Credit card fraud costs consumers about $4.8 billion a year and merchants $190 billion a year. The Fair Credit Billing Act (FCBA) limits consumer liability for unauthorized card transactions to $50. Credit card companies have to cover the remainder, so these agencies are highly invested in tracking down and restricting fraud. To that end, they have put into play highly schematic and complex procedures for detecting and processing fraud. The following are the three main ways in which it is done.
Companies Watch Your Patterns
Credit card companies keep track of your spending patterns through systems that determine the validity of your purchases. Any time your pattern breaks with highly priced or unusual acquisitions or with transactions done outside your home place, the company notes it and alerts you. The company also notes changed frequency, such as if you logged more transactions than before and if your e-commerce transactions used a changed IP address. Thieves tend to test credit cards by making smaller transactions followed by increasingly larger ones. Credit card companies alert you if they notice such a pattern.
Companies Use Your Assistance
You may have reported one or more instances of credit card theft. Credit card companies follow up by noting similar charges on one or more of your cards and asking you to verify them. The thief may have engaged in fraud under different names, or other hackers may be perpetrating the same, or similar, swindles.
Companies Employ Technical Algorithms
Credit card companies use a highly sophisticated system of technical algorithms to trap fraud. These include clustering, where banks link common purchases together and trap outlier acquisitions; averaging, where banks calculate the means of your purchases to determine your typical buying behavior; and classification, where banks label transactions according to categories that include geography, time, fraud probability and so forth.
Standard data analysis has grown into big-data analytics, where engineers use technologies such as cloud computing and machine learning to detect abnormalities. Credit card companies go through mounds of data to weed out false positives and detect patterns. The computing system uses petabytes to process all this data. At any given time, PayPal processes 1.1 petabytes of data for every 169 million customer accounts. This amount of processing can damage the company's computing structure, so the computer turns to cloud computing for assistance. Cloud computing stretches to take on an infinity of data. In this way, credit card companies manage to detect more suspicious signals.
Credit card companies also use machine learning, which involves computer models trained by being fed typical transactions to spit out predictions. Machine learning analyzes the transaction and produces a probability digit to rate its trustworthiness. This process helps merchants detect just-in-time fraud, so if your credit card was declined by a cashier, it is likely the model produced a high fraud probability score that alerted the point-of-sale system to reject the transaction.
The PCI Security Standards Council dedicates itself to improving security standards for your account data protection. Merchants that process credit cards are required to take its security audits once a year, and chip-and-pin technologies are just one of the many new IT systems that have come out to detect fraud. However, credit card fraud continues to grow, with 1,540 breaches occurring worldwide in 2014, according to Gemalto's 2014 Breach Level Index.
Credit card companies try various ploys to trap fraud. These include traditional and emerging big-data analyses to detect abnormal patterns. Data shows that their efforts are producing lower annual average fraud rates, at least in America. For instance, fraudsters using credit cards stole $18 billion from 13.1 million U.S. consumers in 2013. This number decreased in 2014 to $16 billion from 12.7 million U.S. victims.