IMGCAP(1)]
As fraudsters targeting merchant acquiring data networks increase the sophistication of their attacks, merchant acquirers are poised to adopt more complex risk-management systems, says a report released last week by Mercator Advisory Group Inc., a Maynard, Mass.-based consulting firm. Acquirers using outdated systems place themselves in danger, says David Fish, a Mercator analyst who wrote the report. "They're not keeping up with fraud trends in an automated fashion," Fish tells ISO&Agent Weekly, a CardLine sister publication. Some risk managers bypass automated alerts the data systems issue because too many of them are false positives—they declare an alert when none exists, he says. In many of these instances, outdated monitoring systems have not kept pace with the types of attacks, Fish explains. "Risk managers at acquiring companies have a clear understanding of the threats," he says. "It's not necessarily a question of educating the operatives as it is a question of does the risk-management shop at the acquirers possess all of the necessary tools to do their jobs in an optimal fashion." Fish says it appears risk-management systems for the acquiring industry are in the midst of a transition as several independent sales organizations eye moves to becoming processors and the industry contends with the dissolution of Chase Paymentech LLC into two companies owned by First Data Corp. and JPMorgan Chase & Co. Several major ISOs will be moving from Chase's sponsorship to a First Data partner sponsoring bank and require compatible risk-management services, Fish says.
