Sunday, July 27, 2014

Detection of SNAP fraud in an EBT Environment


Fraud originating with EBT cards differs drastically in appearance than fraud originating from commercial cards. The reason for this dramatic difference is simple enough, EBT fraud origin requires collusion between the cardholder and the retailer (vendor in the SNAP world, but for the purposes of this blog, retailer). This allows fraud investigators to use EBT data to present a prima facie case to a judge that the intent and the action show a criminal act. It’s a pity that investigators do not use this most remarkable aspect of needs based payment data to track extremely vicious and powerful criminals.

I suspect the reason we do not use the data has nothing to do with malicious or planned practices, and everything to do with the difficulties of collection of data to present a prima facie case. Different vendors (sellers of goods and services, not retailers) possess the data. However all of the data regardless of the holder actually belongs to the administrators of the SNAP program and therefore shipped routinely to FNS.

I have developed a theory of fraud detection for needs based payment environment that I call behavior detection and evasion detection (BD/ED or conveniently enough Bad Ed). Subsequently I showed (at least to myself) that Bad Ed works well in other types of payment environments.  Bad Ed provides prima facie evidence for SNAP investigators because the data within the X9.58 message coupled with data from points of presence (POP) shows commission of a crime. For example, if the transaction originates from a place other than where the retailer conducts business then it is a crime and the data from a single transaction will show that.

The other aspect of Bad Ed, the evasion detection filter, requires that investigators construct it before deploying the behavior detection filter. Evasion detection works because criminals run after exposure of an attack method from behavior detection filter; they use another method, which exposes the new attack and gives foundation for the construction of a new behavior detection filter.

Next Blog: Will hybrid payment settlement suffice for the bum’s pocket?

No comments:

Post a Comment