2FA (Two-Factor Authentication)

2FA or Two-Factor Authentication is a security process in which the user provides two means of identification, one of which is typically a physical token, such as a card, and the other of which is typically something memorized, such as a security code. Two-Factor Authentication gives users an extra layer of security when accessing their online accounts. In addition to a typical combination of username and password, a second 'factor' is added, such as a numeric code displayed on a trusted device, to heighten the certainty that you are the one attempting to access your account. 2FA is a method of determining a user's identity by confirming two factors among 1) something the user knows (i.e. mother's maiden name), 2) something the user has (i.e. mobile phone) and 3) something the user is (i.e fingerprint). 2FA is a subset of the broader multi-factor authentication (MFA).


3DS (3D Secure)

3D Secure is an authentication method designed to reduce fraud and increase security for online card transactions. Originally sponsored by Visa under the 'Verified by Visa' brand, Mastercard and other networks adopted the '3D Secure' protocol and offer it to merchants worldwide. The name derives from the use of 3 domains (the acquiring bank domain, the issuing bank and an infrastructure domain) to provide greater security to online payments, although the extra validation and related consumer friction remains a topic of debate among merchants and security experts.


3rd Party Fraud

3rd Party Fraud refers to any fraud committed against an financial institution or merchant by an unrelated or unknown third-party.


419 Fraud

419 Fraud is a type of advance-fee fraud in which individuals or companies receive unsolicited emails or letters promising a percentage of a large sum of money in return for allowing funds to pass through the victim's bank account. Also referred to as 'Nigerian Letter Fraud, these schemes often originate from West Africa and is named after section '419' of the Nigerian penal code under which this offence would be prosecuted.


A/B testing

A/B testing is a research method in which two groups, a control group (representing the current strategy) and an alternate group (representing a hypothesis for an improved strategy), are tested against one another in order to scientifically select the optimal final strategy.


Acquirer (Acquiring Bank)

The Acquiring Bank, also known as the merchant acquirer or the merchant bank, is the bank that is responsible for settling credit and debit card transactions on behalf of the merchant. Its counterpart is the issuing bank which settles card transactions for the purchaser or card holder. Acquirers enable merchants to accept credit cards, often provide merchants with necessary hardware and software to accept card transactions, and for their role in the card payment process, receive an acquirer fee or markup in addition to the interchange and other fees in a credit card and debit card payment.


Active Authentication

Active Authentication is a security and authentication method in which the user is challenged with questions about what he/she knows (knowledge-based), has (possession-based) or is (biometric-based).


Advance-Fee Fraud

Advance-Fee Fraud is a common fraud scheme generally involving a criminal tricking a victim into paying an up-front fee with the promise of a larger reward paid out later.


AI (Artificial Intelligence)

AI or Artificial Intelligence is broadly used to describe the simulation of the processes of human intelligence by computer systems. The processes simulate human learning in that the systems start with the acquisition of information, creating rules for using the information, reasoning by using the rules to reach conclusions, and self-correction by evaluating outcomes and compensating for incorrect predictions or errors. Artificial intelligence is generally categorized into one of three types: 1) Weak AI or Narrow AI, in which the systems and algorithms are trained to perform narrowly focused tasks, 2. Strong AI or General Intelligence, the theoretical goal of having a system apply intelligence to solve any problem much like a human would, and 3) Superintelligence, in which a system could far outperform human intelligence through rapid, recursive self-improvement. Although general intelligence and superintelligence are frequently discussed in media and entertainment, neither has been achieved and neither seems to be achievable in the near future. Artificial intelligence is often used interchangeably (but incorrectly) with machine learning and deep learning. AI is the science and approach to developing technology that mimics human intelligence. Machine learning, a subset of AI, involves the application of statistical techniques and modelling to create algorithms that improve with experience. Deep learning, a subset of machine learning, involves the creation of algorithms using multilayered neural networks trained on vast amounts of data.


AML (Anti-Money Laundering)

AML or Anti-Money Laundering refers to a set of procedures, laws or regulations designed to stop the practice of generating income through illegal activities. 'Money laundering' is the process in which criminals undertake a series of steps that make it look like money made from illegal or unethical activities were earned legitimately and can enter the traditional banking system. Most anti-money laundering programs focus on the source of funds as opposed to anti-terrorism and similar programs which focus on the destination of funds. In modern finance, a typical anti-money laundering program would be run by the financial institutions to analyze customer data and detect suspicious transactions.


ATO (Account Takeover)

ATO Fraud or Account Takeover Fraud is a form of identity theft in which a criminal gains control of a consumer’s account. In doing so, the perpetrator gains access to confidential information such as the consumer's PIN, enabling them to change account settings, such as the statement mailing address or passwords, and/or enabling them to make unauthorized withdrawals. ATO can involve one or many of a victim's accounts -- including, but limited to, bank, brokerage, phone, utility, social media, travel or online shopping accounts -- and then used for a variety of unlawful activities. Financial account takeover usually involves funds being removed from victim;s accounts either by direct debit, payments or transfers being set up for fraud without the victim's knowledge or consent. With account takeover of mobile phones, often the perpetrator's intent is to gain control of the phone-based security authentication factor, usually a code or security token which sent via SMS or authentication software to the phone, which once acquired by the criminal, can grant him/her access to the victim's bank, brokerage, bitcoin and other financial accounts. The credentials to commit account takeover are usually obtained by criminals indirectly through data breach marketplaces on the dark web or directly from the consumer using malware or via phishing. Once a fraudster gains access to a victim's account, they often update the account credentials and contact information so the victim no longer no has control over the account no longer will be informed about changes to the account. In most cases, the victims are unaware that their account has been compromised until the damage is done and the perpetrators have covered their tracks.


AVS (Address Verification System)

AVS or Address Verification System is a payment processing system comparison of the numerical portions of billing and shipping addresses with the addresses on file at the credit card-issuing bank. A single-digit code is returned that represents a match, a partial match, or a number of errors or alerts. The original concept contemplated that the transaction could then be subsequently approved, declined or set aside for manual review. AVS is one of only a few metrics provided to merchants by the issuing banks to assist in the merchants' risk assessment, but AVS responses are also one of the biggest reasons legitimate orders are declined.


B2B (Business-to-Business)

B2B or Business-to-Business refers to a business that sells products or provides services to other businesses.


B2C (Business-to-Consumer)

B2C or Business-to-Consumer refers to a business that sells products or provides services to the end-user consumers. Another variation of this concept is D2C (direct to consumer) in which a manufacturer sells directly to consumers with little to no intermediation.


BIN (Bank Identification Number)

A BIN or Bank Identification Number, also referred to as an IIN or Issuer Identification Number, is assigned to a bank for its own credit card issuance. The first six digits on a credit card is the BIN and can be used to identify the issuing bank that issued the card. The ISO Register of BINs/IINs for US banks is managed by the American Bankers Association. BINs can be used by online merchants as an extra measure to confirm the geographic area where the cardholder is located to the geographic area identified by the BIN.


Certified Fraud Examiner

The Certified Fraud Examiner (CFE) is a qualification issued by the Association of Certified Fraud Examiners (ACFE). The ACFE organization is a provider of anti-fraud education and training. CFE training includes teaching about information on difficult financial transactions and appreciating forensic approaches, regulation, and deciding on claims of fraud.


Computer Fraud

Computer Fraud is defined as the action of utilizing a computer to attain or modify the electronic information or to get the illegal usage of a mechanical system or computer. Computer fraud in the United States is particularly forbidden by the Computer Fraud and Abuse Act, which specializes in proscribing this matter, which is considered computer-related under the federal authority.


