Listen Up: Partners in fraud prevention

“I know firsthand how it feels to [experience a fraud attack] and not be able to get that traction that you need. It may seem like a small event to a very large bank, but for you and your customers, this is a big, big deal. We understand that, and we want to make sure all of our [ICBA Bancard] partners understand that.”
—Rebecca Kruse

“We would go to the forms every day to find out if there were new data breaches and if they were identified from a place of purchase. We would then go look at our card-based transactions and both our credit and debit cards to see if our cards had been used at those merchants. If they had, and we had a confirmed window of vulnerability, we would be proactive in closing out those cards and getting new cards … That helped keep our losses down.” —Betsy Steinberg

“We would go to the forms every day to find out if there were new data breaches and if they were identified from a place of purchase. We would then go look at our card-based transactions and both our credit and debit cards to see if our cards had been used at those merchants. If they had, and we had a confirmed window of vulnerability, we would be proactive in closing out those cards and getting new cards … That helped keep our losses down.”
—Betsy Steinberg

“We would go to the forms every day to find out if there were new data breaches and if they were identified from a place of purchase. We would then go look at our card-based transactions and both our credit and debit cards to see if our cards had been used at those merchants. If they had, and we had a confirmed window of vulnerability, we would be proactive in closing out those cards and getting new cards … That helped keep our losses down.” —Betsy Steinberg

“BIN [Bank Identification Number] attacks are increasing in the industry now. Essentially, a BIN attack is when a bad actor identifies a BIN and tests … a set of card numbers to identify which are valid. Unlike a data breach where the bad actor has card numbers that were at least at one point valid, a BIN attack does the opposite and tests lots of card numbers. As soon as one hits and is valid, it’s exploited and used until it can’t be used any longer.”—Rebecca Kruse

“Card skimming, back before EMV chips, meant physically putting on a device that as you inserted your card or your card was swiped, it read the mag stripe on the back, and it literally gave [fraudsters] the keys to the kingdom, where if they could replicate that card, they could go out and do card transactions. They could put whatever name they wanted to on the card to match whatever ID they had.” —Betsy Steinberg

“Card skimming, back before EMV chips, meant physically putting on a device that as you inserted your card or your card was swiped, it read the mag stripe on the back, and it literally gave [fraudsters] the keys to the kingdom, where if they could replicate that card, they could go out and do card transactions. They could put whatever name they wanted to on the card to match whatever ID they had.” —Betsy Steinberg

“I do like a proactive processor for a partner. I do like it when they issue alerts about BIN attacks. I know we’ve received them from all of our processors. Same thing with ICBA, people that are proactive and let us know this [solution] is coming out. They might tell us about some testers to watch for or some basic elements that gives us a leg up and narrows the scope of what I have to watch for.” —Betsy Steinberg