Fraud.net Product Updates logo

Product Updates

Subscribe to Updates

Labels

  • All Posts
  • Fix
  • Announcement
  • Improvement

Jump to Month

  • April 2025
  • March 2025
  • February 2025
  • September 2024
  • July 2024
  • June 2024
  • May 2024
  • April 2024
  • March 2024
  • February 2024
  • January 2024
  • December 2023
  • November 2023
  • October 2023
  • September 2023
  • August 2023
  • July 2023
  • June 2023
  • May 2023
  • April 2023
  • March 2023
  • February 2023
  • January 2023
  • November 2022
  • September 2022
  • August 2022
  • June 2022
  • May 2022
  • April 2022
  • March 2022
  • February 2022
  • January 2022
  • December 2021
  • November 2021
  • October 2021
  • April 2021
  • February 2021
  • January 2021
  • December 2020
Powered️ byAnnounceKit

Create yours, for free!

Improvement
a month ago

Advanced Rule Added: Track Suspicious BIN, IP & Card Activity 🔍

We’re excited to introduce a new fraud detection rule designed to identify coordinated transaction patterns involving BINs, IPs, and card usage. This rule enhances our ability to detect and prevent fraud schemes such as card testing, account takeovers, and money laundering.

🔍 What the Rule Does

This rule tracks the number of transactions associated with:

  • A single IP address
  • Multiple cards sharing the same BIN
  • Transactions that exceed a defined amount threshold
  • Within a specified timeframe

📌 Trigger Example

The rule will trigger if the following conditions are met:

  • Transactions originate from a single IP address
  • Involve 5 different cards sharing the same BIN
  • A total of 10 or more transactions occur
  • Each transaction exceeds 100 EUR
  • Transactions happen within a 1 day

🎯 Objectives

1. Suspicious Activity Detection:

  • Flags behavior that suggests possible card testing or fraudulent transaction attempts.
  • Fraudsters often use multiple stolen credit card details to test their validity.

2. BIN Monitoring:

  • A shared BIN often indicates cards issued by the same bank or financial institution.
  • Fraudsters may acquire batches of stolen cards from specific BINs, making this pattern a red flag.

3. IP Address Tracking:

  • Monitoring IP addresses helps identify attempts to bypass security by repeatedly transacting from the same location.

4. High-Value Transactions:

  • Each transaction exceeding 100 EUR targets significant financial risk scenarios, ensuring smaller, benign transactions are less likely to trigger false alarms.

5. Time Window (30 Days):

  • The 30-day timeframe targets persistent fraudulent behavior rather than isolated incidents.

💡 Potential Use Cases:

  • Card Testing Attacks: Fraudsters systematically test stolen cards to find valid ones.
  • Account Takeover (ATO): If multiple cards linked to one account or BIN are used repeatedly from a single IP, it may indicate a compromised account.
  • Money Laundering Patterns: Unusually high transaction volumes from a single IP across multiple cards may point to laundering attempts.



Avatar of authorRitika Rajpal