Menu ---

Frank on Fraud

Should Card Fraud Systems Be Used To Detect Terrorism?

In 1995, I had my first experience with fraud and terrorism. I was working for First Deposit Bank as a fraud investigator and the FBI began to call us about one of our customers – Terry Nichols.  They were calling all his credit card companies to determine what charges he had recently been making. They were looking for clues about what he purchased and where he made those purchases.

I didn’t know it at the time, but he was about to be arrested for conspiring with Timothy McVeigh in the Oklahoma City bombing case.

Ever since then, I have been intrigued by the link between fraud detection systems and their ability to pick up on potential terrorist activity.  It seemed to me that credit card activity is a perfect early signal to predict who was about to engage in a heinous terrorist act.

The question in my mind then was, should card fraud systems be used to detect terrorism?

How Banks Unwittingly Finance Mass Shootings

The New York Times published a piece this week that re-awoke my interest in the link between credit card activity and terrorism  How Banks Unwittingly Finance Mass Shootings.

In the article, they point out the shocking link between credit cards and mass shootings.  The practice of stockpiling by mass shooters is one that is easily identified when credit card activity is examined in retrospect.

Orlando Mass Shooting- 49 Killed

Omar Mateen used six credit cards to buy two guns and thousands of rounds of ammunition before he opened fire inside the Pulse nightclub.

Mr. Mateen had opened six new credit card accounts — including a MasterCard, an American Express card and three Visa cards — over the previous eight months. Twelve days before the shooting, he began a $26,532 buying spree: a Sig Sauer MCX .223-caliber rifle, a Glock 17 9-millimeter semiautomatic pistol, several large magazines, thousands of rounds of ammunition and a $7,500 ring for his wife that he bought on a jewelry store card. His average spending before that, on his only card, was $1,500 a month.

The Times points out that two days before the rampage he went on Google and typed “Credit card unusual spending.”   He was astutely aware that his heightened credit card activity might give him away

Aurora Colorado Mass Shooting- 12 Killed

Could the Aurora Colorado mass shooting have been prevented by identification of risky credit card activity?

James Holmes used credit to help buy more than $11,000 in guns, grenades, a gas mask and other military gear to attack a movie theater.

The Times tracked his credit card in the months prior to his mass shootings.  He made 57 purchases in 61 days.

Las Vegas Mass Shooting – 12 Killed

Stephen Paddock had two dozen guns inside the Mandalay Bay Resort when he rained fire on a music festival below. Police found four credit cards in the hotel room that he had used prior to the shooting.

In the prior 2 years, Paddock had spent over $95,000 on firearms and owed about $170,000 to his credit card companies.

Card Activity Is A Signal – But Is It A Good One That Should be Monitored?

There is a trend here.  There is evidence in many of the recent mass shootings that heightened and unusual credit card activity can be a great signal that law enforcement could use to help.

But are the signals and the data good enough to provide insight?  There are lots of factors that are giving banks pause including:

  • Merchant Category Codes Are Not Accurate – MCC codes do not provide granular enough information to determine gun and ammo purchases.
  • BoxCar Information is Not Automatically Provided – Banks could get ‘boxcar” information that provides additional detail on retail transactions but today they do not, so it makes it hard to pinpoint gun transactions from other high ticket items.
  • Banks Could Be Fined – Banks could be fined for discrimination if they target people buying guns unfairly.
  • Regulations Do Not Require It – Neither Visa / MasterCard regulations nor SAR reporting requires banks to review high-risk gun purchase activity.

All these factors mean that fraud detection systems and SAR reporting for stockpiling could be years away.

But it doesn’t mean it isn’t the right thing to explore.

False Positives Might Be Too High To Operationalize Effectively

Besides banks and payment associations, not everyone agrees that fraud systems should be used to target terrorist activity.  The false positives are simply too high and the investigations are too invasive to maintain people’s privacy.

Cory Doctorow points out the math and false positives simply don’t work as he explains in his article  – Credit Card Activity as a Predictor of Terrorism.

He points out that detection systems would not have the benefit of an accurate identifier of what a gun purchase was since those are often hidden in retail MCC codes.  This would make false positives of any queue extremely high.

My Recommendation – Analyze and Start off Small

It is only a matter of time before banks are tapped to help Law Enforcement identify mass shooters by leveraging fraud techniques to identify stockpiling.

Banks can begin by analyzing prior outlier activity for potential stockpiling and evaluate the results for potential clues.   The analysis could be purely retrospective.

Sudden Ramp Up – Dormant or brand new accounts with sudden high dollar ramp up in 60 days at high-risk MCC codes where guns are most likely to be the purchased items (5399, 5933, 5941, 7513)
Stockpiling –  Persistent high use high transaction amount at target merchants over 6 months where guns and ammo are most likely to be purchased  ((5399, 5933, 5941)

Simply analyzing the portfolio for outliers could provide some indications of individuals that might be at higher risk. Outlier detection usually raises some interesting cases to the top.

Thanks for reading!