Computer System Penetration

Computer System Penetration, known as a penetration test (or pen test), is an official virtual cyber-attack towards a computer system, executed to assess the security of the system. The test classifies the strengths and weaknesses of the system, as well as how likely it is for someone unauthorized to gain access to the features and data of the system, in order to enable a complete hazard assessment.


Confirmation Fraud

Confirmation fraud is a type of fraud that comes in two layers. First, a fraudster falsifies transactional information, like pretending to deposit a certain amount of money in an account (on someone else's behalf). Then, the fraudster creates fake materials that falsely confirm that that first transaction went through, when in reality it didn't. In short, a fake deposit (or other transaction) is falsely confirmed as having gone through by a fake confirmation, so as to cover up the fact that the first transaction was actually fraudulent.


Conflict of Interest

Conflict of Interest or COI is a situation where a member of multiple interests, in fulfilling their obligations to one interest, can fail the obligations they have to another. The inability to please multiple interests simultaneously, or even just the possibility of not being able to please them both, is then termed a "conflict of interest."


Consumer Authentication

Consumer Authentication is the term used for the devices that are designed to verify that a person making a transaction or any business deal is really the person who is certified to do that action. This term applies to both card-not-present transactions as well as in-person transactions.


Contract Fraud

A person commits contract fraud when they make a knowingly false statement that serves to trick or deceive another person into signing a contract. A person also commits contract fraud when, through misrepresentation, they trick an individual who does not believe they are entering into a contract, into signing one.


Cookie

A "cookie" is defined as a small amount of information that a Web browser saves on the user’s system. Cookies are a method designed for Web applications to retain the application domain. Cookies are commonly used by websites for verification, saving the user's information/preferences on the website, or browsing system information or any other matters that support the Web browser while it gets into the Web servers.


Corporate fraud

Corporate fraud is the purposeful falsification of the financial data of a company or the actions that have been made by the company to deliver fake information to the public, in order to increase the company’s profits. Characteristic cases of corporate fraud are complicated, extremely private, and if exposed consist of the economic indignities and elusions of financial accountabilities that the company has committed.


Corporate Identity Theft

Corporate Identity Theft, also known as CIT, is the deceitful and careful falsification of an identity of a company. It is also sometimes called a “white-collar crime” since it is commonly performed in a “cyber setting,” and is not in the field of the conventional criminal.


Corruption

The term corruption describes when the integrity of an entity is compromised or put at risk by inner actors who aim to illegally or unethically benefit themselves or that entity. The goal of corruption can be financially-related, but does not need to be in order to be considered corruption.


Counterfeit Card

Counterfeit cards are fake credit cards with an actual account's info that can be gained through various methods. A lot of times the victims of these crimes will still have their actual cards and never realize that their information was stolen. These cards might appear to be genuine and even have the issuers’ logos along with the encoded magnetic strips.


Counterfeiting

Counterfeiting is defined as the planned attempt to duplicate a real and authentic article such as a symbol, trademark or even money with the purpose to distort and convince the purchaser or the recipient to believe that he or she is really purchasing or receiving the real article itself.


Crawler

A web crawler, also known as a web spider or web robot, is a program, software package, or automated script which browses the Global Web in a systematic and automated method. Web crawlers are mostly used to generate a duplicate of all the pages they visit, then processing them throughout a search engine that will file the copied pages to deliver faster search results.


Credential Stuffing

Credential stuffing is a form of cyber-attack where a taken account's credentials, usually containing the lists of usernames and/or email ID along with the matching passwords, are stolen and then used to gain illegal access to real user accounts over a large-scale automated login.


Credentials

Credentials refer to achievements or titles bestowed upon someone, generally by an authoritative body, that are brought up in order to validate the capabilities and suitability of that person for a certain task.


Credit Bureau

A credit bureau is an organization that gathers and also investigates the entirity of credit information from a person and then sells the information to the creditors to get a fee so that they will able to make a decision regarding the permitting of a loan. These organizations usually associate with all kinds of loaning institutions and credit issuers to assist them in making any loan decisions.


Credit Card

A credit card is a thin four-sided block of plastic allotted by a financial firm that allows cardholders to borrow some funds to pay for products and services purchases. Credit cards are subject to the condition that cardholders must repay the borrowed cash, sometimes with interest or other charges.


Credit Card Fraud

Credit Card Fraud refers generally to any fraudulent transaction using a credit card as a source of funds. The fraudulent transaction may be committed to obtain goods or services or to illegally obtain funds from an account. Credit card fraud may occur simultaneously with identity theft, but can also occur when a legitimate consumer makes a purchase with no intention of paying for the goods or services, sometimes referred to as chargeback fraud or friendly fraud. Credit card fraud is related to debit card fraud, differing primarily in the form of payment. Another form of credit card fraud is new application fraud, in which a perpetrator applies for a credit card in a victim's name, then uses the card to purchase goods and services illegally. A victim’s credit card information can be acquired in a number of ways, by being purchased on the deep/dark web, by using skimmers at retail points of sale or ATMs, or through corporate data breaches.. The true cost of credit card fraud for merchants is more than just the cost of lost merchandise — it also includes lost profits, bank fees and chargeback costs.


Credit Card Fraud Detection

Credit Card Fraud Detection is a system for detecting and recognising fraudulent credit card transactions in order to provide the proper information to credit card companies, so that true cardholders are not charged for the reported transactions that they have never actually done.


Credit Card Number

A credit card number is the exclusive number printed on a credit card. The first six numbers written on a credit card are the issuer's identification numbers, and the last remaining numbers are exclusive to the specific card. These credit card numbers are typically available in embossed form on the credit card.


Credit Card Refund Schemes

Credit Card Refund Schemes are schemes related to when customers try to obtain a return on funds after an item purchased with a credit card is returned. The cashier for the transaction may fake a refund on that transaction so as to take out money, or say that a refund was for more than it should be to pocket the extra money. The retailer reimbursing the customer for their refund may also pocket that cash instead, hoping the customer doesn't notice, as some credit card refunds can take up to 30 days.


Credit Fraud

Credit fraud is described as a situation where a customer's personal information has been stolen by a fraudster in order to make a new credit claim using the stolen information. In this case, the customer's name may not be authorized.


Cryptocurrency

A cryptocurrency is a virtual or digital currency that applies cryptography for safety purposes. A crypto currency is quite challenging to counterfeit because of the security feature. Many of the crypto currencies are distributed systems built on Blockchain technology, which is a scattered accounting book applied by a dissimilar system of computers.


Cryptogram

A cryptogram is a form of puzzle that contains a small part of encrypted text. Usually the code used to encrypt the text is quite simple so that the cryptogram can be resolved manually. Often the cryptogram is used for exchange codes where each letter is exchanged for a different number or letter. 


Cryptography

Cryptography is the study (as well as the practice) of methods for secure communication in the presence of malicious third parties. Generally, cryptography is centered around creating and investigating procedures that prevent the public from reading confidential messages. A number of data security features such as data privacy, data truthfulness, verification, and even non-refutation are essential for contemporary cryptography.


Current Address Fraud

Current address fraud occurs when a fraudster changes the known address of somebody to a new one, thus re-routing their mail to somewhere the fraudster can likely access it.


Customer Due Diligence

Customer Due Diligence, also known as CDD, is defined as the method by which appropriate data or information regarding the customer is gathered as well as assessed for any possible threat for the business, money laundering, or even terrorist financing actions.


Customer Identity and Access Management

Customer Identity and Access Management, also known as CIAM, could be defined as a subsection of the broader Identity Access Management or IAM, and it specifically focuses on dealing with or handling personalities, access, and the security designed for software applications.


CVV (Card verification value)

A card verification value is a 3 or 4 digit number on your credit or debit card. This number is often asked for when making purchases online, so as to prove that the physical card is in the possession of the person making the transaction. Other qualities of a card can be stolen or copied through methods like using a card skimmer, but the CVV won't be recorded through those methods, making the CVV a useful and important authenticator in online card transactions.


