Comments on: First Heartland Arrests, With New Twist To Bogus Gift Card Scheme http://storefrontbacktalk.com/securityfraud/first-heartland-arrests-confirmed/ Techniques, Tools and Tirades about Retail Technology and E-Commerce Sun, 20 May 2012 01:49:40 +0000 hourly 1 http://wordpress.org/?v=3.2.1 By: biz student http://storefrontbacktalk.com/securityfraud/first-heartland-arrests-confirmed/comment-page-1/#comment-64264 biz student Sun, 20 Dec 2009 12:06:14 +0000 http://www.storefrontbacktalk.com/?p=2401#comment-64264 I feel sorry for the credit card companies. They are always looking out for our best interest. They never try to scam the public. They offer a convenient service for a small fee. America is doing great and everything is fine. The young fraudsters should work at WalMart and pay for their own healthcare. I feel sorry for the credit card companies. They are always looking out for our best interest. They never try to scam the public. They offer a convenient service for a small fee. America is doing great and everything is fine. The young fraudsters should work at WalMart and pay for their own healthcare.

]]> By: jetranger http://storefrontbacktalk.com/securityfraud/first-heartland-arrests-confirmed/comment-page-1/#comment-55470 jetranger Fri, 27 Feb 2009 09:19:03 +0000 http://www.storefrontbacktalk.com/?p=2401#comment-55470 Good, let them rot in Prision, give them all 25 year sentences and 10 year probations, and make them pay back all the retailers they cheated and make their names very public always !!! Good, let them rot in Prision, give them all 25 year sentences and 10 year probations, and make them pay back all the retailers they cheated and make their names very public always !!!

]]> By: Deborah http://storefrontbacktalk.com/securityfraud/first-heartland-arrests-confirmed/comment-page-1/#comment-54953 Deborah Thu, 19 Feb 2009 17:15:30 +0000 http://www.storefrontbacktalk.com/?p=2401#comment-54953 Nothing new about this trick. I first saw it about 8 years ago, in a well-known, and very well-managed, major national retailer. The perps used stolen cards to purchase gift cards at multiple locations in a single day. The next day, they used the gift cards to buy clothes, again at multiple locations. Later the same day, they returned the most but not all of the purchases, and asked for their credits on – nice touch here – new gift cards. The perps used the retailer to launder the stolen money. It was over two weeks before the retailer got the chargebacks for the initial sales transactions. Reason code was fraud. The retailer had an alert chargeback associate who noticed that all of the chargeback amounts were round numbers, mostly $500. Further research revealed first the proximity of the stores, and then the timing, and then the complete trail unwound. Of course, this all came far too late for the retailer to recoup any amount of their >$5,000 loss. The second round of gift cards had all been completely used. Skipping over the blame game, let’s ask what are the lessons to be learned here? We helped the retailer identify the one point at which they could have broken the chain: When the stolen card did not scan, the associates key’ed the account number. The retailer implemented a policy that non-scannable cards could not be used as tender for gift cards – and then rapidly implemented that control in their POS. This is, of course, only a partial solution, because a first-class stolen card will scan properly. The speed with which the perps worked was essential to their success. Chargeback processing – where these problems emerge - is the very weak link in the system. The system is slow. There are too many parties, too many processes, and way too much time. My proposition is that we have a critical information bottleneck at the acquirers / merchant processors. I understand that the legal structure of the credit acceptance system clearly requires that the debt reversal go to the acquirer / merchant processor. And I also understand and appreciate the excellent chargeback defense work that the better acquirers / merchant processors perform for their merchants. Their good work slowed to a trickle the unscrupulous issuer practice of dumping bad debt back to the merchants. But we need a re-think to slow this stolen-credit-card-to-gift-card scam to a trickle. It won’t be easy, because retailers need to sell gift cards, and none of us want to make life any harder for retailers than it already is. This requires a joint effort by the three interested parties: the issuers / bankcard associations, the acquirers / merchant processors, and the merchants. Everybody ready to play nice? Nothing new about this trick. I first saw it about 8 years ago, in a well-known, and very well-managed, major national retailer. The perps used stolen cards to purchase gift cards at multiple locations in a single day. The next day, they used the gift cards to buy clothes, again at multiple locations. Later the same day, they returned the most but not all of the purchases, and asked for their credits on – nice touch here – new gift cards. The perps used the retailer to launder the stolen money.

It was over two weeks before the retailer got the chargebacks for the initial sales transactions. Reason code was fraud. The retailer had an alert chargeback associate who noticed that all of the chargeback amounts were round numbers, mostly $500. Further research revealed first the proximity of the stores, and then the timing, and then the complete trail unwound. Of course, this all came far too late for the retailer to recoup any amount of their >$5,000 loss. The second round of gift cards had all been completely used.

Skipping over the blame game, let’s ask what are the lessons to be learned here? We helped the retailer identify the one point at which they could have broken the chain: When the stolen card did not scan, the associates key’ed the account number. The retailer implemented a policy that non-scannable cards could not be used as tender for gift cards – and then rapidly implemented that control in their POS. This is, of course, only a partial solution, because a first-class stolen card will scan properly.

The speed with which the perps worked was essential to their success. Chargeback processing – where these problems emerge – is the very weak link in the system. The system is slow. There are too many parties, too many processes, and way too much time.

My proposition is that we have a critical information bottleneck at the acquirers / merchant processors. I understand that the legal structure of the credit acceptance system clearly requires that the debt reversal go to the acquirer / merchant processor. And I also understand and appreciate the excellent chargeback defense work that the better acquirers / merchant processors perform for their merchants. Their good work slowed to a trickle the unscrupulous issuer practice of dumping bad debt back to the merchants.

But we need a re-think to slow this stolen-credit-card-to-gift-card scam to a trickle. It won’t be easy, because retailers need to sell gift cards, and none of us want to make life any harder for retailers than it already is. This requires a joint effort by the three interested parties: the issuers / bankcard associations, the acquirers / merchant processors, and the merchants. Everybody ready to play nice?

]]>