INETCO Insight for Payment Fraud Detection and Prevention

INETCO Insight® —Detecting transaction-level payment fraud attacks in real-time

By the time payment fraud is detected, it’s often too late

Detecting and preventing payment fraud attacks — before customer, reputation and financial damage is done — is a complex and costly problem to solve. Sophisticated fraudsters are exploiting fraud defense gaps quickly and quietly, commonly focusing their efforts on growing volumes of digital payments. Multi-vector attacks are often launched unnoticed, using a combination of social engineering, malware and advanced persistent threats.

Fraud investigation is also getting more difficult, as it is taking more time and effort to collect data across disparate data stores, multiple payment rails and channels. These factors are making it challenging for CISOs, cybersecurity and payment fraud teams, already facing tight budgets and spending hours sifting through thousands of false positives, to accurately detect suspicious behavior and block payment fraud before it impacts customer experience, reputation and the financial bottom line.

This is why financial institutions, retailers and payment service providers are now turning to INETCO Insight®.

Out of band, network-based transaction data acquisition — Centrally collect real-time transaction data across all payment channels, without deploying heavy instrumentation, touching the switch or creating new points of potential failure. Avoid valuable contextual information (e.g. terminal ID, EMV data elements, IP addresses) from being stripped at the terminal handler or switch level.

Real-time transaction profiling analysis — Extract and assemble application payload messages, metadata, response/request timing and network communications information — across correlated transaction links — to detect message tampering and speed up investigations.

Payment protocol libraries for message decoding — Decode all transaction protocols and message types found in banking and payment ecosystems, including: TCP/IP, UDP, ISO 8583, ISO20022, VISA 2, FIX, NCR/ NDC+, Diebold, Triton, XML, SOAP, HTTP, SQL, IBM WebSphere MQ, and AMQP.

Configurable web-based dashboard displays — Access dashboards, alerts, transaction profiles, logs, trends and statistics via the INETCO Insight HTML 5 web user interface.

Transaction logs with search, query and filter capabilities — Perform on-demand research queries on up to 13 months’ worth of transaction data.

Configurable real-time transaction risk scoring — Combine in-depth transaction intelligence with rules-based alerting and adaptive machine learning capabilities. Examine transactions in real-time, rebuild individual customer models on the fly and extract behavioral patterns from past card transactions that signal potential fraud.

Configurable rules-based alerts engine — Set up real-time alerts around suspicious transaction-level activity. Add an independent layer of defense against fraud and switch system alerts that are overridden by malware.

Device state monitoring — Showcase the location and status of each terminal or device, flagging potential security issues such as card reader tamper or safe opening without supervision.

Case management workflows — Track, evaluate and prioritize flagged payment transactions. Streamline fraud investigations — with alert specifics, risk scores and transaction details linked directly to each task.

Supervised and unsupervised machine learning models — Configure supervised machine learning models to look for existing fraud patterns in real-time, and rebuild individual customer models every time a customer event occurs. Use unsupervised machine learning to identify and flag new event anomalies.

IP address/application layer/firewall blocking — Set up automated action scripts to block offending card transactions. Immediately research flagged individual profiles and take action to reduce false negatives and positives.

Switch application monitoring — Combine internal OS statistics, application processes statistics and log file data with the state of your transactions.

Data forwarding options and APIs — Forward transaction data to any team or application of choice. Also utilize this rich transaction intelligence to feed adaptive machine learning algorithms and predictive analytics.

“When we approached our IT operations team and learned about the robust transaction data gathering capabilities of INETCO Insight, our fraud prevention team was very excited, especially about the fact this data came with a complete set of message fields. Our team now has the flexibility and visibility it needs to significantly speed up our ability to identify and respond to fraud attacks.” ANDER MURILLO ZOHN — DEPUTY DIRECTOR OF BIG DATA TECHNOLOGIES AT E-GLOBAL

With INETCO Insight, CISOs, cybersecurity and payment fraud teams can:

• Protect reputation and financial bottom line — Use deeper, faster payment intelligence and pattern recognition to detect, research and block payment fraud attacks in milliseconds - including suspicious transaction activity, man-in-themiddle malware attacks, internal fraud, EMV fallbacks and cash-outs.
• Reduce customer friction and false positives — Configure real-time risk scoring models, rules-based alerts and machine learning algorithms to increase precision and reduce the number of customers accidentally blocked from accounts.
• Mitigate the risk of card-present and card-not-present payment fraud in an efficient, cost effective way — Optimize the independent, real-time collection and decoding of transaction data across every link in the payment journey. Detect missing links, message field tampering and suspicious transaction patterns that would fly under the radar of individual security components. Have the option to stream in-depth transaction data to other fraud applications of choice.