2017 has been another non-stop year of data breaches that have put Americans' personal information at risk. Arby's, Chipotle, InterContinental Hotels Group, Brooks Brothers, Kmart, Sonic and Whole Foods are just some of the retailers and service providers who've been under attack this year. And of course, we can't forget to mention the massive breach of data from Equifax, one of the largest credit agencies in the country, which according to Identity Force, could affect up to 143 consumers.
Once your credit card information has been stolen, it can cause a rash of problems almost instantly. Just how fast? Earlier this year, the Federal Trade Commission (FTC) conducted an experiment to see how quickly stolen data was used. The FTC created a database of fake information, including names, addresses, emails and payment information, and put it out on the dark web in a couple of different places where identity thieves lurk. Within nine minutes, the thieves tried to access the information, and during the time this data was out there, the thieves made over 1,200 attempts to access the information and use it to pay for things as simple as clothes, games and pizza.
Because identity thieves can act so quickly, it's important for card issuing banks to take extra measures to protect card information--not just so that it doesn't get stolen and create havoc for their customers, but also because they can be on the hook for fraudulent charges. With so many consumers having had their information breached, identity thieves can have a field day with their credit card information before anything can be done about it.
However, card networks and banks are fighting back. Mastercard is taking a step to help issuers with its new Early Detection System (EDS) that allows card issuing financial institutions to take quick action and hopefully prevent serious attacks. The system uses Mastercard's network insights and its capabilities in predicting card behavior, along with other internal and external data sources to determine if a card or account is at risk.
If EDS does determine that a transaction could be risky, it sends an alert to the institution that issued the card and tells it the level of risk that's possible. The issuer can then use this information to decide whether or not to take action, and that could range from monitoring transactions more closely, to deciding to take a proactive approach by issuing a cardholder a new replacement card.
Mastercard's EDS is currently available to its issuers and works across all types of transaction channels to detect fraud. This includes identifying if criminals are actually using card numbers for fraud. It also looks for a common identity theft tactic of making small charges with a card to test whether or not the card number works for them. If it does, then they try making larger, more expensive purchases that are more damaging to the cardholder.
EDS also looks at account information and data that could potentially be at risk, but may not have enough supporting evidence that allows it to fully declare that the account has been compromised. By sharing this with the issuer, the issuer can look into the situation earlier, potentially six to 18 months ahead of other fraud systems, claims Mastercard.
"Knowledge is power, and this service helps issuers act significantly faster and with greater precision to stop potential fraud before it occurs," said Ajay Bhalla, president of enterprise risk and security at Mastercard, in a statement. "Our issuers can now proactively target the fraudulent activity resulting from previously breached or hacked data, helping them reduce costs and maintain the best possible cardholder experience."