What Is Transaction Monitoring?

Transaction monitoring refers to card issuers and financial institutions monitoring the transactions customers make in real time and analyzing these transactions for suspicious activity based on the customer’s account information and history.

By monitoring transactions, banks, credit card companies, and others can detect and prevent fraud, comply with anti-money laundering regulations, and block account takeover attempts. Yet despite the efforts, transaction fraud has only increased in recent years.

In 2021, transaction fraud soared to new heights while taking on new contours. Thanks to the pandemic-fueled spike in online and mobile transactions, card-not-present fraud alone topped $7.9 billion in 2021, and is expected to exceed $17.2 billion in annual loss within the next two years.

Unfortunately, that’s also just for starters. Armed with stolen login, payment, and other personal data, fraudsters are quickly evolving their approaches to exploit evolving payment platforms and channels. According to our own data, 70% of all transaction fraud in digital banking is now made through mobile devices, with the biggest rise seen in mobile app fraud, for instance. The price tag for all forms of transaction fraud across ecommerce, banking, and other sectors could be as high as $1 trillion per year.

Thanks to advancements in risk-based fraud detection however, transaction monitoring is now a viable option for protecting cardholders, businesses, and other transacting parties. Before we dive into transaction monitoring strategies, let’s first explore how transaction monitoring works.

How Does Transaction Monitoring Work?

Early Transaction Monitoring Systems

In the early days of transaction monitoring, companies relied on a series of predefined rules and characteristics to identify and stop fraud. Anti-fraud systems would analyze a transaction to see if it matched a list of known fraudulent transactions.

Fraudsters quickly realized they could introduce randomness or change attack vectors to circumvent detection. But throttling up defenses has introduced other challenges. With more traditional transaction monitoring solutions, 52% of transactions flagged as fraud are false declines. Over time, these antiquated systems have given way to a more sophisticated and modern form of transaction monitoring.

Transaction Monitoring Today

Modern, risk-based transaction monitoring systems combine data science and machine learning to automatically identify fraud and apply the appropriate countermeasures.

Risk-based monitoring compares each transaction to statistical models and assigns the transaction a risk score based on the behavior of the user. Rather than looking for specific actions, machine learning algorithms detect fraud based on analysis of a broad spectrum of inputs.

Through machine learning, these systems can study hundreds of data points to assess the risk of a transaction in only a few seconds. Among many others, data such as device ID, login location, session behaviors, and IP address are analyzed to determine the likelihood a transaction attempt is fraudulent.

Some examples of suspicious activity may include the following:

  • Known user logging in from a new device
  • Known user logging in from a new location
  • Unusually large purchases
  • Numerous duplicate transactions in a short period of time
  • The cardholder address does not match the mailing address

Statistical analysis is used to assign a risk score to each transaction This process assigns each transaction a risk score based on the probability of it being fraudulent. Organizations can customize different thresholds, alerts, and step-up verifications, depending on the level of risk.

This allows companies to do business in a way that protects cardholders and other end users in accordance with the organization’s business objectives and risk management strategies.

Transactions with low-risk scores are allowed to be placed without any delay or intervention. Suspicious traffic diverts to a challenge flow where users are prompted for additional identity verification. This protects legitimate users from unnecessary friction while shopping or using a brand’s platform.

Challenge flows require some form of secondary identification to authenticate the user. Typically this is done via an email or text confirmation but could include voice ID, a fingerprint scan, or other forms of biometric authentication.

If the user completes the challenge flow, they are redirected back to checkout to complete the transaction. Organizations can configure different flows for transactions that reach certain risk thresholds and customize their fraud prevention system to suit their risk tolerance and company policies.

Transaction Monitoring Best Practices

Starting with a strong foundation of best practices is the best way to mitigate risk from fraud and prevent transaction fraud before it impacts your customers, cardholders, and your bottom line.

Leverage Firewall Rules

Firewall rules can make it easy to comply with sanctions and avoid fraudulent transactions by blocking high-risk countries. If you notice cases of fraud originating from a particular geolocation, IP address, or domain, you can block these transactions in nearly all business-grade firewalls. This process can be done manually as you identify suspicious activity or proactively. For example, if you don’t offer your products to specific countries you can add them to the block list ahead of time.

Take Advantage of Machine Learning Platforms

Machine learning and artificial intelligence have proven to be the most effective tools for combating transaction fraud. These platforms are designed to scale with your business and continuously monitor the threat landscape to block new and evolving attacks. While manual fraud investigation can certainly be effective, AI-powered systems work around the clock with little to no human intervention needed.

Prioritize Frictionless Flow

Transaction monitoring doesn’t have to negatively affect the transaction experience or result in false declines. When sourcing transaction monitoring providers, verify they offer challenge flows that include frictionless flow. Frictionless flow prioritizes the customer experience by reserving out-of-band authentication for only the very small number of transactions that are truly high risk.

Outseer: Heavy on the Frictionless, Minus All the Fraud

Staying ahead of transaction fraud can be daunting. It’s why major credit card companies, financial services firms, and payment processors count on companies like Outseer to protect themselves and the people and businesses they serve.

Unlike other transaction monitoring approaches, our payment and account monitoring solutions leverage advanced data science and intel from 20 billion annual transactions to protect all digital interaction and payment types—logins, CNP transactions, bank money transfers, P2P transactions, you name it. From any geography. Without creating friction.

In fact, Outseer prevents 95% of all fraud loss, with only 5% of transactions ever requiring intervention—the best performance in the industry. In just the first half of 2021, we protected more than $100 billion in transaction volume worldwide.

We’re biased, of course. But to us, seamless transactions and stopping fraud shouldn’t require a painful compromise. Or any compromise at all.

To learn how risk-based transaction monitoring can help you delight and protect customers through the power of frictionless fraud prevention, request a free demo today.

Armen Najarian

CMO + Chief Identity Officer

Armen is a 15-year Silicon Valley veteran with deep experience leading the marketing function for fast-growing fraud prevention, predictive analytics, and cybersecurity companies. His most recent leadership roles include CMO positions at Agari and ThreatMetrix, the latter of which he established as the definitive category leader for digital identity solutions.