MAG Insights

Announcements from the MAG & Featured Articles

Also in this Issue: CNP Fraud Mitigation - Where to Begin and What is Enough? (MAG Quarterly- Volume Five, Issue Three)

By Guy Berg, Vice President, Federal Reserve Bank of Minneapolis

September 7, 2017

Card-not-present fraud prevention is an on-going battle against highly organized, well-financed, methodic, and technically sophisticated attackers. Furthermore, combating CNP fraud is a delicate balancing act to simultaneously minimize customer friction, optimize sales revenues and filter out fraudulent transactions. Unfortunately, there is not any single CNP fraud mitigation strategy that fits all business types and sizes, yet there is need for a concerted effort across all stakeholders in the payment system to build lines of defense to effectively fight the war against fraudulent CNP transactions. To this end, the U.S. accredited national standards body for financial services, ANSI X9, initiated a study group to survey industry experts and develop CNP fraud mitigation guidelines.   

The X9 Technical Report resulting from this effort provides industry insights for developing CNP fraud mitigation strategies. The intended audience includes all participants in the payment industry that handle CNP transactions including merchants, issuers, acquirers, card networks, and service providers. It outlines the typical CNP fraud cycle which begins with theft of data, followed by inconspicuous test transactions and then larger dollar fraudulent transactions, and finally monetization of goods purchased. The X9 Technical Report provides guidelines to prevent, detect, and respond by identifying layers of defense, tools, and strategies to address each stakeholder’s needs.  

Everyone interested in this topic should attend the panel discussion at the up-coming MAG Conference on September 28th. Experts representing merchants, acquirers, and payment networks will share their insights and discuss findings from the study.