merchant clients’ credit-card transactions more efficiently with a new software tool being piloted now.

The risk management tool will allow merchants’ banks, also known as acquiring banks, to manage the risk from fraudulent credit card charges over the Internet with a 100-item checklist that analyzes the risk of the transaction at the time it transpires. By pinpointing transactions that look suspicious, banks’ risk management departments can either accept the charge, or prompt the merchant to ask for more information on the customer, or even refuse the transaction.

Although the merchant typically takes the risk for fraudulent transactions when the credit card is not present, such as over the Internet or with mail orders, the bank is also at risk if the merchant can’t pay, goes out of business, or is itself committing the fraud. Although rare, such a scenario can mean much more collateral damage than the more common dishonest credit card customer.

Part of the due diligence a merchant’s bank goes through when opening an account with a merchant is to inspect the store’s physical location. But, a merchant on the Internet may not have a storefront, making those inspections problematic. Such a merchant’s start-up costs are lower, but it might have a higher probability of going out of business, said Ken Musante, manager of Humboldt Bank’s merchant bankcard department.

"We should have lower merchant losses because they should be captured and stopped before the money is paid out to the merchant," Musante said the of new risk management tool, which it is not yet using. The bank piloting the new software could be not be determined by press time.

Authorize.net, a firm that helps banks collect and manage payments over the Internet, will be introducing the net-risk management tool as part of the upgrade to its current server-based software at the spring Internet World trade show in Los Angeles April 14. Humboldt works with Authorize.net and resells the company’s software to merchants. The Eureka, Calif.-based bank is the 27th largest acquiring bank in the U.S., processing roughly $225 million in credit card transactions a month.

The checkpoints in the new software are set by the bank. Several key indicators of fraud have been suggested by banks Authorize.net works with and have been included in the pilot program. Some of the 100 things that can set off red flags include the country the card transaction is coming from–a large amount of credit card fraud comes from Nigeria, for example–or what time of day the transaction happens.

Musante said some of the key checklist points to detect merchant risk are average ticket charges out of line with normal limits, a monthly volume of sales out of character, and credits or returned items that are out of line for the merchant. By estimating the general perimeters of a business, the bank can get a good idea of when suspicious transactions are taking place. For instance, if a retailer usually sells $20-$30 pieces of costume jewelry and charges in the thousands of dollars start showing up, the risk management tool will alert the bank.

Although Musante said it is too early to tell how much money the bank stands to save with the new bank-based fraud detection tool, he said it should be a big help.

Jeff Knowles, chief technical officer at Authorize.net, said the ultimate goal is to enable banks to take on more Internet-based merchants as customers and be able to offer them lower interchange rates by having lower losses due to fraud. Industry watchers do not expect card associations like VISA and MasterCard to lower the rate charged for card-not-present transactions–currently 1.8% compared to 1.2% for card present transactions. But a drop in fraud, as Authorize.net officials noted, can’t hurt banks.

CRA Still Tripping Up H.R. 10 Bank’s Participation Sought for Office-Product Auction Service

No comments yet

Leave a Reply





XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>