Cyber Fraud

Cyber fraud is described as a situation in which a fraudster uses the Internet to earn money, products, or some other interest on things which they obtained illegally from people, generally through deceiving or tricking them.


Dark Web

The Dark Web is comprised of numbers of publicly detectable websites, however their IP address information is purposely hidden. These websites can be visited by anyone using the Internet, but, it is not easy to figure out the information of the server on which the matching site is activating, and it is complicated to track what hosts the site.


Data Breaches

A data breach, also known as a data leak or data spill, is an event that includes the illegal inspection, access or retrievial of data by a person, an application or otherwise a service. It is a form of security breach that is intended to steal or broadcast the data to an unsafe or illicit site.


Data Capture

Data capture, or electronic data capture, is the process of extracting information from a document and converting it into data readable by a computer.


Data Enrichment

Data enrichment is defined as the merging of third-party data from an external authoritative source with an existing database of first-party customer data. Brands do this to enhance the data they already possess so they can make more informed decisions with a larger pool of higher quality data.


Data Points

A data point is defined as a distinct component of data. In a broad common sense, every single detail is considered as a data point. In an arithmetical or systematic framework, a data point is typically imitative in terms of size or investigation and can also be exemplified in an arithmetic and/or detailed manner.


Data Protection Act

The Data Protection Act (DPA) is a United Kingdom law passed in 1988. It was established to manage how individual or consumer data could be used by any organizations or government organizations. It protects the public and also provide some instructions on how to use the data people's data.


Data Provider

The term data provider is used to describe the process of retrieving data from relational data sources in non-real time applications. The data provider manages the data at each stage by mapping the logical column definitions in the application view to physical table columns in the customer database.


Data Science

Data science is a multi- disciplinary area that practices scientific techniques, procedures, systems and even algorithms to excerpt data and visions from arranged and unarranged data. Data science intends to combine the digits, data analysis, mechanism knowledge and their associated approaches, to recognize and investigate real events within the data itself.


Data Security Standard

The Payment Card Industry Data Security Standard (PCI DSS) is a widely recognized set of rules and policies proposed to improve the security of cash, debit and credit card transactions and also to protect credit cardholders, to prevent the mismanagement of their private data. The PCI DSS was formed in association with four major credit-card companies: Visa, MasterCard, Discover and American Express in 2004.


Data Set

Data set is an assortment of data. Usually a data set match up to the subjects of a distinct database table, or otherwise a particular arithmetical data matrix, where each single column of the table indicates a specific variable, and each row match up to a set of affiliates of the query data set.


Day of the Jackal Fraud

Day of the Jackal Fraud is an identity fraud tecnique in which the birth certificate of a dead child is used to obtain a passport or some other certified identity document. This kind of fraud is entitled based on the book which has the same name/title, written by Fredrick Forsyth.


Debit Card

A debit card, also known as a bank card, plastic card, or check card is a payment card that can be used as an alternative to cash when making any purchase transactions. Physically, it looks quite similar to a credit card, however, unlike a credit card, the money is transferred directly from the bank account of cardholders when making a purchase transaction.


Debit Card Fraud

Debit card fraud is any kind of fraud where debit card accounts are accessed by fraudsters without the account owner's authorization in order to manipulate or usually drain their funds. Debit card fraud is quiet easy to commit due to the fact that a debit card's information can be gained with ease.


Dedicated Hosting

A dedicated hosting service, also known as a dedicated server or a managed hosting service, is basically an Internet hosting structure where the customer leases an entire server not shared with anyone else. This is even more flexible when compared to shared hosting, since with dedicated hosting organizations have full access and control over the server(s) and all hardware involved with them.


Dedicated IP

A dedicated IP address is defined as an exclusive Internet address which is exclusively and completely assigned to a distinct hosting account. Only corporate hosting accounts are qualified for dedicated IP addresses. Shared hosting accounts that share the server's IP address cannot have a dedicated IP.


Deep Learning

Deep learning is an artificial intelligence function that imitates the workings of the human brain in processing data and creating patterns for use in decision making. Deep learning is a subset of machine learning in artificial intelligence (AI) that has networks capable of learning unsupervised from data that is unstructured or unlabeled.


Deep Web

The deep web, also known as the hidden web, undernet, deepnet or invisible web, denotes several internet data that are not reachable by a search engine and consist of entire web pages, intranets, websites, networks as well as online groups that are intentionally and/or accidentally hidden, unseen or inaccessible to search engine searches.


Definition - Data Mining

Data mining is the process of investigating concealed configurations of data rendering at different viewpoints for classifying valuable data, which is gathered and collected in standard zones, such as data warehouses, for effective investigation, data mining systems, assisting the corporate decision-making process plus further data needs in order to finally reduce costs and raise revenue.


Definition - Email Verification

Email verification is a popular method of authentication that will ask a consumer to verify that it is really them trying to make a purchase by sending them an email with a link attached. Clicking on the link allows a business to see that the person making the purchase is someone who can access that email address.


Definition - Gaming

Gaming is defined as the act of playing electronic games, whether by the use of consoles, PCs, cell phones or other intermediate tools. Although gaming is usually an introverted recreation, multiplayer online video games have become a popular hobby.


Definition - Government

The word government refers to a group of people that governs a community or unit. A government sets and administers public policy and exercises executive, political and sovereign power through customs, institutions, and laws within a state.


Definition - ISP Monitoring

ISP monitoring is the practice through which ISPs record information about your online connections and activities. That means that everything from your search history to your email conversations are monitored and logged by your Internet service provider.


Definition - Nonrepudiation

Nonrepudiation is the assurance that somebody can't deny something. Typically, nonrepudiation refers to the ability to ensure that a party of a contract or a communication cannot deny the authenticity of their signature on a document or the sending of a message that they originated. To repudiate means to deny.


Definition - Phone Verification

It is the process of identifying if a number used by a user is valid or not, as well as if a phone number being used is the phone number of the person trying to use it. Phone number verification is used in different forms of multi-factor authentication.


Definition - Return Fraud

Return fraud is actually an online scam which is committed when a person purchases an item from a retail store without even wanting to use it. For instance, if a person is buying an item just to return it back then it is return fraud and it even expands to the use of duplicate receipts for obtaining money back. It is the act of defrauding a retail store via the return process. There are various ways in which this crime is committed. For example, the offender may return stolen merchandise to secure cash, or steal receipts or receipt tape to enable a falsified return, or to use somebody else's receipt to try to return an item picked up from a store shelf.


Definition - Social Media Intelligence

Social media intelligence refers to the collective tools and solutions that allow organizations to begin conversations, respond to social signals and synthesize social data points into meaningful trends and analysis based on the user's needs.


Definition - Telecommunications

Telecommunications refers to the exchange of information by electronic and electrical means over a significant distance. A complete telecommunication arrangement is made up of two or more stations equipped with transmitter and receiver devices.


Denial of Service Attack (DDoS)

A denial-of-service or DoS is any category of attack in which hackers or attackers endeavor to prevent authentic users from retrieving the service. Within a DoS attack, the hacker or attacker typically sends extreme messages requesting the network or server to validate the requirements that actually have unacceptable arrival addresses, which can overload a system and block even authentic users from being validated to access the service.


Derived Identification

Derived Identification is the term for a unique verification device that is stored within your phone, and is used to identify that a person logging into something or making a purchase has access that phone at that moment. Its primary purpose is simply for authorization purposes, like a kind of multi-factor authentication.


Device Cloning

Device cloning is the practice of producing an accurate copy of any application driver. The term can be used to indicate a body, software design or an application that has roles and behavior related to another body or application driver, however, it does not comprise the real source code of body or the apprehensive program.


