With the advent of new technologies and channels, the Payments Industry has been witnessing rapid shifts in Risk and Liability in the recent years, with many new patterns of fraud showing up every day while older traditional fraud patterns remain relevant. Fraud Analysts today need tools to enable them to proactively identify and respond quickly to such incidents. Effective mitigation of associated risks should be mostly through Real-Time preventive mechanisms in unattended operations. Artificial intelligence plays an increasingly important role in today’s fraud prevention landscape.
While recent technologies offer advanced protection in some transaction channels (like CHIP and PIN), the continuous addition of new ways to perform payments and new account form-factors (like wristbands, stickers and mobile phones) add new Risks for all stakeholders in the transaction processing chain (Cardholder, Merchant, Acquirer, Processor, Issuer). Because of the fluctuation of floor limits and the variation in the Cardholder Verification Method requirements, it is imperative to monitor and identify fraud in all stages of the execution of a Transaction, from the moment of the original Authorisation Request, up until the Clearing cycle. Furthermore, the changes performed by Card Schemes on their Dispute Resolution processes, require flexible tools that facilitate the management of disputed transactions and allow for further analysis on those disputes to identify even more risk areas.
The SafeGuard suite of products offers a comprehensive set of Preventive, Monitoring, and Management tools for Institutions to protect themselves and allow them to grow and expand in an ever-changing fraud landscape of increasing transaction volumes. Using decades of real-life experience encoded as Business Rules and Policies as well as advanced Analytics, Machine Learning, and Statistical Analysis algorithms, SafeGuard offers Real-Time, Near Real-Time and Batch (end-of-day) protection suitable for any Card Scheme (Visa, MasterCard, AMEX, JCB, UPI etc), any Card Type (Credit, Debit, Prepaid, Co-branded, loyalty etc), any payment channel (POS, ATM, E-Commerce, MOTO, Mobile, Token etc) and any role (Issuer, Acquirer, Processor, Switch, Merchant etc). SafeGuard also provides advanced Case Management capabilities for Disputes resolution, allowing Institutions to automate their processes through the definition of declarative Workflows to achieve efficiency and consistency.
While monitoring Transactions and Cardholder/Merchant behaviour is important, there are situations, especially in Real-Time/Unattended modules where an incident needs to be escalated. This becomes even more important in cases where the system is not being monitored during out-of-office hours. SafeGuard can provide such notifications to designated recipients via SMS or Email.
Since SafeGuard maintains a lot of valuable data covering all aspects of the Payments operations of an Institution, it also offers advanced Reporting Capabilities covering aspects ranging from Merchant Profitability to Users Activity. Such reports can also be generated periodically according to a schedule and be delivered to configured recipients via email.
Combating Fraud cannot be a solely reactive process. Fraud Analysts need to be able to assess the Risk characteristics of each Transaction in Real-Time during the Authorisation phase and to proactively decline transactions based on the results of this Risk assessment. DIAP (Dynamic Intervention in the Authorisation Process) enables Fraud Analysts to define Policies and Rules that are being enforced on each Authorisation Request in Real-Time and decline risky transactions before any funds get committed or transferred. With a powerful, flexible and configurable engine in their hands, Fraud Analysts can also react quickly to escalating fraud attacks by enforcing policies in a very targeted and granular fashion allowing them to mitigate the risk and stop an attack without affecting genuine transactions and legitimate Cardholders.
While Fraud Analysts can define policies and restrictions, they cannot cater for all different Card usage and spending patterns of their legitimate Cardholders. MyLimits extends the power of DIAP to each individual Cardholder, allowing them to both define the appropriate ways their Cards can be used (domestic only transactions, usage in specific foreign country for a specific time period etc) and set their personal budget limits, thus enabling them to better manage their finances. MyLimits offers to Cardholders a direct channel to Bank’s systems enabling them to personalise and control the usage of the Card products they possess in a convenient, secure and immediate way.
Restricting the usage of Cards from Cardholders or Merchants to mitigate Fraud Risks always comes with trade-offs like adverse effects in Bank and Merchant Business Volumes and in Cardholder convenience. Based on its Risk Appetite, an institution may allow specific High Risk transactions and at the same time monitor such transaction activity to identify Fraud incidents. SafeGuard-Online combined with Veritas offer a powerful combination of a flexible and configurable Rules Engine with advanced Machine Learning models which allows Fraud Analysts to receive Near Real-Time Alerts on suspicious transactions for further investigation and follow-up. While Veritas assesses the Fraud probability of each Alert, the flexible Rule Engine allows Fraud Analysts to start protecting their Institution from the very first moment without the need of historical fraud data to train the system.
