User:Deanhulbert23/Credit card fraud

This is the sandbox page where you will draft your initial Wikipedia contribution. If you're starting a new article, you can develop it here until it's ready to go live. If you're working on improvements to an existing article, copy only one section at a time of the article to this sandbox to work on, and be sure to use an edit summary linking to the article you copied from. Do not copy over the entire article. You can find additional instructions here. Remember to save your work regularly using the "Publish page" button. (It just means 'save'; it will still be in the sandbox.) You can add bold formatting to your additions to differentiate them from existing content. Bibliography sandbox

Credit Card Fraud occurs when unauthorized users gain access to an individual's credit card information in order to make purchases, other transactions, or open new accounts. A few examples of credit card fraud include account takeover fraud, new account fraud, cloned cards, and cards-not-present schemes. This unauthorized access occurs through phishing, skimming, and information sharing by a user, often times unknowingly. However, this type of fraud can be detected through means of artificial intelligence and machine learning as well as prevented by issuers, institutions, and individual cardholders. According to a 2021 annual report, about 50% of all Americans have experienced a fraudulent charge on their credit or debit cards, and more than one in three credit or debit card holders have experienced fraud multiple times. This amounts to 127 million people in the US that have been victims of credit card theft at least once.

Credit Card Fraud can occur through the use of different techniques such as phishing, skimming, and information sharing.

Phishing is one of the most common methods used to steal personal data. It is a type of cyber attack in which the attacker acts as a credible person, institution, or entity and attempts to lure the victim into accepting a message or taking action with the specific request. Often, the target of the attack will receive an email or text message about something they would possibly want or need with the hope of tricking them into opening or downloading the message. During the COVID-19 pandemic, phishing has been on the rise as our world turned even more virtual. To give perspective, “researchers noted a substantial spike of 667% in COVID-19 phishing attacks in the first months of the pandemic."^[1]. Also, given the significance of health care systems over these recent years health care companies have been the main targets of phishing attacks. These companies have tons of personal data stored that can be extremely valuable to the attacker.

Another common method that criminals use to steal personal data is skimming. Card skimming is a method thieves use to collect data from your credit or debit card magnetic strip, at the time you use it. Point-of-purchase machines, such as gas pumps, ATMs, and transit ticket dispensers, are most susceptible to skimming devices. ^[2]Specifically, it is the data stored in the magnetic stripe of the credit card and the PIN assigned to the card that gets stolen when the card is swiped through the reader. It is a dangerous tactic because while skimmers are easy to install, they are much more difficult to detect. Common places this occurs include gas stations, restaurants, and ATMs. Information can be stolen in seconds and then sold to third parties and overseas. Skimmers can be placed on the exterior of machines, over the card slot, or even inside the card slot.  

1. Tips to avoid being skimmed
   1. Do a quick self-check/scan
   2. Avoid non-bank ATMs
   3. Check the keypad
   4. Check your account and stay up-to-date

1. Information sharing is the transfer or exchange of data between individuals, companies, organizations, and technologies. Advances in technology, the internet, and networks have accelerated the growth of information sharing. Information is spread and shared in the matter of seconds, and is being accumulated and digested at speeds faster than ever before. People are often not aware of how much sensitive and personal information they share every day. For example, when you purchase goods online and input your name, email address, home address, and credit card information, all this information is stored and shared with third parties to track them and their future purchases. Organizations work hard to keep individuals' personal information secure in their databases, but sometimes hackers are able to compromise its security and gain access to an immense amount of data. One of the largest data breaches occurred at the discount retailer Target. In this breach about 40 million shopper were affected. In this specific case, the hackers targeted their point-of-sale system - meaning "they either slipped malware into the terminals where customers swipe their credit cards, or they collected customer data while it was on route from Target to its credit card processors."^[3] In just one single purchase at the register, masses of personal data is collected which when stolen has major ramifications. The financial infrastructure and payment system will continue to be a work-in-progress as it constantly is at battle with security hackers.

Occurs when criminals steal the victim’s resources (money and information) by obtaining and utilizing their login information. Once logged in, bad actors have access to the account and can make purchases and withdraw money from bank accounts^[5]. They have access to any information that is tied to the account, they can steal credit card numbers along with social security numbers. They can change the passwords to prevent the victim from accessing their account. Cybercriminals have the opportunity to open other accounts, utilize rewards and benefits from the account, and sell this information to other hackers.

New account fraud differs from account takeover fraud because the former occurs when someone who is committing fraud opens an account with a bank instead of trying to access someone else's existing account. The person who is committing fraud has a few options to choose who the account is under. They can utilize a stolen identity or a synthetic identity. A synthetic identity is personal information gathered from many different identities to create one fake identity^[7]. Once the identity and the account is established, the fraudster has a few different options to take advantage of the bank.  They can maximize their credit card spending by spending as much money as possible on their new credit card. Many fraudsters will use the new credit card to purchase items that have a high resale value so they can turn it into cash.

Fraudsters make a copy of a credit card using a specific device and have the information stored in the memory of that scanner. The credit card information that is stored in the memory of the scanner is moved to a new card via the magnetic strip. Many fraudsters will insert their scanners into credit card readers in public places discreetly.

Card-not-present fraud occurs when credit card information is stolen and utilized without the physical card present. Most common examples are purchases made online or over the phone.