Device Emulator

A device emulator is defined as a software or hardware that allows a computer system (named host) to perform as a different computer system (named guest). A device emulator generally allows the host system to use the software or peripheral devices intended for the guest system.


Device fingerprinting

Device fingerprinting is described as a method that is used to forensically recognize an electronical device on the Internet. Device fingerprinting is also able to identify exclusive mobile devices as well as computer devices through their different features with a rational grade of conviction. The device's fingerprints are built with using the collected data on software and hardware used by a website visitor.


Device ID

A device ID or device identification is a unique number related to a cell phone or to the handheld device itself. Device IDs are separate from the hardware serial numbers. It could be a mixture of a number of elements and it is also able to include an inception to allow incomplete advancements.


Device Intelligence

An intelligent device is basically any type of equipment, instrument, or machine that has its own computing capability. The existing grade of intelligent devices is quite wide-ranging, and in addition to personal and handheld computers, the almost infinite list of possible intelligent devices includes cars, medical instruments, geological equipment, and home appliances.


Digital Identity

A digital identity is a network or an online identity that has been approved or applied for in cyberspace by a person, business or also electronic device. These mentioned users may also progress above a single digital identity and do so with various groups. In terms of digital identity management, the main areas of focus are security and confidentiality.


Digital Signature

A digital signature, also known as an electronic signature, proves the legitimacy of an electric file or text in digital communication and uses encryption methods to keep the content of the file secure. Digital signatures are used in e-commerce, software dissemination, economic dealings and other circumstances where counterfeiting or interfering may otherwise be possible.


Digital Wallets

A digital wallet is basically a software-based structure designed for building e-commerce transactions. With the use of a digital portfolio, online acquisitions can be made simply by using computers or smartphones. Generally, users’ bank accounts are linked to their digital wallet as well. In a digital wallet system, user identifications are securely saved and approved in all transactions.


Disintermediation

In finance, disintermediation is described as the withdrawal of cash from intermediate financial associations, like banks, investments and loan relatives, to endow them openly. In general, disintermediation is the procedure of eradicating the trader or intermediary from the forthcoming transactions. Disintermediation is generally completed to invest in implements that produce higher profits.


Dispute

A credit card dispute refers to the process of denying charges to a credit card for whatever reason. Billing errors may consist of custodies for products which you have ordered but never received, charges for products that you have returned, or charges that you never authorized.


Diverting funds

Diverting funds is defined as the use of funds by the debtor in defiance of the authorized terms of the moneylender, in a number of circumstances such as the extension of the credit facility, shifting the funds to its subsidiaries or other companies, and various other circumstances which are not in compliance with the authorized terms.


Domain Name

A domain name is a tag that recognizes a network domain: a discrete cluster of computers under a fundamental management or authority. Within the Internet, domain names are designed by the guidelines as well as the procedures included in the Domain Name System (DNS). Any name listed and registered in the DNS is considered as a domain name.


Door to Door Magazine Sales Fraud

Magazine sales fraud usually starts with a simple knock on the door with a person trying to sell a magazines to “increase the money” intended for a donations, charity, or other superficial earnest reasons. The customers who pay to sign up every so often report that they do not receive anything in return.


Doorway Domain

Doorway domains are created so that they positionate well in search engines results aimed at specific keywords, and then are used as an entry point over which visitors must pass to reach to the main domain. By matching a certain number of pages to a site designed for search engine optimization determinations, a different site is set aside to be totally improved.


Doorway Page

Doorway pages are web pages created in order to measure the influence of search engine indexes (spamdexing). A doorway page influences the index of a search engine by introducing results for specific sentences and at the same time directing the visitors to a dissimilar page.


Dumpster Diving

Dumpster Diving is when a fraudster who sorts through a trash can finds private data that can be used to perform fraud. For this reason, it is considered very important to shared any important data before throwing it in the trash.


Duplicate Payment Schemes

Duplicate Payment schemes are types of fraud where the fraudster will attempt to have someone pay a second time for goods or services already paid for a first time.


E-Commerce

E-commerce or electronic commerce refers to all transactions that occur on an electronic device between customers and businesses. It can be divided into consumer-to-consumer, business to consumer and business -to-business.


E-Commerce Apps

E-commerce applications are apps that allow consumers to choose the product they want purchase on the Internet. These applications are supported both by mobile phones and personal computers, and their functioning is quite similar to that of a retail website.


E-commerce Fraud

Sometimes, consumers don’t get the product that they order using an e-commerce application or website, which is referred to as e-commerce fraud. For instance, if a person orders an iPhone and gets an android phone instead, it would be an e-commerce fraud. It is a fairly common issue that most e-commerce users face.


E-Commerce Platform

An e-commerce platform is a type of software technology that provides merchants or e-commerce businesses an online store or shop from which customers can easily purchase what they want. An example of this is Shopify.


EID Services

eID services are used to identify users on a specific platform and are often used by key systems to ensure the security of the central building blocks of a Digital Single Market and cross-boarder electronic transactions. It allows owners of a given platform to identify the user who is visiting a specific platform.


Electronic Data Interchange

Electronic Data Interchange is an electronic communication method that provides standards for exchanging data. By adhering to the same standard, companies using EDI can transfer data from one branch to another across the world.


Email Address

An email address is a unique measure or identifier for a specific email account. It is used by people-- both to receive and send e-mail using the Internet. To send messages effectively, you need an address for both the recipient and the sender.


Email Fraud

Email fraud is a rather popular and inexpensive way to commit fraud. Fraudsters distribute fraudulent emails or messages to a variety of victims, generally with the goal of attaining their passwords, usernames, or other personal information, which they can then use to commit fraud schemes.


Email Spam

Email spam, also known as junk mail, is an unsolicited email that is sent to many people. Generally, there is no meaning to this mail and is generally meant to bring the receiver to a certain website.


Email Tumbling

Email tumbling is a way of filtering incoming emails using variations of a specific gmail address. For tumbling an email, users only have to insert a "+" or "." into the pre-section of their email before adding other text, and this helps fraudsters as it allows them to commit fraud over and over on one account multiple times.


Employment Scam

Employment scams refers to when advertising scammers create fake job listings in order to collect personal information of applicants, such as payment credentials and other types of information that can be used for blackmailing the applicants.


Emulator

An emulator is a special kind of robot that copies human activity when it comes to purchasing a service or product. Examples of emulators include targeted scripts which are aimed at buying a limited-quantity of items or at gaining an advantage in a time-limited sales event.


EMV

Europay Mastercard Visa or EMV is an international standard for debit and credit cards which are based on chip card technology. EMV cards are able to make in-person transactions safer than before, but the risk of card-not-present transactions has increased with it.


Encryption

A method of coding data, using an algorithm, to protect it from unauthorized access. There are many types of data encryption, which are the basis of network security. Encryption is the process of converting data into cipher text to prevent it from being understood by an unauthorized party. When e-commerce merchants need to securely transmit transaction data, including credit card information, they rely on encryption coding data so that only authorized parties can access it. Converting this regular data into ciphered (encrypted) data makes it difficult for an unauthorized third person to intercept the data and use it for illegal purposes. And even if the encrypted data is intercepted by a hacker, they’ll be unable to decode the information without the decryption key. The major data breaches of 2017 — including the exposure of the personal data of 143 million Americans — illustrate the importance of merchants encrypting customers’ sensitive information and protecting it from falling into fraudsters’ hands.


End-to-End Encryption

End-to-End Encryption refers to the protection of confidentiality and integrity which is not interrupted in terms of data by encoding them at the time of sending and decoding them at the end of the transaction. This method ensures that data is kept confidential no matter what.


