TAGGED:

Compromised Accounts

Compromised Accounts Report

The Compromised Accounts Report allows you to view the list of accounts that were included in the compromised notification from MasterCard or Visa. The report is located on Springboard.

How to access:

  1. Select "Reporting" from the "Manage" drop down
  2. Click on "Search All Your Dynamic Reports"
  3. Select Compromised Accounts Report by clicking on "Run Report"
  4. Click on drop down to select Notified Date
  5. Click on the Alert ID drop down to select an individual Alert ID to view or All to view all alerts for that date
  6. Click on View Report
Note: Always check for multiple pages to view. You can sort the report by column if there is an arrow icon to the left of the column name. An asterisk next to the name indicates the account has been part of a previous compromise.


 

Field Descriptions:

  • Notification Date: Date CO-OP was notified by Visa or Mastercard
  • Name on Account: Primary cardholders name
Note: If there are asterisks next to the name, the account has been part of a previous compromise.

 

  • Type of Compromise: Data elements breached
  • Status: Displays any external status on the account
Note: Accounts with a L,U,C,or Z will not need any action taken because they are already closed.

 

  • Sent Prior: The most recent date the account was on a previous alert
  • Expr File: The card expiration date on the 3270 system
  • Expr Alert: The expiration date that was included in the compromised account alert from Visa/MasterCard
  • Expr Dates Match: Indicates if the expiration date on file and the expiration date included in the alert match. Both field blank indicates a match.

 

Export Report to Excel

How to export to excel:

  1. Using the Select a Format drop down, select Excel
  2. Click on Export link
  3. A pop up window will appear. Click on Open. The export process will begin.
  4. Highlight the entire report by placing your pointer in the upper left corner and left click
  5. Click on Format located at the top of the page
  6. Click on Cell
  7. Click Alignment
  8. Un-mark both the wrap text and merge cell boxes
  9. Click OK

The Compromised Account App located on the Springboard allows your financial institution to process the Compromised Account alert.

To access the Compromised Accounts App:

  1. Select "Fraud" from the "Manage" menu

 

 

     2. Click on Go to Search Compromises

 


Field Descriptions:

  • Filter by Alert ID: Search by Alert ID provided in the notification email
  • Filter by Status: Search by response status of the alert
  • Filter by Type of Compromise: Search by data elements breached in the compromise
  • Date Range: Search by a specific date or date range
  • Notified Date: Date CO-OP sent compromised account notification
  • Type of Compromise: Identifies the data elements breached in the compromise
  • Alert ID: Visa or Mastercard alert id
  • Status: Response status of the compromise. A compromise may have more than one line item, with different statuses, if multiple responses were submitted


To access the compromise response screen:

Select "view" next to the compromise

 

 

Field Descriptions:

  • Alert Information: ID, type, date notified and status of the compromise alert
  • Account List: All accounts involved in the compromise with current external status
  • Respond to Selected Accounts: Compromise account response options

Valid Options:

Non- Reissue Options:

  • Monitor: The financial institution will monitor the accounts for fraudulent behavior
  • There is no notification to the cardholders.
  • CO-OPwill not take any action on these accounts.
  • This option is your less expensive option and offers the least protection.
  • This might be an option when dealing with limited exposure of data elements or where fraud is not suspected.

Notification: The financial institution will be notifying the cardholders of the compromise and will monitor the accounts involved

  • The financial institution can decide the type of notification they want to utilize.
  • The different types of notification that CO-OP can assist with are letters and statement messages.
  • By choosing the option above you have decided not to reissue or place any accounts into a special monitoring strategy.
  • Your potential costs could include, but are not limited to: letters, postage, billable hours, and statement message. Please review your invoice for the most current rates.

Tag Card as Compromised: The financial institution would like to develop a specific Falcon strategy that identifies the accounts involved in this specific compromise.

  • In order to accomplish this, the financial institution would need to place a Fraud Behavior ID on the compromised accounts.
  • This ID would allow CO-OP to segment out your accounts and treat them differently then the rest of your portfolio.
  • CO-OP does offer a standard card-not present and standard card present compromised account strategy.
  • For shared Falcon clients you would be able to utilize the standard strategy.
  • For non-shared Falcon clients, you would be able to customize your own.

