Versions Compared

Version Old Version 1 New Version Current
Changes made by

Joseph De Jesus IV

Joseph De Jesus IV

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

This is usually done by making small transactions through a payment page, or an online store/portal. Fraudsters can write programs that run card numbers through the website with multiple cards tested per second and the volume of cards being tested can range from a several a day to thousands of cards in a matter of minutes.

...

The below is how to recognise the signs of a

...

BIN attack:

  • Multiple low dollar value transactions (the amounts may be unusual for your type of business).

    • Please note - it is not always the case that it is a low dollar value. It has the potential to be of multiple high dollar value transactions or a mix of both.

  • Multiple rejections is the norm, but at times they may be successful and can be high valuevolume.

  • Unusually In some cases, an unusually high volumes of international cards.

  • Large number of transactions being processed or attempted in a short period of time. These transactions tend to be within a few seconds of each other.

  • Card numbers being used repeatedly with variations in the security features (e.g. expiration date, card security code, and postal codes).

  • The time of transaction may be unusual for your business, eg. Between 23:00 -05:00

How a

...

BIN Attack can impact your clients:

  • Reputation:

    • A Fraud fraud attack on your client’s business may have repercussions that is seen by the Media and Financial institutes that may inhibit your future trading.

  • Financial:

    • The cardholder’s bank may restrict purchases being made by you to your clients business.

  • Operational:

    • You will need to refund any fraudulent transactions that were accepted, this attracts .

    • This may attract high rejection fees and chargebacks that can cost be costly to your clients business.

  • Suspension or full closure of your clints clients merchant facilities:

    • Depending on the nature and risk profile of the attack, their merchant bank may suspend or close the facility.

  • All of the above can severely impact the reputation and salability of your software.

...

  • Enable 3D secure. This is an additional security layer for online credit and debit card transactions. This allows for liability shift and protects merchants and card holdersbenefit offers your clients business a liability shift for fraudulent transactions in turn protecting the business from chargebacks as a result of fraud.

  • Enable Googles reCAPTCHA or similar, to tell humans and bots apart. It’s easy for humans to solve, but not bots and other malicious software. Details on reCAPTCHA here.

  • Payrix is PCI compliant and has the expertise and tools in place to assist your business to be prepared. Check our fraud site here.

  • Enable card security code verification (CVV). The transaction won’t proceed until the three-digit security code on the back of the card has been entered into the merchant facility.

  • By using Payrix’s Hosted Pages. This has inbuilt 3DS and reCAPTCHA, that can be enabled on a per client basis.

...

Our Customer Integrations and Fraud Team are happy to work with you to improve security of systems. Feel free to contact us on:

...