Endpoint Authentication

Endpoint Authentication refers to a security system that aims to verify the identities of devices which are remotely connected along with their users like PDAs or personal digital assistant or a laptop before giving access to corporate network resources. It helps the user to know all the connected devices.


Endpoint Protection

Endpoint protection refers to a variety of solutions that are used to protect and detect a compromise of the last user's computer device linked to the mobile device and laptop, etc. Generally, endpoint protection solutions use one or more technique for protection.


EV SSL

The certification of EV SSL is actually the symbol of the highest level of trust for a virtual business. All modern browsers support a completely new technology, known as EV or Extended Validation which offers color-coded alerts which are used to inform about the website validity.


Exclusivity

Exclusivity refers to a contractual clause in which one party grants another party a right to use a specific business function. It means that the other party can now use the function as it likes.


Facebook

Facebook is a social media or networking platform that uses the internet for its operation. It allows people to connect with others by creating an account and chatting with them over the internet. Facebook is supported by a variety of devices like mobiles, tablets, and personal computers.


Facial Recognition

Facial Recognition is a type of biometric check used to identify the person and unlock the system. It focuses on the facial structure of a person and identifies whether the person has the necessary authorization or not. Normally, it is used in phones and other security systems.


Fake check

A fake check is normally used by a fraudster with either a duplicate signature or writing for withdrawing cash from bank. This is a fairly common type of scam that is done by obtaining the necessary information from the real member of the bank to create a fake check and cash it later.


Fake merchandise

Fake merchandise includes products and services that are not authorized by the original company, but are sold with the name of the company. Fake merchandise is often used on the Internet through e-commerce websites where buyers cannot actually control the product.


False Account Entries

Fake Account Entries refer to the input of wrong or misleading information in terms of financial statements. It is ethically wrong to include fake account entries in software or in a book that has to be submitted to a financial manager.


False Data

False data refers to information which is not accurate, especially the information which, in a specific context, differs directly from the required information.


False Declines

False declines are generally referred to as false positives that occur when an actual transaction is apparently flagged by a protection system of a merchant and it is declined inadvertently. Often, it occurs when a cardholder trips into a merchant's fraud detection system.


False Documents

False documents are documents created with incorrect information that cannot be used for their required purposes because the document does not contain the necessary data. These documents are created for the purpose of deceiving others.


False Expense Claims

False Expense Claims are created when staff who are authorized to be reimbursed for a certain number of expenses incurred while carrying out their work duties, submit a claim for those reimbursements when they don't actually deserve them.


False Expense Reimbursements

False Expense Reimbursements occur when an employee falsely inflates costs associated with their work, so that when they ask for reimbursements they will be given more money than they should.


False Financial Statements

False Financial Statements describe when a person falsifies income reports, balance sheets, and/or creates fake cash-flow statements to deceive the people who receive them. The purpose of this activity is generally personal profit.


False Front Merchants

False Front Merchants is when a company appears to have valid businesses, but actually, all are just fronts for a number of various fraud schemes. The ability of some fraudsters to make fake companies is growing with the new ways digital payment systems perform in a business, which give the opportunities for the fraudsters to set up sophisticated, deceptive schemes of false front merchants.


False Identity Fraud

False Identity Fraud is a situation where a person creates a fake identity to commit criminal activities. Actions that are examples of identity fraud are making a credit card, submitting for a loan, or opening bank accounts.


False Invoices

False Invoices could be described as the situation where a person makes an invoice that does not relate to a real sale or payment and is used to get money dishonestly and undeservedly.


False Negative

A false negative is when a fraudulent transaction fails  to be flagged as fraudulent, and gets through a system's fraud detection. It is the opposite of a false positive.


False Positive

False Positives, also known as “false declines” or “sales insults” appear when financial organizations or merchants decline valid orders. False positives are primarily caused by a businesses anti-fraud system incorrectly marking a transaction as likely to be fraud, when in truth the order is legitimate.


False Report

A false report is created when somebody knowingly reports a crime that did not occur, or knowingly reports details of a crime incorrectly.


False Reporting

False Reporting is when someone creates documents with false financial information and submits this information as legitimate.


False Sales Invoices

A contractor or supplier may commit fraud by knowingly submitting false, inflated or duplicated invoices with the intent to defraud the company they have been hired by. The contractor may act alone, or collude with payroll staff to keep the fraud going. The expression “false invoices” refers to invoices for goods or services that were never actually provided.


False Travel Claim

A false travel claim is when a person falsely claims they traveled by a certain method, and then asks to be reimbursed for paying for that method. An example would be if an employee said they had to take public transport to get somewhere, when in reality they simply walked or biked, and just want to make the money they say they spent.


False Vendors

False Vendors refer to any scheme that is completed by creating fake vendors. This can have multiple uses for fraud; for one, the fraudster can send invoices to companies asking for payments on a service or good that was never actually provided. Another example is when a fraudster will create a duplicate payment system, causing consumers to have to pay twice to buy a good, one payment going to the fraudster.


Falsified Hours

Falsified Hours is the term for when an employee records themselves as having worked more hours than they truly have in order to be paid for work they have not done.


Familiar Fraud

Familiar fraud describes when a customer asks for a chargeback instead of pursuing a refund from the merchant they made the purchase with, with the purpose of keeping their funds while also getting the product they bought.


Federated Identity

A federated identity in information technology refers to process of linking a person's electronic identity and attributes across multiple distinct identity management systems. Federated identity is related to single sign-on (SSO), in which a user's single authentication ticket or token, is trusted across multiple IT systems or even organizations. SSO is a subset of federated identity management, as it relates only to authentication and is understood on the level of technical interoperability and it would not be possible without some sort of federation.


Fictitious Refunds

In a fictitious refund scheme, an employee processes a transaction as if a customer were returning merchandise, even though there is no actual return. Since the transaction is fictitious, no merchandise is actually returned. The result is that the company's inventory is overstated.


FIDO

Fast Identity Online is a set of open technical specifications for mechanisms of authenticating users to online services that do not depend on passwords. FIDO authentication seeks to use the native security capabilities of the user device to enable strong user authentication and reduce the reliance on passwords.


Financial Crime

Financial Crime is a category of crime that is performed against property, comprising of the illegal conversion of the property rights to the personal use and benefits of the fraudster. Financial crime may involve fraud types such as securities fraud, credit card fraud, bank fraud, and more.


Fingerprint Recognition

Fingerprint Recognition is one of the most popularly used biometrics, and so far it is considered the most secure authentication method. Fingerprint Recognition refers to the automatic process of identifying or approving the identity of a person built on the comparison of two fingerprints.


Fintech Fraud

Fintech fraud refers to any fraud that takes place that is related to fintech in some way. Fintech fraud scandals can involve peer-to-peer financing platforms as well as crowd funding platforms, and have served as stark reminders of the risks from the use of Fintech where the proper rules or regulations on transactions are not present.


Firewall

A firewall is a system designed to prevent unauthorized access to or from a private network. You can implement a firewall in either hardware or software form, or a combination of both. Firewalls prevent unauthorized internet users from accessing private networks connected to the internet, especially intranets.


Food Fraud

Food fraud is the activity of changing, perverting, mislabeling, replacing or interfering with any food product at any theme alongside the farm–to–table food supply–chain. The fraud may appear within the fresh material, inside the ingredient, in the finishing product or maybe in the wrapping or packaging of the food.


Forged Signatures

Forged signatures are signatures created to look like very similar or the same as another's signature, but that was not created/signed by the signature's original creator. This is done to provide false authentication on documents; for example, a fraudster could "forge" a signature on a check to take money from someone without permission.


