The use of online payments in trade has grown immensely in the last couple of years. We are now at a point where online transactions represent the majority of all airline ticket purchases, resulting in a large amount of personal and financial information, particularly card data, being stored on the internet. Cybercriminals break into databases, download credit card information and then sell this information on the dark web, a collection of websites that are publicly visible but hide the server or IP details that run them. Fraudsters then use this stolen card data to buy airline tickets, causing huge damages for travel service providers. Shalini Levens proffers a solution.
According to surveys done by Cybersource, the annual damage for all airlines combined is 1.4 billion dollars. It is also estimated that between 1% and 2% of all booking attempts on an airline website are fraudulent. Therefore, it is fair to say that the airline industry has faced an unexpected battering from card fraudsters and has had to reorganise rapidly to face this unforeseen threat.
In retrospect, there have been certain key developments that, collectively, have led to a turnaround in the industry and a reduction in opportunities for the potential fraudster. Airlines are now in greater control of their payment operations, which has resulted in a considerable reduction in credit card fraud. The most important development has been the ability of fraud analysts to exchange information through meetings and secure online forums. This information includes structured personal data such as names and e-mails that need to be validated against a database, as well as guidelines and best practices that are shared informally.
Some of the meetings and online forums are for members only, while others are open to verified fraud analysts and professionals from any accredited organisation. A well-known open forum in the industry is FraudChasers, which facilitates a platform for fraud analysts to chat, share information and to have one place to post information about upcoming meetings. For an individual who may be the only fraud-fighter in their organisation these forums are like a life-support machine.
Additionally, on a strategic level, the travel sector has created an industry-wide body where executives can meet and coordinate actions, both regionally and globally. There is a regular programme of working groups that takes place at venues across Europe, Asia-Pacific, North America and beyond. Key to the success of both personal and corporate collaboration is that people from different organisations continue to meet regularly face-to-face. Connections of trust, once formed, can last a long time online, but occasional meetings in person reinforce and develop that trust.
The next step in industry-wide collaboration is sharing data. When the working group is small, this can be done via e-mail, but once groups start to grow, automation is essential. The need arose for groups to establish steering committees to choose a neutral technology supplier who develops the various online forums and databases. One of the requirements was that the data-sharing technology itself had to be cloud-based and highly secure. Hence, it has to enable businesses to submit and share suspected fraud data legally, while always retaining ownership of the data. Through this, a merchant can remain completely in control of its data, even after it has shared it.
The need for this capability led to the development of Perseuss, a secure community platform where merchants can legally share information about encountered fraud cases. It allows merchants, such as airlines, to verify their own sales data to identify any suspicious transactions. This data sharing platform including analysis, reporting, scoring and e-mail age verification. The database is enriched and developed with a high degree of participation and input from working fraud analysts so the screens and layouts blend naturally into the operational workflow. This increases efficiency and improves decision-making.
Merchants who provide travel services rely on a vast network of partners to make the payment process proficient. Among these partners are payment service providers, software suppliers, banks, card schemes, industry associations, legal entities, national police forces, as well as international law enforcement agencies. The travel industry had the foresight long ago to involve all of these bodies in the global war against card fraud.
Co-operation between travel companies and law enforcement agencies in the international battle against fraud has been very fruitful during 2016. Through this partnership, a plan is being developed to organise ‘Days of Action’ against credit card fraudsters, which will increase in frequency until they become an everyday norm.