SafeGuard-Online offers additional tools for Alert and Case Management, for Blocking/Unblocking cards, for recording information provided directly by Cardholders (like planned trips abroad), for accessing Cardholder contact details, powerful reporting, enabling Fraud Analysts to better act, investigate and document their findings, all in an integrated easy-to-use system.
Dispute Resolution is a complex, resource intensive process that involves both the relation an Institution maintains with Card Schemes and the relation it maintains with its Clients (Cardholders, Merchants). With varying processes and time limits among Card Schemes as well as different organisational structures between Institutions, there is no one-size-fits-all way of doing things. SafeChargeBack provides advanced Case Management functionality built on top of a powerful and customisable Workflow Engine which allows Institutions to adapt the tool to their internal processes while keeping themselves on top of the Card Schemes’ requirements and time limits. SafeChargeBack can optionally automate the Dispute submission process from Cardholders across an Institution. It also provides deep integration with other systems as well as the Clearing systems of Card Schemes allowing users to directly generate and submit Clearing Records like Chargebacks, Reversals etc.
Being a powerful, customisable platform, SafeChargeBack is currently being updated to support Visa’s new VCR (Visa Claims Resolution) process and integrate with the new version of Visa’s VROL-RTSI (Real Time Systems Interface of Visa Resolve Online) which will become effective in October 2017 and April 2018 depending on region.
Because of the fluctuation of floor limits and the variation in the Cardholder Verification Method requirements, it is imperative to monitor and identify fraud in all stages of the execution of a transaction, from the moment of the original Authorisation Request, up until the Clearing cycle. SafeMerchant provides a powerful, flexible and customisable Rules Engine as well as an advanced Analytics Reporting Engine over the Institution’s Clearing Data.
SafeMerchant allows Fraud Analysts to receive Alerts overnight on offline/below-floor transactions as well as suspicious Cardholder and Merchant activity like increased Credits, Chargeback statistics etc. Additionally, it offers the capability for analysis and reporting on own Merchants Profitability and the overall Risk aspects of a Merchant’s activity.
In certain environments, monitoring transaction details only is not sufficient for truly effective Fraud Control. Apart from Financial Institutions, certain Merchant categories also need to maintain their own internal Fraud Management functions which must closely cooperate with Acquirers in order to detect and prevent fraud. SafeMerchantGate augments the transaction details with additional data about the product/service being purchased as well as about the Purchaser/Beneficiary relation. A typical example is the Airline Industry where the Purchaser (Cardholder or Fraudster) can be a different person than the actual Passengers for which a ticket is being issued. Over those data, SMGA operates vertical Real-Time and Near Real-Time Rule Engines and Machine Learning models, dedicated to vertical industries, to both proactively Decline transactions and raise Alerts.
SafeMerchantGate-Acquirer is the part of SMGA that is being deployed at Acquirers. Subject to the integration method utilised to connect a Merchant with its Acquirer, SafeMerchantGate-Business can be deployed at the Merchant thus allowing for collaboration between the two while combating fraud. SMGA allows for the identification of fraudulent customers (i.e. passengers with previous fraudulent behaviour), fraudulent accounts to e-commerce portals (like fake emails used for CNP transactions), for tracking and managing disputes as well as for investigating and reverting suspect/fraudulent transactions.
RSA (Risk Supervisor Alerts) is a supervising module used for identifying and escalating events sourced from all other SafeGuard modules. It can be used for raising second-level Alerts by combining the results of the Alerts generated by other modules as well as for escalating notifications to supervisors over SMS or Email when important incidents are identified regarding fraud, system health etc.
The scheduling mechanism of RSA can also be used to schedule the automatic generation and dispatch of periodic reports, from any other SafeGuard Module, to automate processes or to disseminate information to Departments and Individuals that are not normally direct users of SafeGuard, such as high level management.
SafeNet provides a flexible engine able to capture data from any HTTP/HTTPS based transaction system and perform Real-Time and Near Real-Time fraud checks. Typical examples are E-Banking portals and E-Commerce Payment Gateways. SafeNet integrates with other system by intercepting the HTTP traffic and by adding the results of its checks on HTTP requests before them reaching the systems under protection. Then, those systems can choose to use the result of the SafeNet checks to decide whether to decline a transaction, restrict access to a user, or terminate a session.
SafeNet can monitor both user facing and system-to-system HTTP connections, considering all the data available on the HTTP Request like remote IP Addresses, device/agent characteristics, session details as well as actual Transaction requests (purchases, balance transfers etc).