As featured in The Wall Street Journal, Money Magazine, and more!

How Does Fraud Detection Work on Your Cards?

This article was written by in Consumer. 10 comments.

You probably know that your debit and credit cards have someone watching over them for indications of fraud and/or theft, and we’ve written here before about making sure you tell the bank in advance of a trip so that they don’t mistakenly block your card. I’ve personally seen this system work well, and also not so well. But until this week, I never heard some of the intricacies of how fraud detection works.

MetaFilter is a group weblog which has gained a reputation over more than ten years for being consistently interesting, thoughtful, concise and free of junk. They maintain this partially through a nominal registration fee, which keeps out the riff-raff amazingly well. A sub-site called Ask MetaFilter exists primarily for members to seek advice and knowledge from each other. Someone on “Ask MeFi” recently asked:

Banking Deal: Earn 1.75% APY on an FDIC-insured money market account at CIT Bank.

Just got a call from my bank, Chase, for credit card fraud. Got it all taken care of, card canceled, new one on the way…no worries. I’m just wondering, what tipped them off?

Among the several answers was a lengthy comment from someone who used to work in fraud detection (could this person be making it all up? I suppose, but why would they?). Here are some interesting passages, which piece together the whole process:

  • We used software […] that basically tied a bunch of different databases together
  • We started in a queue and looked at risk factors, such as:
    • Testing charges. These are usually online charges through known online vendors that a scammer can use to test a card number as valid. So [if we see] Amazon MP3 followed by Newegg … [you’re] probably going to get called
    • Gas is something you can buy almost anywhere without being on camera or talking face-to-face with a clerk. A crook will steal a card, test it at a pump, and then go on a spending spree. So gas followed by Best Buy…. [you’re] probably going to get called
    • Out of Country charges. This is an indication that a card has been compromised by a foreign entity (Russia and Turky were two concerns at the time) and fake plastic has been made and is being used until it’s found. Cards leave a data trail of where they’re used, so [if yours is] almost always used in X suddenly used miles away in Y… [you’re] probably going to get called
    • Let’s say that a person always uses their card for fast food, gas, and sometimes clothes shopping. All of a sudden we have $2,000 dollars coming through from electronics. Probably going to get called.
    • If something starts off as low risk, but keeps coming back again and again it’s going to get moved up in the queues until someone finally looks at it.

The former fraud detection worker summarizes it this way:

When you use that card, you’re being watched. Sometimes by a person, but most often by computers that analyze and store every purchase you make. Even if you don’t know it, you have a data trail, and that data trail has a signature to it. When something breaks that signature, and is surrounded by other suspicious details, it either get automatically handled by a computer, and will eventually be handled by a human. The testing charge was suspicious, but maybe by itself wouldn’t have mattered. Followed by tools (easy to fence, so a pretty common flag charge) it’s no question. Especially if it looked at your account and couldn’t find strong previous history with either. So your account gets sent to a high priority queue, and some underpaid dude on the eastern seaboard looks at it, tags it as fraud, and calls you to confirm, maybe helping him make an extra 200 bones at the end of the month.

Updated October 21, 2015 and originally published May 28, 2010.

Email Email Print Print
About the author

Smithee formerly lived primarily on credit cards and the good will of his friends. He is a newbie to personal finance but quickly learning from his past mistakes. You can follow him on Twitter, where his user name is @SmitheeConsumer. View all articles by .

{ 10 comments… read them below or add one }

avatar 1 Anonymous

I’ve actually had several calls from the bank about potential fraud and experienced a few of the items on the list first hand.

I had a ‘testing charge’ trigger a red flag on one card. I bought something for $1.00 at a gas station and then got a call from my credit card bank to ask about it. They explained that the thieves will buy $1 worth of gas as a test so that kind of purchase is a red flag for fraud.

I’ve also had out of state charges trigger a call from the bank. So when I’ve gone on a vacation and racked up some bills on the road the bank has called to make sure its actually me spending the money.

A large purchase also triggered a call once. Years ago I bought my big screen TV and the stand to put it on and spent a considerable amount of money all in one weekend. The bank called soon after to make sure it was me spending the money.

Reply to this comment

avatar 2 Anonymous

My debit card number was stolen in February so I go to experience their process of dealing with it. They called me on a Sunday and asked if I had purchased some things in New Your or Maryland. I indicated I had not and the rep quickly canceled my card and issued a new one.

The rep I spoke to was very helpful and answered all of my questions. Within a few weeks after working with my local bank I was made whole again.

Apparently the thief gassed up their vehicle(test charge) then proceeded to purchase jewelry and baby gear.

Reply to this comment

avatar 3 Anonymous

Another interesting method fraudsters use is make a small donation to a charity, followed by some electronics sales. Debit cards are the most dangerous to use especially online, and especially since they afford you the least protection.

There are a lot of good service providers that help you screen fraud, but even the best, and even after some manual review in some cases, unfortunately still many fraud orders are not caught, and in some cases good orders are rejected.

