Using BIN Data to Uncover Fraud at the Issuer Level
GoFundMe identified a problematic BIN after seeing it tied to excessive refunds. Without Pagos, they may have stopped their analysis there. But with access to comprehensive payments data visualizations and advanced filtering capabilities in Peacock, they realized the fraud was actually associated with a handful of BINs, all from the same issuing bank.
Overview
Recently, GoFundMe’s Risk Analysts uncovered suspicious refund activity linked to a specific BIN. In addition to taking proactive measures to thwart further abuse, they expanded their risk analysis to review refund rates for other BINs from the same issuing bank. They discovered a number of BINs, all from that same bank and issued in the same currency, associated with similarly disproportionate refund rates. This discovery not only facilitated immediate action but also informed the creation of automated triggers in Canary to preempt future threats. With Pagos' integrated solutions, GoFundMe navigates fraud detection with efficiency and confidence.
The Investigation
GoFundMe's Risk Analysts rely on a meticulous review process for identifying and taking action against fraudulent activity. As a part of these reviews, they segment out payments from various sources and look for any concerning trends. Successfully scaling this data driven process from both a people and operational cost perspective presented unique challenges to the GoFundMe team's success, as they needed to work across processors and multiple data sets.
That is, until Pagos.
Using Peacock by Pagos, our payments data aggregation and visualization platform, GoFundMe can import all their payments data from multiple sources into a single place using our no-code data connections. From there, they can immediately see all of their transaction, chargeback, refund, and decline data in one place, organized into user-friendly visuals. They have everything they need to spot trends in this data across time and apply data filters to hone in on the exact data segments they care about most. This is especially important when it comes to identifying common characteristics associated with bad actors.
GoFundMe
The Risk Analysts at GoFundMe regularly review the Refunds dashboard in Peacock to track any unexpected spikes in refund activity. The Top 25 Bins by Refund Volume chart, for example, is a valuable resource for analysts to efficiently spot any anomalies in BINs with abnormally high refund rates. As its name suggests, this chart lists the top 25 BINs with the highest volume of refunds over the selected time period. With the flexibility to review this data on whatever cadence they choose, they can highlight any recurring patterns, and apply those insights to risk mitigation strategies before fraudulent transactions become chargebacks.
After one such review, GoFundMe discovered a BIN associated with excessive refunds. To cast a wider net and see if there was more to this potential fraud attack than met the eye, they filtered the Refunds dashboard to show only refunds for cards issued by the same issuing bank as the BIN in question. In applying this single filter, the root cause driver became clear: this problem went beyond just the one BIN and actually expanded to several BINs, all from the same issuing bank, specifically on one currency.
The Outcome
GoFundMe used these insights to swiftly address connected fraudulent activity that was at risk of driving additional negative impact to its customers and bottom line. Further, the identified fraud trends were used to create a trigger in Canary, our anomaly detection service. They specifically built out a trigger to monitor the refund rates for the identified issuing bank that would proactively alert Risk analysts whenever activity became a concern again. With this automated data monitoring happening in the background, their Risk Analysts could breathe easier knowing another similar attack will be proactively flagged for the team.