Payment Risk and Fraud : Part 1 — The Overview

Picture this: you’re buying something online, and in the blink of an eye, your payment zips through the internet to make the purchase happen. It’s fast, it’s convenient, but lurking in the shadows are risks and frauds waiting to spoil the party.

In this blog series, we’re diving into the world of payment risks and frauds. We want to unravel the mystery behind what makes our transactions a bit like walking a tightrope. We’ll talk about the games being played between the good guys (that’s us and the companies we trust) and the bad guys (the sneaky fraudsters). It’s a constant battle, and we’ll explore the tools and tricks used on both sides.

In the first part of this blog series we will touchbase on Payment Systems, Payment cards and ACH, we will also have an overview of payment risks. In the next part we will delve deeper into different payment risks and in the final part we will cover a case study and will use decision trees in python to solve a business problem.

Payment Overview

Payment System

Payment systems are the behind-the-scenes heroes that make our financial transactions smooth and efficient. They’re like the invisible hands that move money from one place to another, whether you’re swiping a card, clicking ‘buy’ online, or using a digital wallet.

1. Open Loop Payment System: In the open loop, think of your credit or debit card. It’s not tied to a specific store or service. It’s versatile, allowing you to make purchases at various businesses and locations. These systems often involve multiple parties, like banks, card networks (Visa, MasterCard), and the merchant. They offer flexibility and convenience, making them a go-to choice for everyday transactions.
2. Closed Loop Payment System: Picture a gift card from your favorite coffee shop. That’s a closed-loop system. These systems are restricted to a specific merchant or service. You can only use that gift card at the issuing store or within a predefined network. Closed loop systems are excellent for loyalty programs and specific-purpose cards, offering a more controlled and focused approach to transactions.

Push and Pull Payments

1. Push Payments: Push payments are like sending money directly from one account to another. Think of it as you taking the initiative to ‘push’ your funds to someone else. This method is often associated with real-time transactions and is common in peer-to-peer payments or immediate bank transfers. It’s like handing someone cash; you decide when and where your money goes.
2. Pull Payments: In contrast, pull payments involve the recipient ‘pulling’ the funds from your account with your permission. This is more typical in scenarios like setting up automatic bill payments or authorizing a subscription service to deduct fees. It’s akin to giving someone access to withdraw a predetermined amount from your account regularly, offering a convenient hands-free approach to managing ongoing financial commitments.

Payment Cards

Payment card systems have become the backbone of modern financial transactions, seamlessly facilitating purchases across the globe. These cards, typically credit or debit cards, embody a convenient and efficient way to access funds. Embedded with a magnetic stripe or an EMV chip, they store essential information allowing users to make secure transactions.

Key Players:

1. Buyer: The buyer is the party looking to make a purchase, and their role involves selecting products or services, negotiating terms, and ultimately completing the transaction by providing payment to the seller.
2. Issuer: In a card system, the “issuer” is like the card’s parent — usually a bank. They give you the credit or debit card and take care of your account. For credit cards, they let you borrow money to buy things, and you pay them back later. For debit cards, they connect to your bank account, and when you buy something, the money comes straight from there.
3. Card Network: Major card networks, such as Visa, MasterCard, American Express, and Discover, act as intermediaries connecting banks, merchants, and consumers. They facilitate the authorization and settlement of transactions, ensuring smooth communication between the various parties involved.
4. Acquirer: The acquirer, also known as the acquiring bank or merchant bank, is the financial institution that establishes and maintains the merchant’s account, allowing them to accept card payments. When a customer makes a purchase using a card, the acquirer facilitates the transaction by working with the cardholder’s bank (the issuer) to ensure the funds are transferred securely. The acquirer plays a key role in enabling businesses to accept various forms of card payments, whether it be through physical card terminals, online transactions, or other payment methods.
5. Merchant: In the card system, a “merchant” is simply a business that sells things. When you buy something using a credit or debit card, the place where you’re shopping is the merchant.

How Card works?

