Transcript Document
Fraud and Risk in the Electronic Payment Space Michelle Marshall-Thompson VP, Fraud/Risk Officer FirstMerit Merchant Bankcard General lack of understanding within the payment space • “Authorizations” are not a guarantee of payment • Settlement of funds to a deposit account does not ensure funds will not be retracted • Inappropriate data verification General lack of understanding of payment risks • Chargeback Risks • Financial Risks: Expense of payment acceptance Loss exposure after payment acceptance • Sensitive Data Security Risks: Human behaviors Network risks Opportunities for Fraud • Internal Fraud • External Fraud • Network Breach, Data Theft, Fraud Internal Fraud • Employee Embezzlement: Fraudulent returns Credentials theft Misuse of position Most unsuspecting person Internal Fraud • Compensating Controls: Oversight Password protection Policies regarding information sharing Random Google or background searches External Fraud • • • • Fraudulent use of card information Lost/stolen card numbers Alleged fraud Merchant financial exposure External Fraud • Compensating Controls: Exposure of swiped, keyed & e-commerce transactions Use of data verification: address, zip, CVV Additional red flags Work with banking partners Network Security Risks • • • • PCI non-compliance Human behavior Banking credential hacks Wire fraud, sensitive data breach Network Risks • Compensating Controls: Utilize the expertise of third parties Work within well established guidelines Oversight of employee responsibilities Where To Turn • If you believe your organization/entity could be vulnerable to risks reviewed today, contact me directly at 330-849-8937, for further discussion • Contact your banking institution to inquire about additional controls and risk mitigating options • Don’t expect to “go it alone” - work with your partners Thank you for attending!