Fortune Teller Scam

Fortune teller scam, also known as the “bujo”, is a type of confidence game. The basic feature of the scam involves diagnosing the victim (the "mark") with some sort of secret problem that only the grifter can detect or diagnose, and then charging the mark for ineffectual treatments.


Fraud

Fraud can be described as a consciously dishonest and/or illegal act done generally for personal gain, or to afflict another. Fraud can violate civil law, and cause the loss of cash, property, or other legal rights.


Fraud Analyst

A fraud analyst is someone who investigates forgery and theft within customers' accounts and transactions on behalf of a bank or a financial institution. They track and monitor the bank's transactions and activity that comes through the customers' accounts.


Fraud Definition

Fraud is defined generally as the wrongful or criminal act to deceive someone for one's own financial or personal gain. Legal definitions of fraud vary across countries, at the federal and state levels in the US, and even among states, but most have, at their core, the use of deception to make a gain by unlawful or unfair means. Many types of fraud exist, including occupational, operational, investor, accounting, credit card and insurance fraud, but all forms share the fact that the perpetrator knowingly receives a benefit to which they're not rightfully entitled. The purpose of fraud may be financial gain but also covers the acquisition of other benefits, such as obtaining a driver's license, a passport or other travel documents, or qualifying for a mortgage by using falsified documents or making false statements.


Fraud Department

Insurance corporations, banks, shops, and a mass of other companies employ fraud analysts to identify and prevent fraudulent activities, and if an organization dedicates a group of their employees to this task, they are known as a company's "fraud department". 


Fraud Detection

Fraud detection is a set of activities undertaken to prevent money or property from being obtained through false pretenses. Fraud detection is applied to many industries such as banking or insurance. In banking, fraud may include forging checks or using stolen credit cards.


Fraud Examiner

A fraud examiner is a highly qualified professional who investigates cases of criminal and civil fraud. Fraud examiners can be certified to prove their expertise within the field of fraud and fraud prevention.


Fraud Filter

A fraud filter is a tool you can add to your e-commerce shop to prevent potentially fraudulent orders from processing in your store. Depending on how you set up the fraud filters, it will either warn you of a potentially fraudulent transaction or cancel an order entirely.


Fraud Guidelines

Fraud Guidelines are the practical guidelines put in place to help prevent, detect, and investigate any type of fraud that may occur within a business's dealings.


Fraud Jobs

Fraud jobs are the category of jobs that work in the fraud field, such as a fraud specialist, forensic accountant, forensic audit manager, forensic director, senior auditor, risk assurance and risk analyst, audit consultant, forensic service manager or a forensic auditor.


Fraud Lawyers

Fraud Lawyers are lawyers who practice law in the criminal fraud and civil areas. These lawyers assist companies who have been affected by fraud performed by their employees or other party by performing internal investigations, collecting proof, and communicating with the authorities as well.


Fraud Managed Services

Fraud Management Services are defined as the associations that provide support in reviewing and resolving all potential fraudulent operations of a company, assisting the company in the immediate cancellation and then refunding of illicit purchases. These associations conduct ongoing anti-fraud investigations to create innovative fraudulent policies to increase controls.


Fraud Prevention

Fraud prevention refers to the practices, processes, and tools which are utilized in the prevention of fraud and that may occur in different online transactions, exchange of services, and input of information. In order to prevent fraud, a third-party solution can also be utilized. Preventing fraud is an important task for both organizations and online users.


Fraud Prevention Software

A number of merchants incorporate fraud protection software within their loss-prevention approaches. These automatic software programs support the companies to identify hazardous transactions in real time and decrease the amount of consumer fraud that occurs. Through an algorithm, the fraud protection software scans transactions, and uses previous transactional facts to uncover any potential risks and then marks the transactions to be further investigated.


Fraud Prevention Specialist

A Fraud Prevention Specialist is a person in a company who has the responsibility of taking care of certain assets and ensuring they remain protected from any potentially fraudulent actions. Their goal is both to detect any fraud occurring and then to also stop it.


Fraud Response Plan

A Fraud Response Plan is a policy aimed at ensuring that effective and timely action is taken in the event of fraud occurring. A Fraud Response Plan gives employees the details of the entire procedure for reporting any suspected fraud, defines the actions that the company needs to take and also defines authority levels, responsibilities for action, and reporting lines in the event of a suspected fraud or irregularity.


Fraud Ring

A Fraud Ring could be described as an organization which performs activities with the intention to defraud or take advantage of other people. A fraud ring might be involved in any kind of forgery, creating fake claims, stealing a private identity, or even counterfeiting checks and currency as well.


Fraud Risk Assessment

A fraud risk assessment is a tool used by business management to identify and understand risks to their business and weaknesses in controls that present a fraud risk to the organization. Once a risk is identified, a plan can be developed to mitigate those risks by instituting controls or procedures and assigning individuals to monitor and effectuate the plan of mitigation.


Fraud Risk Profile

There are two types of Fraud Risk Profiles: that of employees who abuse company assets to obtain personal benefits, and that of people who create the fraud plan in order to give the impression that will make the company look more profitable than it really is.


Fraud Schemes

Fraud Schemes are schemes that fraudsters have created to execute a criminal or fraudulent scenario, in order to obtain the personal benefits derived from it. Corruption, money laundering, skimming cash, and more are all fraud schemes.


Fraud Score

A Fraud Score is an informational tool that helps you gauge risk involved with orders before processing them by identifying traits and historical trends associated with suspicious behavior and fraudulent orders. Fraud detection is a set of activities undertaken to prevent money or property from being obtained through false pretenses. Fraud detection is applied to many industries such as banking, insurance, and e-commerce. This means techniques such as real-time monitoring for frauds is recommended.


Fraud Screening

Fraud Screening generally refers to a checking system that identifies potentially fraudulent transactions. Fraud screening helps reduce fraudulent credit card transactions, reduce the number of manual reviews, minimizes risky sales, and improves a company’s bottom line.


Fraud Statistics

Fraud Statistics are reports produced by companies and organizations that detail things like the numbers of fraudulent transactions that have occurred in a period, what kinds of fraud took place, and anything else related to data on fraud. These fraud statistics are used to figure out how much and what kind of fraud occurs, so that a better preventative plan can be created to mitigate the impacts of fraud.


Fraud Triangle

The Fraud Triangle is a simple framework that is useful to understand a worker's decision to commit workplace or occupational fraud. The fraud triangle consists of three components (sides) which, together, lead to the workplace fraud, and are: 1) a financial need, 2) a perceived opportunity, and 3) a way to rationalize the fraud as not being inconsistent with their own values. The Fraud Triangle is a common teaching aide and metaphor that has been used for decades.


Fraud Upon The Court

Fraud on the court occurs when the judicial machinery itself has been tainted, such as when an attorney, who is an officer of the court, is involved in the perpetration of a fraud or makes material misrepresentations to the court. Fraud upon the court makes void the orders and judgments of that court.


Fraud vs Abuse

Fraud is defined as an intentional deception or misrepresentation made by a person with the knowledge that the deception could result in some unauthorized benefit to himself or some other person. Abuse is defined as provider practices that are inconsistent with sound fiscal, business, or medical practices. It is the actual intention behind these actions that truly differs fraud and abuse.


Fraud vs Forgery

Fraud denotes any kind of practice of dishonesty of a person or a company for financial advantage. It is generally considered a well-thought-out crime by the law. On the other hand, forgery is essentially concerned with a produced or altered object. Fraud is the crime of deceiving another, which may be performed through the use of objects obtained through forgery. Forgery is a common technique in fraud schemes, where the fraudster uses forged documents in order to gain access to information or materials they should not truly have access to.


Fraud vs Theft

Fraud can be defined as when a person deceives others in order to personally benefit themselves. The main objective of fraud is to get money or other valuable items from somebody without their permission. On the other hand, theft occurs when a person or entity takes money or property without permission, or uses them in an illicit manner, with the intent to gain a benefit from it. Performing a fraudulent scheme is generally a step taken to steal something from another.


