Security & Fraud

Fiserv’s Davie: Card Reissuance Post-Breach: Why Less Is More

Only 5 to 10 percent of cards whose data is exposed in a breach end up getting used in fraudulent transactions, a Fiserv executive says in “Walk to the Elevator,” a new interview series from PYMNTS. Becoming more precise with fraud detection can help prevent issuers from wasting money in the reissuance process.

It’s become a familiar ritual as data breaches continue to increase: An issuer detects real or potential fraud, notifies customers and prepares to eat the expense of reissuing cards, a process that can put activation and spend rates at risk.

Earlier fraud detection and a more precise way of scoring the risks to individual cards, however, are producing benefits for financial institutions.

A Fiserv fraud warning system has led to a “10 percent reduction in fraud” for clients, Patrick Davie, VP of risk solutions for card services, recently told Karen Webster in PYMNTS’ “Walk to the Elevator” podcast. “We’re experiencing some nice ROI for clients,” he said, emphasizing that earlier detection of fraud attempts can help reduce the scope and costs of such breaches.


Fiserv is hardly the first financial services technology company to realize that, he acknowledged. But Fiserv's fraud detection technology employs “advanced analytics and different types of tools to get a wider array of breach locations,” including at ATMs, Davie said.

Analyzing more data points across a “wider footprint” results in another benefit for issuers, he noted — speed of notification. The fraud detection technology enables Fiserv to identify compromised cards from breached locations much faster than the networks, sometimes 30 to 60 days faster. The Fiserv offering debuts at a time when the number of U.S. data breaches involving payments cards are increasing 6 percent year over year, according to a 2017 analysis by the Identity Theft Resource Center.

Those types of thefts accounted for nearly 20 percent of all breaches recorded last year, the group said. In total, the number of U.S. data breaches increased 44.7 percent year over year in 2017, with 1,579 instances counted by the resource center — a record high. The banking, credit and financial sector stands behind only the business sector and the medical and healthcare industry when it comes to the main victims of breaches.

It’s not just the number of breaches that keeps growing, but also the quantum of data accessed by criminals. For instance, the “actual number of records” involved in credit and debit card data breaches increased 88 percent year over year in 2017, according to the Identity Theft Resource Center.

Detecting fraud is only one step of the process that can lead to the issuance of new cards. The Fiserv fraud detection technology gives issuers the power to be more precise when determining which cards might need to be reissued in the wake of a compromise and which cards can stay in customers’ purses and wallets.

Only 5 to 10 percent of cards whose data is exposed in a breach end up getting used in fraudulent transactions, Davie told Webster. Giving issuers more intelligence about those breaches and exposed data enables them to set specific rules for the reissuance of individual cards and potentially save money.

Those rules rate the likelihood of fraud on an individual card, and the card score triggers specific actions.

For instance, data from a specific card may have been exposed in a breach, but because the intelligence received through the Fiserv fraud detection technology shows that the risk of fraudulent use is relatively low, the issuer might decide not to reissue that particular card. Those card scores will help issuers figure out when it makes financial sense to reissue cards or change their risk mitigation strategy.

Issuers that are careful about reissuance could not only save those direct reissuance costs, but also reduce the odds of longer-term losses, Davie said. “When there is fraud on someone’s card, the cardholder might be a bit leery of using it. The consumer might pull out a different card,” he told Webster. “And if (that card) is reissued a few times, you may have to worry about activation rates.”

In fact, any type of hurdle placed before cardholders — whether real or perceived — can increase the risk that consumers will lose trust in a particular payment card, according to Fiserv data. For instance, many consumers whose cards are denied due to suspected fraud that turns out to be false end up abandoning those cards. Fiserv research suggests that two or more false declines can result in 20 percent of consumers not using the cards in question.

Davie said the Fiserv fraud detection technology, with its emphasis on a wider range of intelligence speedily delivered to clients, can make it easier for issuers to better protect what is most important to their bottom lines: the cardholder.

“The customer is the most important asset,” Davie said.



About: Accelerating The Real-Time Payments Demand Curve:What Banks Need To Know About What Consumers Want And Need, PYMNTS  examines consumers’ understanding of real-time payments and the methods they use for different types of payments. The report explores consumers’ interest in real-time payments and their willingness to switch to financial institutions that offer such capabilities.