Enumeration Fraud Awareness
July 28, 2023 08:33
Enumeration fraud attacks are attempted payments that are submitted for the purpose of testing card account numbers, or credentials. Enumeration fraud is also referred to as card testing attacks (attempts to test sequential card numbers that are randomly generated), or BIN attacks (attempts to test multiple compromised card numbers that are issued on the same BIN).
Enumeration attack characteristics may include, but are not limited to the following patterns:
$0 or low authorization amount
High issuer and / or RevenueProtect refusal rate
Increase in authorization attempts utilizing the same issuer BIN
Randomly generated cardholder information
High number of authorization attempts within a short amount of time
Please note that such patterns may not be 100% indicative of a fraud attack, and we would recommend a review of transactional activity before taking steps to implement risk controls.
Impact of enumeration fraud on merchants
Reduction in authorization rates, due to high issuer decline rates
High transaction fees stemming from declined transactions
Visa or Mastercard excessive retry fees
Steps to prevent or alleviate the risk from enumeration fraud
Investigate unusual activities such as increases in issuer refusal rate, or in the number of payment attempts with a $0 amount
Using the Risk & Dispute management report in the Customer Area, be aware of increases in issuer or risk refusals that can denote a fraud attack
Implement CAPTCHA test on your checkout page or a similar solution
Consider temporarily blocking the BINs utilized by the fraud actors
Enable and assign risk scores to the following RevenueProtect risk rules:
Card number chunk used more than X times within Y minutes
Mastercard or Visa card number used more than X times within Y days
Card/bank account number used more than X times within Y hours
Shopper email used more than X times within Y minutes
Shopper IP used more than X times within Y minutes
Shopper initiated a transaction more than X times within Y days
Utilize custom rules targeting the trend you identified in RevenueProtect (a RevenueProtect Premium feature)
For more information on how to utilize RevenueProtect in order to mitigate fraud, please visit the risk management page.
If you have further questions, please reach out to your regional risk team or Adyen Help.