Digital banking has transformed both consumer banking and the threats posed to banks and their customers. In addition to new scams and schemes targeting online banking customers, we have seen the evolution of criminal marketplaces to trade in stolen information, stolen accounts, and stolen money. This has been a particularly interesting history of development around stolen payment card information. In this exploration, we will look at the anatomy and recent history of these illicit platforms, with a specific focus on changes in the space since the notorious Joker’s Stash shut down, shedding light on the sale and trade of stolen payment information, the fracturing of the underground carder economy, and examining the impact on financial institutions and customers.

The Anatomy of Underground Credit Card Stores

Operating as shadowy corners of the internet, dark web credit card marketplaces facilitate the buying and selling of stolen payment cards. These platforms provide a marketplace for payment card data stolen by a variety of actors, leading to further specialization in crime. While criminals in the past might have stolen card data for their own reuse in carding, modern criminals split into those who capture and skim card data, and carders who take stolen card data and use it to make illicit purchases. Even skimming, which traditionally relied on capturing data from physical cards at point of sale has evolved into more technical approaches like Bluetooth enabled gas pump skimmers that can be used for weeks or months, e-skimmers like Magecart attacks that lift card data from ecommerce websites, and true cyberattacks like the Target and Sonic credit card breaches that compromised entire large commercial point of sale systems to steal card data in bulk.

Recent History and Trends

Over the past decade, Joker’s Stash emerged as one of the most infamous dark web marketplaces, gaining notoriety for illicit transactions and offering a plethora of stolen financial data. The platform, distinguished by the sophistication of its administrators, left an indelible mark on the cybercrime landscape, and became the central marketplace for stolen card data, outclassing all competitors.

The Rise and Fall of Joker’s Stash

Reaching its zenith as a notorious hub for stolen financial data, Joker’s Stash faced a significant setback when law enforcement agencies collaborated to take it down, along with many other high profile carding sites. This victory against cybercrime dealt a severe blow to the criminal underground, disrupting operations on one of the most prolific dark web platforms.

Aftermath and Resilience

Post the dismantling of Joker’s Stash, cybercriminals displayed adaptability by establishing new marketplaces to fill the void, highlighting the resilience of criminal enterprises. This adaptability underscores the ongoing challenge faced by financial institutions in combating the ever-evolving threat of dark web credit card marketplaces. Much like the situation after Silk Road was taken down, out of the ashes of Joker’s Stash, we have seen dozens of new carding data providers crop up, some specializing in particular regions or types of card data.

Impact on Financial Institutions and Customers

The repercussions of dark web credit card marketplaces, including the rise and fall of Joker’s Stash, extend beyond monetary losses. Financial institutions shoulder increased operational costs tied to investigating fraudulent activities and failed authentication attempts. Customers who lose their card data to fraud may turn to a different card while waiting for a replacement card, threatening the top-card effect of passing all spending across one preferred card. In some markets, like the US market, those interchange fee revenues can approach 3% of all transactions. Simultaneously, customers face the risks of identity theft, damaged credit scores, and the emotional toll of financial fraud.

Proactive Strategies and Technologies for Mitigation

In the relentless battle against cyber threats, financial institutions must deploy proactive strategies and technologies to mitigate risks and protect customers, especially in the context of compromised credit card feeds. Additionally, securing transactions with a 3-D Secure ACS (Access Control Server) solution plays a pivotal role in bolstering the overall fraud prevention strategy.

Leveraging Outseer FraudAction Compromised Credit Card Feeds

Financial institutions can proactively strengthen their defences by integrating intelligence derived from FraudAction. This involves leveraging insights from compromised credit card feeds into security protocols, enabling institutions to identify potential threats, block fraudulent transactions, and enhance overall risk management. This not only protects against financial losses but also reinforces customer trust. Rather than cancel cards when the customer reports fraud, banks can be aware of breached cards before fraud takes place, sending a replacement card on the spot and tightening fraud rules to decline any risky transactions in the meantime. This preserves customer experience and top card effect.

Securing Transactions with 3-D Secure ACS

Implementing a 3-D Secure ACS solution, like Outseer 3-D Secure, fortifies the fraud prevention strategy. This EMV® 3-D Secure ACS delivers a secure, frictionless digital shopping experience, providing a multi-layered defence against unauthorized transactions. By adding an extra layer of authentication, financial institutions reduce the risk of fraudulent activities during transactions. This proven technology, seamlessly working in the background, analyses transaction data and authenticates users in real-time, ensuring only legitimate transactions proceed.

This integrated approach, combining insights from FraudAction and the protection of Outseer 3-D Secure, enhances fraud prevention, positioning the institution as a guardian of customer trust in the dynamic fraud landscape.


On-Demand Webinar

Dark Web Marketplaces: Unmasking the Underground Economy of Stolen Credit Cards

In this webinar, our fraud-prevention expert will walk through the latest tactics employed by cybercriminals, the technologies and strategies used to facilitate these activities, and the proactive measures financial institutions should take to safeguard against these threats.

Join us on 20th February 2022 at 3pm GMT for a discussion aimed at equipping financial institutions with the knowledge and tools necessary to navigate this hidden landscape and fortify their defences against the ever-evolving threat of cybercrime.

Watch Now

Maximilian Gebhardt

Head of Commercial Success for FraudAction

Max has 20 years of experience in fraud prevention and financial crime prevention for the US Government and major financial institutions. He has driven innovative fraud solutions for Citi and Fidelity Investments, managed fraud analytics teams, as well as designed anomaly detection methods for the US Department of State to spot immigration fraud and illicit technology transfer. He has consulted on digital fraud issues for dozens of top US, UK, EU, and Canadian banks and brokerages. Based in the Dallas-Fort Worth Area of Texas.