Labels
Links
About Me
Subscribe Via Email
Retail impact when Stock balancing risk is not offset to Vendor
Do Educational Discounts pay Dividends?
Importance of Effective Communications Illustrated
Looking for Anecdotes about mobile advertising Trucks
Perils of Business 2 Business Credit Card processing - Hypothetical
Exploring the Perils of Business to Business Credit Card Processing
During a routine audit of credit card transactions, relatively small dollar frauds from credit card transactions are sometimes found. This sometimes can be part of a larger pattern. Apparently, the small time (assuming they are small time) fraudsters that put credit card transactions through a system realize that the targeted company may have identified their business names, addresses, phone numbers, fax numbers or several other identifying characteristics. They realize that we are highly dependent on computer systems to screen the incoming data for these unique characteristics. Here is where they get a little smart. Basically, they routinely submit and resubmit these small dollar orders with many variations of names, addresses, phone numbers etc. Sometimes the change can be as small as including an extra space ' ' between an address or company title for example 1 short street 1 short street 1 short street 1 s hort street 1 short street etc. Obviously, given the vast array of techniques that money launderers and fraudsters utilize this is just one more way that they can through a random variable at our systems and prevent the detection of their fraud. Fraud auditing and Business Intelligence tools today are available that not only screen for common names and addresses and screen for different degrees of variation of each. It takes a lot of computing power to aggressively take into account all of the permutations available for a fraudster altering names, locations, and phone numbers all at once and carrying out this same fraud at multiple locations probably with dollar amounts ranging all over the place. Consider the implications of a higher power or organization that has controls of thousands of fraudsters with many names and businesses and addresses and even many mules that can deposit or carry out transactions all over the world. The situation moves out of the credit card realm and into the universe of Money laundering and anti-money laundering. If one looks at this as a military group would or an encryption specialist, it is probable that a certain degree of control needs to be exercised for the launderer/fraudster controlling group to keep a handle on what is really going on. Security/encryption keys could be used and probably are (hope I'm not giving ideas on how to wrong but how to stop it). For example, in the military a person would be given an identification nomenclature. Whenever the person sends out a message they go through certain channels or predetermined communication methods. The thing is they don't want the other side to know who is sending the message so they change their nomenclature on a regular basis (daily, weekly, monthly etc.) All of their communications should be encrypted and when a wily person or computer program comes along and happens to break this code they end up finding some possibly useful information, but they do not know who it is coming from or who it is going to (because the parties refer to each other given the nomenclature assigned for that time period. So let's say the program or person is really smart or lucky and happens to figure out that the nomenclature abc stands for John Smith. Well more than likely the next day the transmissions if decoded will not refer to abc at all. John Smith will have switched to the new nomenclature assigned for that day maybe xyz or 123 or something else. Now it is time for the program or person to basically find out every nomenclature in use by the entity they are trying to track on any given day (maybe they rotate in cycles of a year, month, week or something). So lets say they are really good and they find out what John Smiths nomenclature is for every day of a 30 day period and that it starts over at the beginning of the next 30 day period. Great now they will always know who is sending what to whom. Unless John Smith, gets wise to the notion that somebody has broken their code and nomenclature. He sends out word that the code is a bust and every body up and switches all the encryption and nomenclature to a completely fresh code. This is where business intelligence job security derives. A company witnessing minor frauds or multiple frauds, might only see the tip of an evasive iceberg. They could potentially be looking at a group that is running not only a rotating nomenclature of false names, businesses and addresses, but they are also keeping these false nomenclatures live and undetected by inserting random misspellings and spaces to throw off our fraud detection filters!Disclosure Policy
This policy is valid from 29 October 2006 until such time as the I see fit to remove, amend or replace this Policy.
This blog is a personal blog written and edited by myself, Brett Bumeter. The site does have three other registerd contributors, who are sometimes active. For questions about this blog, please contact brettbum at yahoo single dot com.
This blog accepts forms of cash advertising, sponsorship, paid insertions or other forms of compensation. This blog will not accept any form of advertising, sponsorship, paid insertion or other form of compensation that I find may cause undo physical harm on other people. I am not all seeing nor all knowing and so this will be a goal of this blog to avoid those items to the best of my ability. I will gladly accept comments or emails that might illuminate myself and my readers to potential for harm that I have not previously been made aware.
The compensation received may influence the advertising content, topics or posts made in this blog. That content, advertising space or post may not always be identified as paid or sponsored content.
The owner(s) of this blog is compensated to provide opinion on products, services, websites and various other topics. Even though the owner(s) of this blog receives compensation for our posts or advertisements, we always give our honest opinions, findings, beliefs, or experiences on those topics or products. The views and opinions expressed on this blog are purely the bloggers' own. Any product claim, statistic, quote or other representation about a product or service should be verified with the manufacturer, provider or party in question.
This blog does not contain any content which might present a conflict of interest. We are employed by or consult with: Softduit Partners. We are active in a political party which influences our blog: NoMoreIncumbents. We blog about people to whom we are related. The most interesting such people are: those people that are identified within this blog. We have a financial interest in the following that are relevant to our blogging: Continued Peace and Prosperity of the living entities on this planet.