1. Card Issuance: A bank issues a card to an individual. This card is linked to the cardholder’s account, either as a line of credit (for credit cards) or directly to their bank account (for debit cards).
2. Cardholder Makes a Purchase (Push Transaction): When the cardholder makes a purchase, they initiate a “push” transaction by providing their card details. This could involve swiping the physical card, inserting it into a chip reader, or entering information for online transactions.
3. Merchant Contacts Acquirer (Single Messaging): The merchant, via their bank (acquirer), sends a single message to the cardholder’s bank (issuer) to request authorization for the transaction. This single messaging process streamlines the authorization request.
4. Authorization Process: The cardholder’s bank checks if the account has sufficient funds (for debit) or if the credit limit is enough (for credit). If approved, the transaction is authorized, and the merchant is notified.
5. Transaction Settlement (Pull Transaction): The authorized transaction becomes a “pull” transaction as the funds are transferred from the cardholder’s account to the merchant’s account. This process may take a few days to complete.
6. Cardholder Repayment (for Credit Cards): In the case of credit cards, the cardholder needs to repay the borrowed amount, either in full or in part, by the due date — a pull transaction initiated by the issuer.
7. Security Measures: Throughout this process, security measures like encryption, PINs, and CVVs are in place to protect the cardholder’s information and prevent fraud.

Card Transaction Type

1. Card-Present (CP) Transactions:

CP transactions occur when the physical card is used at the point of sale, such as in a retail store or at an ATM. The cardholder is physically present during the transaction. These transactions are typically considered more secure because the card can be verified using methods like chip and PIN or swiping the magnetic stripe.

Liability Allocation:

• If a fraudulent transaction occurs in a CP scenario, where the card is physically present, liability typically falls on the party with the less secure technology.
• If the card has an EMV chip and the merchant’s terminal does not support chip technology (fallback to magstripe), the liability often shifts to the merchant. If both the card and terminal support chip, liability generally remains with the card issuer.

2. Card-Not-Present (CNP) Transactions:

CNP transactions take place when the cardholder is not physically present, commonly in online or over-the-phone transactions. Since the card isn’t physically swiped or inserted, these transactions present a higher risk of fraud. Verification relies more on information like the card number, expiration date, and CVV.

Liability Allocation:

• In CNP transactions, where the card is not physically presented (e.g., online purchases), liability typically falls on the party with weaker authentication measures.
• If the merchant uses 3D Secure (additional authentication for online transactions) and the cardholder’s bank supports it, liability may shift away from the merchant.

Payments — Automated Clearing House

1. Initiation of Payment: ACH transactions can be initiated by various entities, including businesses, individuals, or financial institutions. These transactions include direct deposits, bill payments, business-to-business payments, and more.
2. Originating Depository Financial Institution (ODFI): The entity initiating the ACH transaction, often a customer’s bank or a business, is known as the Originating Depository Financial Institution (ODFI). They prepare the ACH file, which contains the details of the transaction, such as the amount, the receiving bank’s information, and the account number.
3. ACH Operator: The ACH file is then submitted to an ACH Operator, which serves as an intermediary that manages the clearing and settlement process. In the U.S., the two major ACH Operators are the Federal Reserve and The Clearing House.
4. ACH Network: The ACH Operator processes the ACH file and sends the transaction information through the ACH network, a secure and standardized system that connects all participating banks.
5. Receiving Depository Financial Institution (RDFI): The Receiving Depository Financial Institution (RDFI) is the bank where the funds are being sent. The RDFI receives the ACH file, identifies the intended recipients, and credits their accounts accordingly.
6. Settlement: Once the RDFI has credited the recipient’s account, settlement occurs. The settlement involves the actual transfer of funds between the ODFI and RDFI, ensuring that the transaction is complete.
7. Notification and Recordkeeping: Both the ODFI and RDFI maintain records of the transaction, and the recipient is often notified of the deposit or withdrawal. This recordkeeping helps in case of any disputes or inquiries.

Finality of Transaction: ACH transactions are final once they are settled. This means that the funds have been successfully transferred, and the transaction is considered complete.