Fraud Behavior Falcon strategy based on the compromised event and fraud patterns.

  • Your potential cost could include, but are not limited to: billable hours, non-mon runs and additional accounts reviewed in Fraud Detection.

 

Reissue Options:

Note: Keep in mind your plastic and insert levels of stock when choosing these options. We recommend reviewing your inventory before responding to the alert. Make sure to account for more than one cardholder on an account.
Note: The reissue option may not be available for separate entity clients who run off of the original posting accounts (OPA).

 

Change Expiration Date and Issue New Card: The financial institution is opting to reissue new plastics while allowing the account number to stay the same.

  • Changing the expiration date will allow the account number to process with a new expiration date, CVV/CVC and CVV2/CVC2.
  • CO-OP can allow for both cards to work for a specific period of time while the new plastics are being processed and shipped to the cardholders.
  • Any client set up under client number 5617 is eligible to utilize this option. If you currently process under your own client number, please check to see if you are set up on the Card Act Bypass Table to ensure you can utilize this option. 

Consider the following when choosing this option:

  • What is your normal reissue period?
  • Do you want the expiration dates staggered?
  • When do you want to purge expiration dates?
  • How many accounts are currently in a reissue period?

 

  • If a fraud transaction attempts to come through and is declined, you will still need to shut down the account and reissue a new account number. In most cases this would only affect a small number of the reissued cards.
  • Your potential cost could include, but are not limited to: billable hours, non-mon runs, plastics, card activation labels, card activation, CVC/CVV generation, postage, inserts, and embossing.
Note: Please check with cardservices@coop.org for any questions regarding the Card Act Bypass Table.

 

Close card as Lost/Stolen: The FI is opting to reissue the compromised accounts and shut them down immediately.

  • This is your safest option as it shuts down the accounts and will prevent any further fraud from coming through on the compromised account.
  • It is however, your most costly option. This will eliminate any interchange on those accounts for approximately 7 to 10 days (length of time to build new account and receive new plastics).
  • This option will automatically place the compromised account on the warning bulletin for the number of days currently set in your PCF settings. By choosing this option you are choosing the highest level of protection.
  • Your potential cost for the lost stolen and new plastics could include: but are not limited to billable hours, non-mon, plastics, card activation labels, card activation, CVC/CVV generation, postage, inserts, additional cardholder on file charges (number of months depends on purge criteria), lost stolen reports, warning bulletin and embossing.

Create a New Account and Issue plastic without Warning Bulletin: The FI is opting to reissue a new account number while keeping the compromised account number open.

  • This option will eliminate service interruptions for the cardholder. The account will remain open for a period of time to allow the cardholder to receive the new plastic.
  • The FI will need to determine a date in which to shut down the compromised accounts. This will be completed through utilization of a closed status. Please remember the longer the compromised account stays open the bigger risk of fraud.
  • During this period of time, if fraud is seen on the compromised account, a Lost Stolen report is taken. This could create another new account. In order to prevent duplication of the account transfer process, the best way to complete the lost stolen report is to select ‘Type of Loss- 03- Plastic Issued on Fraudulent Application.’ An account transfer will not occur when selecting this type of loss, therefore preventing a double account transfer.
  • Your potential cost for the account transfer and new plastics could include, but are not limited to: billable hours, non-mon runs, plastics, card activation labels, card activation, CVC/CVV generation, postage, inserts, additional cardholder on file charges (number of months depends on purge criteria) and embossing.
Note: The FI can also opt to place the compromised accounts on the warning bulletin after shutting them down. This can be a large additional cost depending on the number of accounts. There is a weekly fee for the warning bulletin and also a per hour charge for CO-OP to initially place the accounts on the warning bulletin. Contact risk@coop.org if you are interested in this option.

 


Downloadable Version

Click below to access the printer-friendly version.

PDF (Entire Guide) PDF (This Section)

Compromised Accounts Report
GUIDE TABLE OF CONTENTS