Analytics to the Rescue: How Credit Unions Can Use Analytics to Combat Payment Fraud

Analytics to the Rescue: How Credit Unions Can Use Analytics to Combat Payment Fraud
Even with as advancements in payment technology such as EMV cards and Blockchain payment processing continue to increase in popularity, payment fraud is here to stay. Fraudsters continue to find more sophisticated ways to commit this type of financial crime.

In a recent study on payment fraud mitigation published by the Federal Reserve Bank of Minneapolis in January 2018, 75 percent of financial institutions that participated in the survey reported incurring fraud losses.

Challenge is to act before it’s too late. This article addresses three common types of payment fraud that can impact your credit union and discusses the analytical approach to mitigate fraudulent activities.

1. Check Fraud

As money transfer options have increased over the past few years, the number of checks being written is on a decline. However, check fraud still tops the list of payment types with the highest number of fraud attempts with photocopying and chemical wash being the most common.

2. Debit/Credit Card Fraud

The Reserve Bank of Minneapolis report clearly indicates that close to 50% of FIs feel that debit/credit card fraud has increased compared to the previous year.

  • Card Present Fraud

Counterfeiting is the most common type of card-present-fraud. For example, the fraudulent merchants swipe customer cards through a device called a skimmer to collect and store important card information which is later used to make unintended purchases. Financial institutions have reported cases where more than a dozen cards from the same financial institution were swiped at a single point of sale.

  • Card Not Present Fraud

Fraudsters are able to get cardholder information via phishing which is used for making unauthorized online transactions.

3. Automated Clearing House (ACH) Fraud

ACH is the core of electronic fund transfers. For ACH fraud, fraudsters need only two pieces of data – account number and the bank routing number.

When the account holder logs in from a computer that is affected by a Trojan, malicious software typically installed through phishing, the keyed-in information is tracked. With captured credentials, the fraudster uses keylogging software to transfer funds.

Using Analytics to Combat Payment Fraud

The level of security that a FI provides is becoming a deciding factor for consumers to choose a particular FI over another. Because of this, credit unions should wisely select between a centralized or decentralized approach to fraud prevention. As debit and credit card fraud form the largest share of fraud attempts, credit unions should manage detection and prevention of fraud risks from cards separately. The quickest fix for credit unions to prevent fraud, even before changing their functional organization, is to turn to analytics.


Algorithms and models can help credit unions monitor suspicious transactions on a daily basis. Unusual activities such as those listed below can be tracked and help implement robust fraud prevention techniques.


  • Subsequent withdrawals of money just below the maximum withdrawal amount limit
  • Matching the billing address on file with the credit card company in case of ‘card not present’ transactions
  • Activity on a deceased member’s card
  • PIN changes via IVR followed by multiple ATM withdrawals
  • Increased card activity on a dormant account
  • Unusual and multiple foreign transactions

The anomaly detection techniques utilize auto encoders and neural-network based deep learning to identify unusual signs in the transactions and classify them as suspicious in real time. The sophisticated analytical approach can help to detect fraudulent activities quicker safeguarding the interests of both credit unions and members. Rule based techniques are basic to fraud prevention strategies however these rules need to evolve over time in order to capture the latest tactics fraudsters resort to.

Credit unions cannot relax even after having such algorithms in place unless they have systems to capture and update the models over time.