Versions Compared

Old Version 3

changes.mady.by.user Joseph De Jesus IV

Saved on

compared with

New Version Current

changes.mady.by.user Joseph De Jesus IV

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

This is usually done by making small transactions through a payment page, or an online store/portal. Fraudsters can write programs that run card numbers through the website with multiple cards tested per second and the volume of cards being tested can range from a several a day to thousands of cards in a matter of minutes.

...

The below is how to recognise the signs of a

...

BIN attack:

  • Multiple low dollar value transactions (the amounts may be unusual for your type of business).

    • Please note - it is not always the case that it is a low dollar value. It has the potential to be of multiple high dollar value transactions or a mix of both.

  • Multiple rejections is the norm, but at times they may be successful and can be high volume.

  • In some cases, an unusually high volumes of international cards.

  • Large number of transactions being processed or attempted in a short period of time. These transactions tend to be within a few seconds of each other.

  • Card numbers being used repeatedly with variations in the security features (e.g. expiration date, card security code, and postal codes).

  • The time of transaction may be unusual for your business, eg. Between 23:00 -05:00

How a

...

BIN Attack can impact your clients:

  • Reputation:

    • A Fraud fraud attack on your client’s business may have repercussions that is seen by the Media and Financial institutes that may inhibit your future trading.

  • Financial:

    • The cardholder’s bank may restrict purchases being made by to your clients business.

  • Operational:

    • You will need to refund any fraudulent transactions that were accepted.

    • This may attract high rejection fees and chargebacks that can be costly to your clients / business.

  • Suspension or full closure of your clients merchant facilities:

    • Depending on the nature and risk profile of the attack, their merchant bank may suspend or close the facility.

  • All of the above can severely impact the reputation and salability of your software.

...

  • Enable 3D secure. This is an additional security layer for online credit and debit card transactions. This benefit offers your clients business a liability shift for fraudulent transactions . Protecting your in turn protecting the business from chargebacks as a result of fraud.

  • Enable reCAPTCHA or similar, to tell humans and bots apart. It’s easy for humans to solve, but not bots and other malicious software. Details on reCAPTCHA here.

  • Payrix is PCI compliant and has the expertise and tools in place to assist your business to be prepared. Check our fraud site here.

  • Enable card security code verification (CVV). The transaction won’t proceed until the three-digit security code on the back of the card has been entered into the merchant facility.

  • By using Payrix’s Hosted Pages. This has inbuilt 3DS and reCAPTCHA, that can be enabled on a per client basis.

...

Our Customer Integrations and Fraud Team are happy to work with you to improve security of systems. Feel free to contact us on:

...