Fraud Waste and Abuse

Fraud Waste and Abuse is typically a term most commonly used in government and healthcare and refers to several types of negligent and possibly criminal behavior. As defined by United States Code 1347, Fraud is “knowingly and willfully executing, or attempting to execute, a scheme or artifice to defraud any health care benefit program; or to obtain, by means of false or fraudulent pretenses, representations, or promises, any of the money or property owned by, or under the custody or control of, any health care benefit program.” It is illegal to knowingly submit false information in order to receive a monetary or other benefit, the definition of fraud. Waste and abuse, on the other hand, do not require intent and knowledge of wrongdoing. Abuse might take the form of a payment for items or services that have no substantiated basis for payment and/or for which the provider has not knowingly or intentionally tried to get paid. Waste usually refers to the inefficient use of services and is generally not the result of criminal negligence.


Fraud Waste and Abuse Policy

Fraud Waste and Abuse Policy is the set of policies that a business or organization likely have in place so that if fraud or waste occurs within that entity, it has a set of procedures in place to deal with the effects of that fraud or abuse.


Fraud Waste and Abuse Training

Fraud Waste and Abuse Training is training that helps you to understand the definitions of fraud, waste and abuse, identify the principles underlying state and federal laws associated with fraud, waste and abuse, and understand the importance of responsibility for preventing fraud, waste and abuse.


Fraudulent Apps

Fraudulent apps are apps that say they provide some kind of service or entertainment, but their actual purpose is to download malware onto a device, or to discretely attain sensitive information. Some fraudulent apps completely emulate authentic apps, with the intention of tricking people into thinking they are using the real application.


Friendly Fraud

Friendly Fraud can take many forms, but typically involves an actual consumer obtaining goods or services from a merchant, then claiming they did not make the purchase, did not receive the goods, or only received a fraction of items, in order to keep the goods or services without paying for them. Customers commiting friendly fraud make the purchase on a credit card, receive the product or service, and then demand a refund for a lost or short-shipped order, or file a chargeback through their credit card issuing bank, with the intention of receiving a full refund of purchase amount. Also referred to as chargeback fraud, it is estimated that $4.8 billion was lost by US businesses last year to friendly/chargeback fraud. It is also estimated that as much as 80% of all chargebacks are fraudulent.


Front Companies

Front companies could be defined as fictious companies which have been set up and organized by criminals or fraudsters, with the main purpose of using them to perform fraudulent activities. The company may be used to carry out any transaction process on fraudulently collected products.


Gaming Fraud

Gaming fraud occurs when a fraudster deliberately misinforms somebody about information on a game, so that when that person makes a wager on the results of that game, they are doing so with incorrect information, generally making them more likely to lose. Sports tampering and claiming false bets are two examples of gaming fraud.


Geographical IP Detector

A geographical IP detector is software that allows you to trace where an IP address is located on the globe. By mapping the IP address geographically you can easily get information on a person's country, city, longitude, state, ISP, area code, and other pieces of data.


Geolocation Detection

Geolocation refers to the identification of the geographic location of a user or computing device via a variety of data collection mechanisms. Typically, most geolocation services use network routing addresses or internal GPS devices to determine this location.


Ghost Employee

A ghost employee is a common ploy used in payroll fraud. A ghost employee is a person who is on an employer's payroll, but who does not actually work for the company, and perhaps does not exist at all. Someone in the payroll department creates and maintains a ghost employee in the payroll system, and then intercepts and cashes the paychecks intended for this person for themselves.


Ghost terminal

Ghost terminal, used in recent reports of skimming crimes, are electronic devices tailored to copy a credit card’s magnetic strip and Personal Identification Number in order to steal money from an account. They are manufactured devices that appear to be real ATM touch pads or credit-card readers. They are often placed over a legitimate ATM or other card-reading device, often in a manner that is unnoticeable to most consumers.


Gift Card Scammer Numbers

Gift cards are a popular way for scammers to steal money from you. This is because gift cards are like cash: if you buy a gift card and someone uses it, you probably cannot get your money back. Anyone who demands payment by gift card is likely a scammer.


Global Address Verification Directories

Address validation is the process of checking a mailing address against an authoritative database to see if the address is valid. If the address in question matches an address in the official database, the address "validates", meaning it's a real address. Addresses that do not match any addresses in the database are marked as "invalid", meaning the address either doesn't exist or isn't registered with the official postal service. Most countries around the world have their own respective databases against which addresses can be validated.


Government Fraud

Government fraud refers to when an individual purposefully deceives the government so as to benefit from this deception. Examples of government fraud include tax evasion, welfare fraud, and counterfeit currency.


GPS Spoofer

A GPS spoofer allows a device to pretend it is at a different location than its current location. This can be used to deceive services that attempt to track where you are located.


Grandparent Scam

In a typical grandparent scam, a con artist calls or emails the victim posing as a relative in distress or someone claiming to represent the relative (such as a lawyer or law enforcement agent). The "relative" of the grandparent explains she is in trouble and needs their grandparent to wire them funds that will be used for bail money, lawyer’s fees, hospital bills, or another fictitious expense.


Hacking

In a computer system, hacking generally refers to any unauthorized intrusion into a computer or network. The person engaged in hacking activities is known as a hacker. A hacker may alter system or security features to accomplish a goal that differs from the original purpose of the system.


Hash

A Hash or hash function is a function that can be used to transform digital data of an arbitrary size to digital data of a fixed size. The values returned by a hash function are called hash values, hash codes, hash sums, or most commonly, hashes. A cryptographic hash function takes input data, like an address or a credit card number, and transforms it into a compact string of seemingly random characters that generally renders the data useless in the event of a breach.


Healthcare Fraud

Healthcare fraud is a type of white-collar crime that involves the filing of dishonest health care claims in order to turn a profit. Fraudulent health care schemes come in many forms, such as individuals obtaining subsidized or fully-covered prescription pills that are actually unneeded and then selling them on the black market for a profit, or billing by practitioners for care that they never rendered and filing duplicate claims for the same service rendered.


High-Risk Industry

A high-risk industry describes when a type of business proves to have higher rates of failure than others. If businesses in a certain sector, like beer production, have higher rates of failure over other business types, then beer production would be considered a "high-risk industry".


Honeypot

A Honeypot is decoy computer system designed to identify and/or trap hackers and other malicious actors. A honeypot sometimes offers a tempting set of data to attract fraudsters and counteracts their attempts to hack into or otherwise compromise an information system. A honeypot acts as bait by appearing to be a legitimate part of a website, database, or computer system, but is being monitored by IT and security professionals seeking insights into new methods of attack.


Hospitality

Hospitality is a term used to describe how well a certain location or entity accommodates somebody. If a person is well accommodated for when they visit somewhere, it would likely be said that that place provided good hospitality.


Host Card Emulation

In device technology, host card emulation is the software architecture that provides exact virtual representation of various electronic identity (access, transit and banking) cards using only software. Prior to the HCE architecture, near field communication (NFC) transactions were mainly carried out using secure elements. HCE enables mobile applications running on supported operating systems to offer payment card and access card solutions independently of third parties while leveraging cryptographic processes traditionally used by hardware-based secure elements without the need for a physical secure element.


Hybrid Detection System

A hybrid intrusion detection system is used to provide increased detection capabilities. HNID integrates a neural network detection component with a basic pattern matching engine to detect anomalies in the network traffic. This approach efficiently detects known classes of attacks, and also the unknown ones. Both of the detection solutions run simultaneously so that one can provide a method to filter and group the security alerts to reduce the number of alerts which will be sent to the network administrator.