ChargeBacks and Refunds

Chargeback:

• A chargeback is a consumer protection tool. If, for instance, you notice a charge on your card statement that you didn’t authorize, or the product you bought online never shows up, you can contact your bank and ask for a chargeback. The bank investigates the situation to make sure it’s legit. If they find in your favor, they take the money back from the seller. However, merchants might face fees for chargebacks, and excessive chargebacks can impact their ability to do business.

Refund:

• A refund is a seller-initiated process. If you buy a pair of jeans, and they don’t fit as expected, or the gadget you ordered doesn’t work properly, you can ask the seller for a refund. This means the seller agrees to give your money back. They process the refund, and the refunded amount appears on your card statement. Refunds are a way for sellers to address customer issues and maintain satisfaction. Sellers often have their own refund policies, specifying the conditions under which they’ll give money back to customers.

Payment Risk

Payment risk refers to the potential financial loss or uncertainty associated with a transaction or a series of transactions.

Types of Payment risk

Buyer Side

Buyer-Side Fraud Risks

1. Unauthorized Transactions: Fraudsters may gain access to a buyer’s account or credit card information, making unauthorized purchases without the buyer’s knowledge.
2. Identity Theft: If a buyer’s identity is stolen, fraudsters can use their personal information to make fraudulent transactions, potentially leading to financial loss.
3. Family Fraud: In family fraud situations, a family member may misuse the buyer’s payment information without their consent, leading to unauthorized transactions and potential financial strain within the family.

Buyer-Side Non-Fraud Risks:

1. Transaction Disputes: Legitimate buyers may dispute transactions due to issues like dissatisfaction with the product, delivery problems, or misunderstandings, leading to potential conflicts.
2. Chargeback Abuse: Some buyers may misuse the chargeback process, falsely claiming unauthorized transactions to get refunds, which can impact sellers and the overall payment ecosystem.
3. Financial Disputes in Families: Family members sharing financial resources may face disputes over spending habits or financial decisions, affecting the overall financial stability and relationships within the family.

Seller Side

1. Non-Delivery Scams: In addition to financial loss for buyers, non-delivery scams pose a credit risk for sellers if buyers initiate chargebacks or disputes, impacting the seller’s creditworthiness.
2. Counterfeit Goods: Selling counterfeit products can lead to reputational damage and credit risk for sellers if legal action is taken against them or if buyers file disputes impacting their credit standing
3. Phishing and Spoofing: Engaging in phishing or spoofing activities not only harms buyers but can also result in legal consequences and credit risk for sellers if legal action is pursued.
4. Identity Theft by Sellers: Sellers engaging in identity theft may face legal ramifications, including credit risk, as affected buyers or authorities may take legal action against them.

Appendix

Interchange Rates

Interchange rates are fees that card-issuing banks charge card-accepting merchants for processing card-based transactions. These rates are typically set by card networks (such as Visa, Mastercard, etc.) and are an essential part of the payment ecosystem. Both credit cards and debit cards have interchange rates, but the structure can vary.

Credit Card Interchange Rates:

1. Percentage Fee: A percentage of the transaction amount is charged. This is known as the ad valorem component. For example, a credit card interchange rate might be 2% of the transaction amount.
2. Transaction Fee: A flat fee per transaction is charged, regardless of the transaction amount. This is known as the per-item or fixed fee component.

Credit card interchange rates are influenced by various factors, including the type of credit card (e.g., rewards cards may have higher interchange rates), the merchant’s industry, and whether the transaction is conducted online or in-person.

Debit Card Interchange Rates:

1. Flat Fee or Percentage of Transaction: Debit card interchange rates can be structured as either a flat fee or a percentage of the transaction amount, or a combination of both.
2. Network Fee: In addition to the interchange fee, there may be a separate network fee paid to the card network.

Debit card interchange rates are often lower than credit card rates. They may also vary based on the type of debit card (signature or PIN-based) and the presence of a rewards program.

It’s important to note that interchange rates are just one component of the overall fees associated with card transactions. Acquirers and processors may add their own fees on top of interchange, and merchants should be aware of the full fee structure.

Interchange rates are periodically reviewed and updated by card networks, and the specific rates can vary by region and country. They play a crucial role in the economics of card payments, influencing the revenue streams for both card-issuing banks and card networks.