Risk alert: How to spot signs of potential BIN attacks

A new risk alert from CUNA Mutual Group warns of a new trend, with attacks on credit union card BINs, some resulting in large losses. A BIN attack involves a fraudster taking the first six numbers of a card (the bank identification number, or BIN) and then using an algorithm or software to automatically generate the remaining numbers and test these combinations to see which card numbers are correct and if the cards are active.

This is usually done by making small transactions through small e-commerce retailers, while the volume of cards being tested can range from several a day to thousands of cards in a matter of hours, according to the alert.

Common signs of a BIN attack include:

  • large volumes of transactions at a single merchant;
  • transaction amounts ranging from zero to under $5;
  • high volumes of denials for CVV2 failure or invalid account number; and
  • incorrect card expiration date responses.

The alert states that credit unions should consider the following risk mitigation tips to prevent potential losses:

  • randomize your card numbers and expiration dates;
  • review reports to monitor for unusually high volumes of transactions within a BIN;
  • block high-risk merchants;
  • utilize 3D Secure 2.0 for online purchases;
  • work with your card processor to set rules and strategies to detect and prevent BIN attacks;
  • for legitimate merchants, set rules to monitor transaction velocity per hour and block transactions if the threshold reached and investigate those transactions; and
  • encourage members to use card transaction alerts and report any unauthorized activity immediately to their credit union.

CUNA Mutual Group’s risk alerts, in additional to additional risk-prevention resources, may be accessed on their Protection Resource Center. Log-in is required.

Leave a Reply