Is Your Financial Institution Protected from a BIN Attack?
Rippleshot
Rippleshot's predictive analytics helps financial institutions proactively detect and stop credit and debit card fraud.
Written By: Gregory Lenihan, Fraud and Product Specialist at Rippleshot
BIN attacks are one of the most common credit card fraud threats negatively impacting financial institutions today. This is a type of fraud most commonly associated with Card-Not-Present (CNP) transactions.
In 2023, the Federal Trade Commission received 114,348 reports of credit card fraud. Among those reports includes a rising number of BIN attacks. There’s also a significant rise in card-not-present (CNP) fraud which currently?comprises an estimated 80%?of incidents across debit and credit cards. One of the main culprits of these fraud events is a BIN attack.
Total Cost of BIN Attacks
BIN stands for Bank Identification Number and it is a set of numbers, usually six, that identifies the institution that issued the card. When a card is swiped, the card machine scans the BIN, identifies the associated account, and then puts in a request to withdraw funds from the account in order to complete the transaction.
Financial institutions absorb the cost of fraudulent charges stemming from BIN attacks which include both financial and operational expenses:???
BIN attacks can also place a serious strain on a financial institution's resources. The fraud team is responsible for the aftermath, which includes searching through electronic transaction trails for crucial details such as timestamps, geolocation and IP addresses. This painstaking process is necessary and expensive.
There are Various Types of BIN Attacks
Card-Not-Present Fraud
There’s a significant rise in card-not-present (CNP) fraud which currently comprises over 80% of incidents across debit and credit cards. One of the main culprits of these fraud events is a BIN attack. The term ‘BIN attack' has become an umbrella term for various types of CNP fraud. If you’re seeing a heavy transaction volume from one client, it’s safe to say your BIN is under attack.?
Now What????
Enumeration Attack
Fraudsters test merchants by attempting a few low-dollar transactions per card. If approved they attempt additional transactions across many cards. The goal is to find open cards that can be sold to a card dump site using brute force. This type of attack will involve many card numbers that don't exist. As a result, the response codes will be heavily populated with 'invalid card' responses.?
Frequently an enumeration attack uses a merchant that’s been taken over (or breached). This means the fraudsters may not be able to complete the transactions and can only send the initial authorizations. The concern isn't fraud loss, but instead, the ability to identify new card numbers to use in later attacks or sell on the black market.
How to Protect Your Financial Institution
When a financial institution sees a spike in transactions, that’s a strong indicator that they are under attack. Since the attack has already commenced, they can best react by declining the appropriate transactions. However, this reactionary stance still leaves the financial institution? open to fraud losses and member disruption.
“The advantage of working with a fraud detection partner like Rippleshot is that we have the insights and data to proactively avoid fraud attacks.” said CEO Canh Tran . “By leveraging the fraud intelligence gathered from our data consortium from more than 5,000 banks and credit unions, we provide a summary of high risk merchants to our customers. Internal fraud teams leverage this information to write new rules that block fraudulent merchants before the first transaction hits.”
The following steps are designed to help you enhance your BIN attack protection strategy:
Although these preventative measures aren’t real-time, they can stop automated BIN attacks in their tracks, forcing fraudsters to move onto easier targets. Fraud from BIN attacks and compromised cards can take a week or longer to monetize, giving the financial institution time to act and stop the damage.
How to Handle
领英推荐
CVV/CVV2 Testing?
This type of fraud testing appears similar to an enumeration attack, except it’s the opposite approach. Instead of executing a “few transactions on many cards,” this attack involves “many transactions on a few cards.” With this approach, the fraudsters suspect they are testing a valid card number but then realize they are missing information necessary to complete the fraudulent transaction.
For example, a CVV2 code has more than 1,000 possible values. A fraudster would have a 50% chance of finding the correct value with 278 attempts. There’s zero discretion with this type of brute force attack and the fraudster assumes they will be quickly exposed. Therefore, if they receive successful approval, they will use the card immediately.?
What Should You Do?
Card Dump Testing?
There’s an entire industry that fraudsters have built to steal, test, and sell credit card information. Card dump testing is the only way to ensure that fraudsters are purchasing valid cards.
These tests can differ from site to site, but there are two types we see most often. The first type involves low-dollar authorizations with zero completions.The second type is to attempt lower dollar transactions and associate them with legitimate site names. Unfortunately, charity and political campaign sites often fall victim to this type of attack. They are ideal targets since these organizations have a high volume of small dollar transactions and no history.
How to Mitigate
Fraudster Testing?
While “Card Dump Testing” ensures the card is valid, “Fraudster Testing” is done in real-time by the individual or end user. This testing is done in the form of e-commerce transactions and the purpose is to confirm the card is both valid and still active. The fraudster will focus on small dollar transactions to avoid detection. If those transactions go through, they will move onto higher dollar transactions.
Steps to Prevent??
Large Scale Attack
Time to cash out. Once fraudsters have a list of potentially active cards and all the necessary information, they'll focus on the fastest return. P2P services and cryptocurrencies offer a quick way to collect cash (or cash equivalent). Resellers of gift cards and electronic games have become prime targets, as well. Ultimately, anything that can be sold through a reseller is a target.?
Learn More About BIN?Attacks
To learn more about the various types of BIN attacks and how to mitigate the damage for each one, click here .
How Rippleshot Can Help
BIN attacks are a serious threat to your financial institution and its members. Dealing with them internally is costly, time consuming and still lacks the coverage you require to effectively fight off these fraud events.
Rippleshot’s solution identifies the high-risk merchants that cause BIN attacks and stops them before they strike. Our product is powered by fraud prevention experts whose sole job is to provide financial institutions like yours the card fraud protection you deserve.
To download a free sample of this list, please fill out the form at this link . If you are ready to speak to our fraud prevention team and learn about our solutions in-depth, please click this link .
About Rippleshot and Rules Assist
Since 2013, Rippleshot has been leveraging the power of AI, machine learning, and automation to protect your customers from card fraud.?
Rules Assist is the perfect blend of these tools. Together, they help your institution avoid falling behind the competition by providing the automation, machine learning, and data you need to implement effective rule writing strategies.
To learn more about how we can reduce cost, increase efficiency, and keep your fraud strategies up to date, please click the button below.