While global fraud rates have increased 11%, successful card testing attacks on Stripe have decreased by 80%. But that doesn’t mean card testing has stagnated—we monitor it closely and it’s evolving all the time. 

We recently noticed a shift: issuers were authorizing card testing transactions at higher rates than before. Card testing has historically been detectable through low authorization rates—a result of enumeration attacks where bad actors use automated trial-and-error authorization attempts on credit card numbers to differentiate between active and nonactive cards. An enumeration attack is a guessing game, and bad actors rarely guess the correct card numbers, so their authorization rates were low. 

However, we noticed that the authorization rates for card testing transactions were going up as bad actors shifted away from enumeration attacks. Instead, they were running verification attacks using new data dumps that contained the payment details of millions of stolen cards. These data dumps were higher quality than in the past due to more sophisticated phishing scams that resulted in stealing and leaking accurate stolen card details, so authorization rates for card testing transactions increased. This not only puts customers’ personal information at risk, but it also increases disputes for businesses.

Our three-step approach to combatting verification attacks

While Radar’s models predict the likelihood of fraud or card testing, we needed a new way to recognize verification attacks that were causing high authorization rates. To do so, we created a three-layered approach: 

1. We started with the most straightforward solution: we manually ingest data dumps of stolen card information, so we can block any transactions using those same cards. 
2. We then complement this manual approach with additional features to automatically monitor the internet for stolen card numbers.
3. Throughout the process above, we found that the fraudulent use of compromised cards tended to have specific characteristics. This allowed us to create probabilistic stolen card models that use machine learning to identify these characteristics at scale and help us to estimate whether a card might be stolen—even without our system discovering it on the internet. 

This three-layered approach allows Radar to consider a card’s compromised status as another signal when processing a charge. We’ve been able to block an additional 30 million high-risk transactions, which helps reduce dispute rates and keeps our users out of card networks’ fraud monitoring programs. 

Helping you adapt to fraud

These compromised card controls are just one example of how we’re continually making Radar’s models smarter. If you use Radar, you’ll automatically benefit from these enhancements without needing to make any changes to your integration. 

Learn more about how Radar can help protect your business from fraud.