Given the immense difficulty of detecting credit card fraud, artificial and computational intelligence was developed in order to make machines attempt tasks in which humans are already doing well. Computation intelligence is simply a subset of AI enabling intelligence in a changing environment. Due to advances in both artificial and computational intelligence, the most commonly used and suggested ways to detect credit card fraud are rule induction techniques, decision trees, neural networks, Support Vector Machines, logistic regression, and meta heuristics. There are many different approaches you can take in order to attempt to detect credit card fraud. For example, some “suggest a framework which can be applied real time where first an outlier analysis is made separately for each customer using self-organizing maps and then a predictive algorithm is utilized to classify the abnormal looking transactions.” Some problems that arise when detecting credit card fraud through computational intelligence is the idea of misclassifications such as false negatives/positives, as well as detecting fraud on a credit card having a larger available limit is much more prominent than detecting a fraud with a smaller available limit. One algorithm that helps detect these sorts of issues is determined as the MBO Algorithm. This is a search technique that brings upon improvement by its “neighbor solutions.” Another algorithm that assists with these issues is the GASS algorithm. In GASS, it is a hybrid of genetic algorithms and a scatter search.

Touching a little more on the difficulties of credit card fraud detection, even with more advances in learning and technology every day, companies refuse to share their algorithms and techniques to outsiders. Additionally, fraud transactions are only about 0.01% - 0.05% of daily transactions, making it even more difficult to spot. Machine learning is similar to artificial intelligence where it is a sub field of AI where statistics is a subdivision of mathematics.  With regards to machine learning, the goal is to find a model that yields that highest level without overfitting at the same time. Overfitting means that the computer system memorized the data and if a new transaction differs in the training set in any way, it will most likely be misclassified, leading to an irritated cardholder or a victim of fraud that was not detected. The most popular programming used in machine learning are Python, R, and MatLab. At the same time, SAS is becoming an increasing competitor as well. Through these programs, the easiest method used in this industry is the Support Vector Machine. R has a package with the SVM function already programmed into it. When Support Vector Machines are employed, it is an efficient way to extract data. SVM is considered active research and successfully solves classification issues as well. Playing a major role in machine learning, it has “excellent generalization performance in a wide range of learning problems, such as handwritten digit recognition, classification of web pages and face detection.” SVM is also a successful method because it lowers the possibility of overfitting and dimensionality.  

Credit Card Fraud can be combatted by issuers, institutions, and cardholders. The use of multifactor authentication, automated data controls, and personal detection can help prevent credit card information from being stolen or used by the wrong person.

1. ^[11]The use of authentication factors such as multi-factor authentication which includes two-factor authentication. Multi-factor Authentication is defined as a method which requires a user to provide two or more verification factors to gain access to a resource (One Login). Two-factor authentication is a common use of authentication and includes common factors such as a password and token, or a number generated specifically for the user. ^[12]Multi-factor authentication combines two or more types of authentication to better validate users' access. There are five main factors to multi-factor authentication and they include^[13]:
   1. Knowledge - things a user knows such as passwords or answers to secret questions.
   2. Possession - an object the user should have in their possession such as the actual credit card.
   3. Inherence - a biological trait of the user such as finger-print or facial recognition.
   4. Location - where the user is at the time of the authentication - verify the user was the one to use the card.
   5. Time - when the authentication is taking place - is it a strange hour or multiple times?

1. The use of automated data controls which are used to recognize when unusual activity or spending occur with a credit card. These controls can be used in real time to react “...to anything suspicious they come upon, so the flow of fraudulent activity is stopped as soon as possible…” (Johnston)^[14]. The three main ways automated data controls protect information includes:
   1. Reconciliation and verification to ensure that the controls are working properly.
   2. Continuous monitoring and alerting which alerts the cardholder/bank when unusual activity is taking place.
   3. Reporting which ensures organizations have proper controls in place to prevent fraudulent activity

1. Don’t give out credit card number and other information online
2. Make sure site you are purchasing from is reputable
3. Report a stolen or missing card right away
4. Ensure the transaction is secure
5. Sign up for transaction alerts when your card is used
6. Beware of those phishing for credit card information
7. Monitor your bank statements

Disparities and Ethical Dilemmas in Credit Card Fraud

1. Generation Differences
   1. Millennials are the biggest victims of all fraud, including credit and debit card fraud, digital wallet, digital payment, banking and tax fraud. Followed by them are the GenXers and then the GenZers.
   2. Millennials spend the most time trying to recover money lost due to fraudulent charges, disputing fraudulent charges, and checking accounts for fraudulent or unusual activity out of any of the generational groups.^[16]
   3. GenZers experienced fraud most often through digital payment apps such as PayPal, Venmo and Square. The other generations experienced most of their issues through credit card fraud.
   4. Baby Boomers were found to have the lowest instances of fraudulent charges, and also spent the least amount of time trying to recover money due to fraudulent charges or to dispute these charges.
2. Racial Differences
   1. "The Federal Trade Commission (“FTC”) and the Consumer Financial Protection Bureau (“CFPB”) produced reports on the connection between minority populations and consumer issues. Each report came to the same conclusion: unfair and deceptive practices have unique and disproportionate impacts on communities of color. These findings suggest that more needs to be done to protect these communities from fraud."^[17] On top of this, hackers specifically target communities of color for reasons such as their need for additional income or credit, or their tendency to use certain types of financial products.
   2. Additional report findings: ^[17]
      1. While Black and Latino consumers are more likely to experience fraud, Latino communities predominantly underreport compared with Black and White communities.
      2. Latino and Black consumers report different rates of fraud concerning distinct categories of problem. The FTC found that their complaint database showed Black, and to a lesser extent Latino, communities experience higher rates of problems with credit bureaus and debt collections than White communities.
      3. White and Latino communities experience higher rates of impersonator scams than Black communities. Also, according to FTC payment method data, Black and Latino communities use credit cards, with their accompanying legal protections, at a substantially lower rate than in White communities.