Menu

Higher Approval Rates are Great, Except When Fraudsters are Testing Cards

June 29, 2017

Obtaining authorization approvals is critical for any merchant’s topline. For fraudsters, topline approvals are also important as their card testing efforts seek positive network responses. However, unlike merchants, if fraudsters can’t get approvals on one site they simply move on to unprotected sites, and they are finding plenty as evidenced by card testing attacks increasing 40 percent year over year¹.

Fraudsters target merchants and nonprofit organizations, both large and small, with these attacks, seeking information such as working zip codes, Card Verification Values (CVVs), or simply still-active cards. For example, if a fraudster can determine that a merchant declines transactions when a zip code doesn’t match, they then deduce that when the merchant does approve a transaction, the zip code the fraudster is testing is correct.  

Card testing fraud is a volume “play.” Fraudsters target merchants during off-hours, submitting tens of thousands of ”testing” transactions across a wide swath of sites. This spread technique, coupled with leveraging of DarkNet or proxy IP addresses, enables fraudsters to mask the full extent of their activity from any one merchant environment.  

Here’s where the Essential Coverage tier of Vantiv Fraud Toolkit can help minimize the damage of card testing attacks. Through a “network effect” that monitors velocities of devices and IP addresses across many eCommerce websites and verticals, Vantiv enables merchants to turn away fraudulent transactions before the authorization is submitted to the networks, limiting fraudsters from obtaining the card testing data they value and forcing them to move onto the next weakest target. Vantiv merchants who’ve adopted reputation and velocity filters have realized an amazing 90-to-100 percent reduction in “successful,” and therefore damaging, card testing attempts over the last year².

For more information about Vantiv Fraud Toolkit and defending against these nefarious card testing attacks, please contact your Vantiv eCommerce merchant or partner relationship manager. 

¹ https://info.threatmetrix.com/rs/991-JSN-701/images/Q3_2016_Cybercrime%20Report.pdf

² Vantiv source data

Grow your business now