CO-OP Shifts to Real-Time Fraud Monitoring

Financial transactions are increasingly happening in real time and so are the fraud attacks that naturally follow.

To help fight that, CO-OP Financial Services is working this year to continue to move several hundred client credit unions to the real-time version of the widely used Falcon Fraud Manager neural network service from FICO.

Neural networks have long been used by CO-OP and other processors to spot transactions that don't fit a consumer's normal spending pattern – for example, a $9,000 charge at a Las Vegas casino to a card held by a South Carolina resident who has never charged anything in that city before.

The normal procedure is to call the member, stop the charge and re-issue a new card. At point of sale situations, however, the stopping happens later and the institution takes the loss. With breaches now affecting up to hundreds of thousands of consumers at a time, stopping and re-issuing isn't always an option, experts say.

The real-time version uses constantly revised rules that automatically stop the transaction at the point of sale, with Falcon or the institution's fraud team following up, CO-OP said.

That's one of the reasons why the $9.7 billion BECU has opted for the real-time version of Falcon for monitoring MasterCard debit account transactions, said John Snodgrass, security risk manager at the Seattle-based credit union.

"We don't have to block and re-issue now every time because we have a real-time scoring system. It's completely changed how we handle alerts," Snodgrass said.

Now, for instance, instead of relying on canned alerts from the card company, the credit union has found that it "can hopefully identify the threats ourselves even before we hear from MasterCard or Visa," Snodgrass said.

Between all the cards BECU offers, there currently are about 16,000 included in one alert or another, Snodgrass said, adding that "our appetite for risk has adjusted a bit."

He said experience there has shown that a breach might only in reality affect two or three of its cardholders and not worth the cost and member inconvenience of re-issuing hundreds or thousands of cards.

The real-time version of Falcon, implemented during the massive Heartland breach in 2009, "has without a doubt in my mind reduced our dollar losses," Snodgrass said.

While 2011 figures are not in, that was about $440,000 in 2009 and $500,000 in 2010.

"These are not fluff numbers," Snodgrass said. "Those are declined fraudulent transactions."

Connie Trudgeon, vice president of operations at CO-OP in Ontario, Calif., said about 70% of its fraud-monitoring clients have changed over to the real-time version of Falcon and that the CUSO is preventing about $1 million in losses and handling more than 8,000 fraud cases a month.

As for possible ramifications of declining transactions for members presenting their cards at the point of sale, "none of our credit unions have come back to us and said this is too big of an inconvenience," she said.

Moving forward, Snodgrass and his BECU team will be looking at ways to use the mobile channel to get in touch with members when a problem occurs.

"Right now the Falcon rep calls a number provided and often the person is not at home. We're going to look at how better to use mobile technology and alerts to look for unauthorized activity and let people know when we see it," he said.

Trudgeon said the effort to move the credit unions it serves to real-time Falcon "went whole hog in 2011" and will continue this year.

"We don't state that this is going to prevent all fraud from happening, but it sure takes a bite out of it," she said.