<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=559746057746957&amp;ev=PageView&amp;noscript=1">

Learn how Data Breaches relate to you, with Bruno Farinelli - Fraud Analytics Manager at Clearsale - at The CyberSecurity Place. Bruno joined ClearSale in 2012, after previous experience with biometrics and browsing behavior. He quickly became a key participant in one of the most successful cases the company has, by using his extensive knowledge in anti-fraud practices to increase our client's revenue while drastically reducing their chargeback levels. In 2015, Bruno was invited to build the Fraud Analytics department for ClearSale in USA, using all of his previous experiences in Brazil (one of the riskiest markets in the world) to help US merchants.

Bruno Farinelli

By Bruno Farinelli

Nova call to action

Why Every Data Breach Is Your Security Problem, and How to Fix It


Why Every Data Breach Is Your Security Problem, and How to Fix It

When you’re a merchant, it is scary to realize there’s an entire criminal industry built around stealing and reselling your customers’ data, but that’s exactly why there are so many data breaches of retailers, dating websites, government agencies, and healthcare providers. Data Breach Today recently reported that breach-notification service LeakedSource told the media to “assume every website has been hacked.” Fraud techniques are evolving in tandem with the type and quantity of data stolen during breaches, too. That means every data breach has the potential to affect merchants around the world. To protect themselves, merchants must have multiple layers of protection against different types of fraud.

Every merchant needs a security plan to protect against internal data breaches caused by insider theft, accidental data exposure, device theft, hacking through a third party, and phishing emails to employees. All merchants should also understand how data stolen in breaches could hit their bottom line. Here are some of the security challenges, from simple to complex, which merchants face when targeted by thieves using data from an external breach.

Simple credit card fraud

Let’s say a fraudster has access to the names, addresses, and credit cards numbers of merchant’s customers. With this information, he can target e-commerce stores that don’t have fraud controls by simply shopping with the stolen credit card real information.

Credit card fraud with location manipulation

Now, let`s assume our fraudster decides to target better-protected merchants who check customer addresses with the Address Verification System, which MasterCard, Visa, and American Express use in the US and other countries. This system catches attempted fraud by thieves who have credit card numbers but not correct customer shipping and billing addresses. In this case, though, because he has the customer’s addresses along with the card numbers, the fraudster’s purchases won’t trigger an AVS mismatch. In many cases, his purchases will be approved with no further screening or security.

However, the fraudster now has to reroute the package from the original customer address to a new delivery address so he can collect his stolen goods. Thieves usually do this by contacting the merchant’s customer service department or contacting the shipping company directly. To stop fraudulent orders before the thief gets the goods, merchants need another layer of protection. AVS screening is not enough, to filter out purchases that passed AVS screening, merchants who ship physical goods should put orders through another analysis, checking, for instance, if that order fits to customer’s expected behavior or profile.  Reanalyze the order if the customer asks to change the delivery address after the transaction is approved is also recommendable.

Sophisticated fraud

What if the fraudster has all this stolen data and works for (or has a partner who works for) a shipping company? Now the stolen goods will pass AVS matches and avoid post-transaction delivery change screening, because he can intercept the package before it reaches its AVS-matched destination. Another option for fraudsters with access to detailed data is customer account takeover using stolen login credentials. Now the fraudster can change the delivery address on the customer account – another way to bypass AVS and delivery-change screenings.

These types of so-called sophisticated fraud and location manipulation fraud may seem farfetched to some merchants. However, they are very real problems, especially [to continue reading please access the full article at The CyberSecurity Place here]

Download Credit Card Fraud eBook

You may also like

Build the Career You Want with These Four Elements

Build the Career You Want with These Four Elements

Learn how Data Breaches relate to you, with Bruno Farinelli - Fraud Analytics Manager at Clearsale - at The CyberSecurity Place. Bruno joined ClearSale in 2012, after previous experience with biometrics...

AfterPay’s perk that could give them an edge in fintech

AfterPay’s perk that could give them an edge in fintech

Learn how Data Breaches relate to you, with Bruno Farinelli - Fraud Analytics Manager at Clearsale - at The CyberSecurity Place. Bruno joined ClearSale in 2012, after previous experience with biometrics...

Are your trusted holiday season customers who they say they are?

Are your trusted holiday season customers who they say they are?

Learn how Data Breaches relate to you, with Bruno Farinelli - Fraud Analytics Manager at Clearsale - at The CyberSecurity Place. Bruno joined ClearSale in 2012, after previous experience with biometrics...

Creative Ways to Get More Mileage from Your Data

Creative Ways to Get More Mileage from Your Data

Learn how Data Breaches relate to you, with Bruno Farinelli - Fraud Analytics Manager at Clearsale - at The CyberSecurity Place. Bruno joined ClearSale in 2012, after previous experience with biometrics...

How Effective Listening Helps Build Customer Relationships and Close Deals

How Effective Listening Helps Build Customer Relationships and Close Deals

Learn how Data Breaches relate to you, with Bruno Farinelli - Fraud Analytics Manager at Clearsale - at The CyberSecurity Place. Bruno joined ClearSale in 2012, after previous experience with biometrics...

How to Manage Your Company’s “Growing Pains” When It’s Growing Fast

How to Manage Your Company’s “Growing Pains” When It’s Growing Fast

Learn how Data Breaches relate to you, with Bruno Farinelli - Fraud Analytics Manager at Clearsale - at The CyberSecurity Place. Bruno joined ClearSale in 2012, after previous experience with biometrics...

ClearSale Welcomes David Fletcher as Senior Vice President of Sales

ClearSale Welcomes David Fletcher as Senior Vice President of Sales

Learn how Data Breaches relate to you, with Bruno Farinelli - Fraud Analytics Manager at Clearsale - at The CyberSecurity Place. Bruno joined ClearSale in 2012, after previous experience with biometrics...

EU regulations might help, not hinder, digital payment fraud

EU regulations might help, not hinder, digital payment fraud

Learn how Data Breaches relate to you, with Bruno Farinelli - Fraud Analytics Manager at Clearsale - at The CyberSecurity Place. Bruno joined ClearSale in 2012, after previous experience with biometrics...

Influencer insights: An interview with clearsale

Influencer insights: An interview with clearsale

Learn how Data Breaches relate to you, with Bruno Farinelli - Fraud Analytics Manager at Clearsale - at The CyberSecurity Place. Bruno joined ClearSale in 2012, after previous experience with biometrics...

How open banking opens the door for fraud

How open banking opens the door for fraud

Learn how Data Breaches relate to you, with Bruno Farinelli - Fraud Analytics Manager at Clearsale - at The CyberSecurity Place. Bruno joined ClearSale in 2012, after previous experience with biometrics...