Challenge: Increase in skimming incidents

A large Australian retail bank was experiencing a large spike in ATM skimming incidents for debit cards but was unsure of the full extent of its current and future exposure. Moreover, they did not know what action to take to prevent further cases – and how much this would cost.

QVARTZ Analytics proposed a project to understand the exposure and further to explore options on how to resolve the situation and create implementable recommendations, including a business case on how to move forward.

Solution: New analytics detection model

Using the data available on past cases of ATM skimming, several different patterns of fraudulent transactions occurring after card details had been skimmed were uncovered. One example was of small $2 transactions being made as a result of setting up a new mobile phone account, with the intention to test that the card details worked. This was followed by a large number of transactions. It was only as a result of these insights that the full set of past cases could be uncovered and quantified – and a forecast could be created of future losses to occur and their value.

Many options of picking up new skimming incidents were reviewed – and each option was costed for development, implementation in the bank's current systems and projected effectiveness, and business cases developed. One of these business cases was approved. QVARTZ Analytics then ran the project and built the analytics detection models and created the plan for implementation and ongoing operations.  

Impact: Early detection leading to significant savings

The business case showed that if less than AUD 1 million was spent to develop the fraud detection system, then an estimated AUD 1.5-2 million would be saved over the next three years. Equivalent savings would continue after this time with no additional expense required. It should however be noted that new patterns of skimming will continue to emerge that require proactive detection and addition to this framework.

QVARTZ Analytics also created a related tool to provide early detection of the common point of purchase where the initial compromise of account details occurred. Using a newly developed innovative technique, the location, ATM or merchant terminal and start and end time of the compromise event is uncovered from many millions of transactions worth of data. This allows other cards currently unknowingly affected to be blocked and replaced before the fraudulent transactions occur.