Bank and Credit Union fraud teams should be on the lookout for the rise in Bank Identification Number (BIN) Attacks. Fraudsters are using a new technology that allows them to “decrypt” bank/debit card numbers, with the potential to drain customer accounts rather quickly.
The latest victims of this crime are members of Homeland Credit Union, a five-branch CU based out of Chillicothe, Ohio. The credit union says a BIN attack (described below) has affected 950 members, or 7% of the CUs customer base.
While Homeland says no personal or private member information was at risk in the attack, debit card numbers were indeed compromised. Homeland CU’s CEO, Shayne Poe said, “Rest assured, no Homeland Credit Union member who has been subjected to the BIN attack will lose any money. All of the fraudulent charges and fees will be reimbursed in full by Homeland Credit Union. We are also working to replace the compromised cards in a timely manner.”
BIN attacks occur when fraudsters use the first six digits of a debit card (those numbers which are unique to a single card issuer, in this case, Homeland) and generate the remaining sequence of numbers using algorithmic software tools.
Once a full sequence is generated, the card number is “tested” by attempting to make a series of small online purchases. If purchases are denied, the fraudsters try a new sequence. If charges go through, they’ve matched a legitimate card holder number, and can fully exploit the account.
While it may have taken Homeland too long to discover the BIN attack (we do not know the total losses incurred, or how long the fraud was taking place), there are tools available to credit unions which could potentially detect this type of activity much sooner… perhaps even live.
Since the attack requires fraudsters to “test” the validity of a card sequence by making numerous small online purchases, they’re inadvertently giving the more advanced credit union fraud teams the ability to detect them.
These teams, ones that utilize real-time fraud detection and prevention tools powered by artificial intelligence, could be instantly notified of any anomalous activity in customer accounts. These anomalies may include the small, rapid transactions on debit cards that indicate a potential BIN attack.
Ai could notify teams of such attacks, 24/7/365 in real-time, as they’re occurring.
On the other hand, legacy fraud systems are less likely to detect activities like these until the batched data is analyzed, that is, after the fact.
Because much of the legacy solution industry relies on post-transactional data analysis, these small charges are likely to go unnoticed… and perhaps the larger follow-up charges may go unnoticed as well, until it’s already too late.
Its why credit unions should begin bolstering their fraud teams with real-time Ai that’s designed specifically to detect anomalous behavior across all transactional data, live.
Now, perhaps the finest example of such a real-time fraud solution is the one provided by ToolCASE. It’s artificial intelligence, powered by RembrandtAi has already shown to save credit unions millions in fraud losses. Better, it’s light years’ ahead of the technology fraudsters are using to steal money…
For a full demonstration of ToolCASE’s real-time Ai solutions to digital bank fraud, visit HERE.
Or speak to an expert on bank fraud and Ai at 1-888-TOOLCASE
To read more about the Homeland Credit Union BIN Attack, visit HERE