The Trojan Horse: How to Evaluate Merchant Fraud Risk with Anomaly Detection?

How to evaluate merchant fraud risk with anomaly detection? 

While consumer fraud gets the headlines, Merchant Fraud poses a catastrophic risk to acquiring banks and payment processors (PSPs). This involves merchants – either fake or compromised – using their merchant accounts to steal funds, launder money, or process illegal transactions. Common schemes include bust-out fraud and transaction laundering. Because merchants control the payment flow, detecting their malfeasance requires looking at aggregate behavioral patterns over time rather than individual card swipes. Evaluating merchant fraud risk with anomaly detection allows acquirers to monitor the health and legitimacy of their portfolios in real-time. 

The Hidden Risks in Merchant Acquisition 

Acquirers face liability for the chargebacks if a merchant disappears. Two primary threats dominate this landscape: 

1. Transaction Laundering: A merchant sets up a website selling “eBooks” or “flowers” but is actually processing payments for an illegal gambling site or illicit drugs. The transaction values match the fake goods, making it hard to spot with simple rules. 
2. Bust-Out Fraud: A merchant operates normally for months to build a credit limit and trust. Then, they suddenly run a massive volume of fraudulent transactions in 48 hours, withdraw the cash, and vanish before the chargebacks start rolling in. 

Anomaly Detection Techniques for Merchants 

Anomaly detection is the ideal mathematical approach here because fraud invariably distorts the merchant’s normal business statistics. 

1. Volume and Velocity Anomaly Detection 

AI models (like Autoencoders or One-Class SVMs) build a baseline profile for every merchant based on their Merchant Category Code (MCC), business size, and history. 

1. Spike Detection: The model continuously monitors processing volume. If a small coffee shop typically processes $500/day with an average ticket of $5 but suddenly processes $50,000 in one day with an average ticket of $500, the anomaly score spikes. 
2. Chargeback Ratio Prediction: AI monitors early warning signs of chargebacks (e.g., an increase in customer disputes, refunds, or customer service calls). It predicts if a merchant is likely to breach the 1% chargeback monitoring program threshold, allowing the acquirer to freeze funds proactively. 

2. Content and Web Crawling Analysis 

To fight transaction laundering, AI goes beyond the numbers to analyze the business itself. 

1. Web Crawling & NLP: Automated bots crawl the merchant’s registered website. NLP models analyze the text and product descriptions. Does the website actually sell the goods claimed in the application? 
2. Incongruence Detection: The AI compares the website content with the transaction data. If the website sells “digital wallpapers” for $2 (low risk), but the actual transactions are consistently for $150 integers (high risk), the AI flags the incongruence. This is a classic sign of laundering. 
3. The “Shadow” Site: Advanced AI can search the web for the same analytics IDs, phone numbers, or IP addresses used on the legitimate site to find hidden, illegal “shadow” sites that are actually generating the transactions. 

Managing the Merchant Portfolio 

Implementing these AI tools allows for dynamic portfolio management. Based on the AI risk score, acquirers can dynamically adjust the “rolling reserve” (the percentage of funds held back to cover potential chargebacks). High-risk merchants get higher reserves, protecting the acquirer. Additionally, Graph Analytics (similar to mule detection) can be used to find clusters of merchants who share backend infrastructure or owners, often indicating a coordinated fraud ring. 

By applying anomaly detection to merchant behavior, acquirers can identify the “Trojan Horse” merchants hiding in their portfolios before they cause massive financial damage. 

Ready to reduce merchant portfolio risk? Talk to Innovify’s fraud experts. 

CTA – https://innovify.com/book-call-with-innovify/