[jstanley]

> Real cardholders almost never buy something for exactly $1.00. Coffee is $4.73, gas is $52.81. The roundness is the signal.

Surely this depends on how the vendor sets their prices? If you're going to buy something from a website to test a stolen credit card you don't just get to make up your own prices.

And I think you may be over-indexing on the US "prices don't include tax" thing. Elsewhere, round-number prices are extremely common.

In fact a lot of the rest of the stuff in the post seems like it wouldn't work very well either. (E.g. you're flagging anyone who has done a transaction in the last 90 days outside the range of hours at which they have 2+ transactions? Wouldn't that be like 50% of people?).

It's unclear to me whether this article is an attempt at breaking down complex expertise into over-simplified SQL queries, or whether it is all speculative and made up.

There is a conflict between "Six SQL patterns I use to catch transaction fraud" and "Nothing here comes from anything I’ve actually worked on or seen".

[nswango]

The "transaction outside usual hour range" seems pretty basic.

I don't usually buy gas, coffee or snacks at 2am. But on the very rare occasion that I do, I'm dealing with some kind of personal emergency and don't also want to have to call my bank.

I get that that's also a time opportunistic thieves, etc, might be operating. But the cost of false positives is also a thing.

[adrian_b]

On the other hand, for online transactions I frequently do them outside the usual hour range.

However, before going to a distant country, which was also in very different time zone, I warned the bank that issued the card that I intended to use, so that they would not consider suspicious either the place or the time of the transactions.

[ErroneousBosh]

Two things I have found that absolutely positively freak the shit out of my bank:

Buying a full tank of gas and then a full tank of petrol (dual-fuel vehicle) in two separate card transactions one after the other. Can't use the same pump, annoyingly, at least with the old system in Morrisons. Don't know if it's different since their petrol stations have been bought over by Motor Fuel Group.

Similarly, buying a full tank of gas at Morrisons in Bradford where the supermarket chain's headquarters are, then driving five hours north and refuelling again in a different Morrisons which show the transaction as coming from their banking systems in Bradford but tagged as a city in Scotland. This is apparently because it's implausible to drive from the central England to central Scotland in a few hours, and then need to refuel.

They are (or was at least, last checked a year ago) 100% repeatable.

[joseda-hg]

Oportunistic thieves sure, but more knowledgweable thieves would 100% try to replicate more normal usage patterns, like buying gas just after normal work hours

[normie3000]

Worse than that.

Coffee usually _is_ a round number in my experience, and I know of people who aim for round numbers when filling their car, and of fuel stations which require a pre-set value, often 10, 20, 50€ etc

[sheept]

Yes, as your parent comment points out, the article centers itself on US transactions, where listed prices seldom include tax and are frequently a cent below a round number. For example, the menu says a dish is $15.00 but the restaurant charges $18.83 after tax and tip. Globally, there's no doubt the US is the exception rather than the norm.

[panflute]

That sounds reasonable for some states but 5 states have no sales tax and many states have exclusions to sales tax. Many of those are also likely to have rural areas where small businesses like to use even amounts.

[Niksko]

All of that is easy to account for, all of the metadata you need is available. This also applies to the sibling comment about rounding up to charity at the grocery store, the data is all there, even if it's e.g. the fraud analyst at the bank or credit card company instead of the fraud analyst at the grocery store.

[normie3000]

I don't need to account for it - I'm just stating that this doesn't match my experience:

> Real cardholders almost never buy something for exactly $1.00. Coffee is $4.73, gas is $52.81. The roundness is the signal.

[nkrisc]

The article is about the US and your example uses Euros, so I don’t think your experience applies here.

[phatskat]

I’ve always fancied landing on a round number at the pump, kind of a little game I play lol. Glad it’s never set off any alarm bells for my bank

[LandR]

Yeah I was in a bar one night and was peckish, so tried to buy a packet of crisps. They said minimum spend on card was £5, so I said just charge me the £5 it's fine.

Card got blocked as they thought it was fraud. Annoying! And not something inebriated me wanted to deal with at 2am.

Ok. Maybe they protected me from myself, but still!

[ErroneousBosh]

Why didn't you just buy five quid's worth of crisps?

[themafia]

I'm seeing a few stores here and there which have a "round up to donate" option. I guess I'm a bit of a sucker and I always use that option. My groceries are always a round number as a result.

