Criminals looking to commit payment card fraud rarely try to steal payment cards (or at least their credentials) one by one. Instead, they tend to attack merchant databases and points of sale in order to pilfer access to multiple cards within a short period of time.
Fortunately, financial institutions looking to detect and prevent fraud can use this to their advantage. By tying payment cards used in fraudulent transactions back to the last merchant they were legitimately used at, risk management teams can find out where those cards’ credentials were likely compromised.
By determining this location—referred to as a common point-of-purchase, or CPP—anti-fraud agents can prevent other cards that may have been compromised at that point from being used for fraud. They may even be able to catch the fraudsters and prevent any more cards from being compromised at that place. Let’s start by more succinctly defining a CPP.
What is a Common Point-of-Purchase (CPP)?
A common point-of-purchase (CPP) refers to the last merchant at which multiple payment cards were used legitimately before they began displaying signs of fraudulent activity. This means that these cards’ credentials were likely compromised due to a data breach at that merchant.
Common Point-of-Purchase (CPP) Analysis
CPPs can play a role in fraud prevention as reference points for determining which other payment cards may have had their details stolen. Then those cards can be locked before criminals have a chance to use them to commit fraud. This process is known as common point-of-purchase analysis.
What is Common Point-of-Purchase (CPP) Analysis?
CPP analysis involves tracing fraudulently-used payment cards back to the last places they were used for properly-authorized transactions. The objective is to look for commonalities in places and times to pinpoint a location where payment card data is likely being stolen.
In doing so, CPP analysis also helps to determine what other payment cards likely had their details compromised. This lets financial institutions work proactively to cancel and reissue these cards before they can be used for fraud.
How Does Common Point-of-Purchase (CPP) Analysis Work?
The general steps a financial institution takes in conducting CPP analysis are as follows:
- Identify an instance of payment card fraud.
- Analyze the compromised card’s transaction history to find the last location where it was used for a legitimate transaction.
- Repeat steps 1 and 2, looking for patterns in compromised cards that were used in similar locations and at similar times.
- Alert merchants identified in patterns that they may be CPPs, in order to prompt them to investigate potential data breaches.
- Decide how to handle payment cards that were used at a CPP and may have also been compromised.
How to Use Common Point-of-Purchase (CPP) Analysis to Prevent Fraud
Common point-of-purchase analysis can be used to detect fraud after it’s occurred and—in some cases—prevent fraud from happening to other victims.
Here are a few advanced tips for getting the most out of using CPP analysis for fraud prevention.
Watch for instances of “card testing”
A common tactic of fraudsters using stolen payment card data is to “test” it. They may first try a series of low-value transactions to see if the card’s credentials actually work, and if there is money available on the card to use. If these tests are successful, a fraudster may begin attempting higher-value transactions to check how much they can spend on the card per transaction, per day, or in total.
Monitoring transactions for these patterns of activity can make it easier to spot cases of payment card fraud. From there, a financial institution can start using CPP analysis to trace compromised cards back to the merchants where their credentials were likely stolen.
Utilize link analysis to find CPPs faster
Though our basic model for how CPP analysis works involves investigating fraudulent transactions one at a time, this is very inefficient in practice. It’s better to take a holistic link analysis approach, looking at visual networks of suspicious activity to more quickly find points of commonality between them. This can help to identify CPPs much faster, which leads to more proactive fraud prevention.
Use a risk-based approach to handling potentially-compromised cards at a CPP
Once a financial institution identifies a CPP, it has to decide how to handle payment cards it has issued that may have been compromised by being used at that merchant. Canceling and re-issuing them is the safest option, but this can be costly and time-consuming—especially if the affected merchant is high-volume.
Instead, an FI may choose to take a more moderate approach. For example, it may only cancel cards with significantly high credit limits in order to prevent the largest losses. Or it may simply flag potentially compromised cards so they are subjected to closer scrutiny when used in certain places, times, or types of transactions.
CPP Analysis is Good at Fighting Fraud—Let Unit21 Help Make it Even Better
One more important thing to note is that CPP analysis is only possible after a payment card is used fraudulently. So while it can limit the amount of damage that payment card fraud causes after a data breach, it doesn’t stop the breach from happening. Nor does it help to prevent any losses that occur before the CPP is identified.
This demonstrates two things. First, time is of the essence in fraud investigation and prevention. Second, CPP analysis should be just one of a risk management team’s tools in its fight against fraud. Another great addition is Unit21’s case management solution, which features visual analysis and automated SAR/AML filing.
Contact us today for a demo of how it works.