Reply to this comment

avatar 4 Anonymous

I usually make my charitable donations near year end. Easy to charge then, no checks to watch clear. After the third one, I get a bounce. Card frozen. Customer service turned it on immediately on my call.
Took a week’s vacation to NYC last month. I don’t know what we charged earlier in the day, but I went to buy a purse as a gift (My Goddaughter was turning 25, and feeling down as she had lost her job) so for that $300 charge the card was rejected. I wasn’t embarrassed at all. The store handed me the phone and again a customer service person at the card issuer turned it back on, and said to process it while he stayed on the line. Marked the account to show how long we planned to be there, and I was done. Funny, what triggers the card to get shut down.

Reply to this comment

avatar 5 Anonymous

I once was awakened by the credit card company calling to see if I had made any purchases out of the country. Apparently someone in Great Britain tried to buy $18,000 worth of fire extinguishers with my credit card. Weird.
This was an interesting piece because I’ve sometimes wondered myself how they know to flag certain transactions. I bet that the fraud protection specialists could tell some great stories.

Reply to this comment

avatar 6 Anonymous

I’m abit perplexed. I used my credit card 1 day, and i went to Exxon Gas for about 15 gallons, then to a shopping plaza where I bought stuff at Staples, Kohls, Best Buy (plunged for expensive tv), Target, and got pair of baseball cleats at DicksportingGoods. Later that eve, I stopped at my local grocery store chain to buy some food. No fraud calls, alerts, or declined charges. I do recall reading that another red flag used by credit card issuers for fraud detection, is if your credit card is used at a casino. I’m glad from previous poster that bank issuers of debit cards does the same scrutiny of fraud detection; because, I’ve always thought that’s where credit card issuers are better. Either way, imho, debit cards should not be used for purchases, because the money is immediately unavailable…whether it is or isnt fraud; and could take some time before you find out or before you find your account has NSF’s. We can only hope banks get better in detecting, investigating, and reporting to proper authorities to catch the bad guys.

Reply to this comment

avatar 7 Anonymous

I work for a credit card company and one portion of my team’s responsibilities is creating the strategies used to detect and prevent fraud. One thing about fraud, it’s always changing and the strategies to detect it have to change with the current trends. Therefore, you may get a call today for something that you had done 10 times in the last year that had never triggered a call, it’s all based upon what is the current trend amongst fraudsters.

SavingEverything – you sound as though you are perplexed that you made all of those charges that could be viewed as “suspicious’? Were you near your home? When we decide to decline charges we are very cognizant of the customer’s home area. For example, if a charge to Wal-Mart in California is coming through on a customer’s account who lives in California then no call/decline would be made. Now if that same charge was coming through at the California Wal-Mart on an account where the customer lives in Iowa, then that would be called ASAP and chances are it’d be declined.

By the way, California tends to be a hotbed for this type of fraud, so if you are traveling to California make sure to call your CC company. Also, gift cards tend to be what these fraudsters buy, so that makes retailers such as Wal-Mart, Home Depot, etc. targets for the fraudsters.

Reply to this comment

avatar 8 Anonymous

Until I got my Platinum card a couple of years back and deliberately ran everything I buy through it, my credit card provider would phone me up whenever I spent more than £100 on almost anything.

I guess it was a vindication of my frugal ways!

Reply to this comment

avatar 9 Anonymous

Boomer, thanks for clarification; all local, but much higher $$ than my normal monthly spendings. For travel, it must depend on the type(s) of transactions. For me, I never called when I flew to LAX. i used 1 credit issuer’s card for my hotel and cheap carrental. The other credit issuer card was used for airlines, restaurants, gas, themepark, and games. No declines or calls.

Reply to this comment

avatar 10 Anonymous

credit card was fine until i started an online account so that i could verify the amount spent one day. the machine showed a printout at the pump indicating that i had somehow been charged for the previous customer’s purchase, so i went into the store, got my “real” printed receipt, and then my question was whether the real receipt would be reflected in the actual bill, or whether the actual bill would be about $54 (my purchase plus the previous customer’s) rather than about $17. well, the problem was that the previous receipt had printed out immediately after my purchase, it wasnt left in the machine from the previous customer, and my credit card purchase had been initiated before the previous customer’s receipt printed out. so i was worried and went online and set up an account just to keep track of my balances and see what i owed on a daily or weekly basis. well after setting up the account, all hell broke loose, and my account somehow immediately ran up about $200 in charges and fees, the company stopped sending monthly paper bills in the mail, so i was lax and let a bill run up, assuming i had paid the monthly bill just as normal–when actually due to the policy change, my assumption was completely wrong–, but still i think i had paid more than i owed, or kept the balance down, one month i carried a balance of almost 2 dollars, the next month had a negative balance, in fact i thought my bills had been paid monthly, or that the company would notify me of any delay– When actually I should have been looking nervously online after every purchase, notifying the company of any delay in paper invoices, etc.,, but not being absolutely sure, i think i was penalized tho they did take off some of the penalty charges later in a telephone conference etc. so i think going back to cash makes sense. the convenience remember was what drew people into credit cards. well, they are not convenient at all especially with hackers around.

Reply to this comment

Leave a Comment

Note: Use your name or a unique handle, not the name of a website or business. No deep links or business URLs are allowed. Spam, including promotional linking to a company website, will be deleted. By submitting your comment you are agreeing to these terms and conditions.