[time4tea]

Ive always suspected that this is all of a tax dodge, a money spinner, and a pr exercise "we gave xxx to charity" - no, your customers did.

Just set up a direct debit to your favourite charity.

[gosub100]

> Just

the point of these drives is to get more people to give to charity. Then you use a lullaby-word as if setting up a charitable donation is as easy as saying "yes" when the checker asks if you want to give a small donation.

[time4tea]

Well, my point was that maybe it actually isnt "to get more people to give to charity", maybe its actually something else.

Its actually very easy to give £5/month direct to a charity. Takes about 2 minutes, just gotta do it.

[foldr]

You're overthinking this. There's a publicity element to it, but the money just gets given to charity, like they say it does. It's not a conspiracy or a tax accounting trick.

[jstanley]

How can you tell? And is this definitely universally true or just true of the 1 instance you happen to have personal experience with?

[skeeter2020]

Agree - I don't think a giant multinational should get the cumulative charitable donation through their "Gavin Belson Foundation", and frankly it coming while you're checking yourself out, and navigating all dark-pattern "share your email for an e-receipt?", "want our deal of the day?", "enter your loyalty card?", "fill out this poll?", "are you collectioning stickers?" nonsense really grinds my gears. I just want cheaper groceries!

[KellyCriterion]

ah, thanks for introducing me to this business model! :-)

[adrian_b]

I do not know if this is still used anywhere, but in the past there were places, e.g. hotels or car rental services, where the validity of a credit card was tested by a $1.00 transaction, before booking a room or renting a car.

[skeeter2020]

In North America they typically charge a much bigger deposit for these with a hold unit after everything clears. This makes sense; it's more important that you have the credit than just a functioning CC, but doesn't really help with fraud.

[mike_hock]

This is also

a) trivial to bypass by adding dither to the test transactions and

b) trivial to improve upon with proper statistical analysis and

c) shouldn't this kind of heuristic pattern recognition with no expectation of near-100% accuracy be what AI is good at?

[aleph_minus_one]

> a) trivial to bypass by adding dither to the test transactions and

I know someone who worked in fraud detection of financial transactions. He told me that indeed lots of filters that are applied mostly test for anomalies. The thing is that most criminals are not insanely smart, and commonly don't have a lot of inside knowledge about accounting, banking, finance system etc., so criminals often have a bad intuition about more subtle things that are looked at for fraud detection.

But if you are a very dedicated criminal with lots of inside knowledge about, say, accounting, banking, finance system, ..., you could likely outsmart these filters. But these people typically have much better career options (even if they want a career as a "big fish criminal": just look at the history of accounting scandals, stock manipulations, Ponzi schemes, ...).

[alwa]

Their approach to “Suspicious merchants” also confuses me: the description doesn’t make logical sense to me and doesn’t match the abuse pattern as far as I understand it.

> When a skimmer compromises a card reader at, say, a gas pump, you don’t get one fraud case. You get dozens. Every card swiped at that pump for the next few weeks is now in someone’s database. So the symptom from the merchant side is: an unusual number of unrelated cards spending more than usual, in a short window.

So he checks for hour-bucketed increases in high-value transactions originating from that merchant.

Seems to me like a good way to catch a sale, an opening, a launch event, or a product “drop,” a single high-value sale that somebody spreads across several cards… less so a good way to detect a steady trickle of stolen card data that’s inexplicably used back at the same merchant.

If you’re installing a card skimmer, why would you charge the stolen cards at the same business where you’re stealing them? And why would you concentrate your spending into bursts if the skimmer’s harvesting all day every day?

If you’re the merchant doing the skimming in order to spend at your own store, wouldn’t it be easier to punch a higher amount into the terminal? If you’re a skimming ring, wouldn’t you prefer to have purchasing power rather than this $5000 threshold (?!) of extra gas (plus a giant neon sign advertising where you placed your skimmer)?

Wouldn’t a more sensible approach involve something like looking for merchant clusters in the combined transaction histories of known-stolen accounts?

The LLM runs so strong in this whole enterprise… I want to give the person the benefit of the doubt, but I can’t resist the sneaking suspicion that LLM fabulism to push a slop novel just wasted 15 minutes of my life.

[nubg]

The article is LLM-generated.