Fighting Retail Fraud at the Local Level

It's long been recognized that convenience stores and gas stations are seen as a quick and easy targets by fraudsters. But these small-item retailers have increasingly become the target of more serious, organized criminals and are looking at far greater losses as a result.

Part of the challenge is that fraudsters go for the easy option, whether they're involved in a simple scam or a sophisticated attack. As larger retailers adopt state-of-the-art fraud prevention and identification solutions as part of their payments infrastructure, smaller local chains and independent outlets are being left exposed as the soft underbelly of a very lucrative target.

Smaller retailers must begin looking at anti-fraud solutions. As with any technology, however, there will always be a tension between speed and convenience on one side and security and control on the other. Smaller retailers feel that tension more than most, and therefore should look for fraud identification and prevention measures that will not alienate law-abiding customers.

The key is flexibility. The larger players can back up their systems with teams of analysts creating hard-coded strategies. Smaller retailers don’t have that opportunity. They need a system that can adapt to their specific requirements and be used by general management without requiring highly specialized — and very expensive — teams of fraud analysts and coders.

Smaller retailers should look for anti-fraud systems that are built around a flexible rules engine that can create tailored, individualized anti-fraud strategies and generate immediately actionable alerts.

For example, one of the more common fraud types faced by smaller retailers is perpetrated by criminals who use a fake credit or debit card to buy a prepaid card and load up with cigarettes or other easily fenced items. An effective countermeasure is to create a simple rule that prepaid cards cannot be bought in bulk.

Using a flexible rules engine, retailers could also create strategies that flag multiple uses of one card between certain times of the day — a definite fraud “marker.” Or they could be set up to spot when multiple transactions are denied in a short span of time — usually a sign that someone is testing fake cards — and then prompt a search for any approved cards in that individual’s name. The important thing is to have a system that supports the rapid creation and deployment of rules by nonspecialists. Retailers can then defuse any fraud types that they're subject to.

In addition to flexibility, smaller retailers should look for real-time decisioning tools. One popular criminal technique involves using a fake card many times in rapid succession to maximize its value before it's spotted and blocked. The ability to make authorization decisions during a transaction rather than 24 hours later is essential to beat this kind of fraud.

Technology solutions work best in partnership with existing tools and techniques. A real-time system can create an alert during a transaction, but a CCTV camera will picture the fraudster and help identify them to law enforcement. Behavioral analytics also indicate patterns of both legitimate and illegitimate activity and support the creation of effective rules. Successful fraud prevention is also a collaborative rather than competitive process: banks work together and share information, and so should retailers.

In reality, fraud prevention is like a never-ending game of cat and mouse. Patterns change, techniques alter and new attempts are constantly made. But if they have flexible, real-time technology, even smaller retailers can protect themselves — and prove to fraudsters that they're no easy target.

Shesh Gorur is vice president, product line manager at ACI Worldwide, a provider of payment systems. Shesh can be reached at shesh.gorur@aciworldwide.com.