I2P Anonymous Proxy

The Invisible Internet Project (I2P) anonymous network layer that allows for censorship-resistant, peer to peer communication. Anonymous connections are achieved by encrypting the user's traffic (by using end-to-end encryption), and sending it through a volunteer-run network of roughly 55,000 computers distributed around the world.


Identification (ID)

Identification is the process by which something denotes another object as being a part of a certain category. A human could simply be identified as a human, or could be identified as their role or profession, or by their name; an object could have multiple identifications. In the world of fraud, identificarion is a term brought up often, as people have their identity "stolen", which is when others pretend to be you in for malicious purposes.


Identity and Access Management

Identity and access management (IAM) is a framework for business processes, policies and technologies that facilitates the management of electronic or digital identities. With an IAM framework in place, information technology (IT) managers can control user access to critical information within their organizations.


Identity Fraud

Identity fraud is the situation where a fraudster uses the personal information of a victim, without any approval, to perform a criminal action or to mislead or defraud the other person. Most identity fraud is dedicated to the use of financial benefit, such as access to a credit card, a bank account, or even a victim's loan accounts.


Identity Provider

An identity provider is a federation partner that vouches for the identity of a user. The identity provider authenticates the user and provides an authentication token (that is, information that verifies the authenticity of the user) to the service provider.


Identity Spoofing

Identity Spoofing refers to the action of assuming (i.e., taking on) the identity of some other entity (human or non-human) and then using that identity to accomplish a goal. An adversary may craft messages that appear to come from a different principle or use stolen / spoofed authentication credentials. Alternatively, an adversary may intercept a message from a legitimate sender and attempt to make it look like the message comes from them without changing its content.


Identity Theft

Identity theft refers to the act of accessing and acquiring elements of another person's identity (i.e. name, date of birth, billing address, etc.) in order to commit identity fraud. Identity theft can take place whether the victim is alive or deceased. Once a person’s identity data is obtained, the data can be monetized by gaining access to their accounts, stealing their resources or obtaining their credit and other benefits. Identity theft (in combination with, and often used interchangeably with, identity fraud) is one of the fastest-growing crimes globally. A criminal can also use stolen identity information to hijack a consumer accounts, commonly referred to as "account takeover".


Improper Disclosures

Improper disclosure refers to when information is mistakenly shown to somebody that has not been authorized by the appropriate people to see it. The term usually relates to medical disclosure, when a persons personal health information is improperly disclosed to somebody.


InfoSec (Information Security)

InfoSec, short for Information Security, refers to the discipline of defending information from unauthorized access, use, disclosure, disruption, modi cation, perusal, inspection, recording or destruction.


Insider Threat

An insider threat can happen when someone close to an organization with authorized access misuses that access to negatively impact the organization’s critical information or systems. This person does not necessarily need to be an employee – third party vendors, contractors, and partners could pose a threat as well.


Instagram scammer

An Instagram scam could be described a scheme fraudsters perform through the use of social media, such as Instagram, or other related applications in the smartphone, in order to gain access to confidential and private information, money or encrypted monetary data with the use of high-level social engineering.


Insurance Fraud

Insurance fraud is any act committed to defraud an insurance process. This occurs when a claimant attempts to obtain some benefit or advantage they are not entitled to, or when an insurer knowingly denies some benefit that is due. There are two types of insurance fraud: hard fraud, which occurs when someone deliberately fakes an accident, injury, theft, arson or other loss to collect money illegally from insurance companies, or soft fraud, in which normally honest people often tell "little white lies" to their insurance company for the purposes of filing or maximizing a claim.


Intellectual Property

Intellectual property, also known as IP, describes an item or idea that has been credited as belonging to somebody in some way. Common types of IPs would be patented or copyrighted materials.


Intelligence

Fraud Intelligence is the leading practical resource for the counter-fraud professional; it provides applied insight, analysis and tools to combat fraud and corruption, whether in the corporate or non-commercial sector, together with coverage of relevant statute and case law.


Intelligence Augmention

Intelligence Augmentation, or IA, is an alternative conceptualization of artificial intelligence that focuses on AI's assistive role, emphasizing the fact that cognitive technology is designed to enhance human intelligence rather than replace it. The choice of the word augmented, which means "to improve," reinforces the role human intelligence plays when using machine learning and deep learning algorithms to discover relationships and solve problems.


Internal Fraud (Insider Fraud)

Internal fraud occurs when an employee makes a false representation, fails to disclose information, or abuses a position of trust either for personal gain or to cause losses to others. Internal fraud can range from compromising customer or payroll data to inflating expenses to petty theft. Often referred to as occupational fraud, these schemes can be planned or unplanned and opportunistic or linked to organized criminal networks. When more than one employee is involved in the scheme, it is referred to as collusion and the average losses to the organization are greater.


Interoperability

Interoperability describes the ability of computer systems or software to exchange and make use of information. Interoperability requires mechanical compatibility among the systems, and it is only able to take results from where profitable contracts have been settled among the systems.


Inventory Fraud

Inventory fraud involves the theft of physical inventory items and the misstatement of inventory records on a company's financial statements. A small business may be a victim of fraud perpetrated by one of its employees, or the business itself may engage in fraudulent activities to trick shareholders and tax agencies. Inventory contains rare materials and uncompleted or completed items that are normally stored in a storage room.


Investment Fraud

Investment fraud is any scheme or deception relating to investments that affect a person or company. Investment fraud includes illegal insider trading, fraudulent stock manipulation, prime bank investment schemes and hundreds of other types of financial scams.


Invisible Web

The Invisible Web is the part of the World Wide Web, which is not indexable by search engines and is therefore invisible. In contrast to the Surface Web, the Invisible Web consists of data and information that cannot be searched with search engines for various reasons.


IOD - Impersonation of the Deceased fraud

IOD or Impersonation of the Deceased fraud is defined as a type of identity theft that occurs when an individual utilizes the information and personal data of a deceased person in an attempt to fraudulently obtain credit, financial details, or other identity related criminal acts.


IoT Botnet

A botnet is a collection of internet-connected devices that an attacker has compromised. Botnets act as a force multiplier for individual attackers, cyber-criminal groups and nation-states looking to disrupt or break into their targets’ systems. Commonly used in distributed denial of service (DDoS) attacks, botnets can also take advantage of their collective computing power to send large volumes of spam, steal credentials at scale, or spy on people and organizations.


IP Address

An Internet Protocol address (IP address) is a rational numeric address that is assigned to each computer, printer, or some other device that is considered to be a part of a TCP/IP-based network. An IP address is the main element on which the network structure design is built, and there is no network that could ever exist without any IP address.


IP Address Verification

Internet Protocol or IP Address Verification could be defined as a set of processes and procedures that ensure that everything you produce, buy, or sell on the Internet will have a legal and registered IP address.


Issuer (Issuing Bank)

The Issuing Bank is the financial institution which issues individuals with credit cards or debit cards and extends short-term lines of credit to purchase goods and services. Familiar issues include Bank of America, Wells Fargo, Citibank and The issuer settles card transactions for the purchaser or card holder whereas its counterpart the acquiring bank or merchant acquirer, is the bank that is responsible for settling credit and debit card transactions on behalf of the merchant. Issuers generally manage the credit and debit card programs on behalf of the card networks, such as Visa and Mastercard, and for their role in the card payment process, receive the majority of the interchange and other fees in a credit card and debit card transaction. Discover and American Express are both issuers and card networks.


Jitter

Jitter is an anti-skimming method that alters the information on the magnetic stripe by changing the bustle or gesture of the card while it is swiped or dragged into a card reader or ATM. Jitter is intended to make unreadable any type of information that has been copied from a skimmer, and therefore the information will be unusable.


Keystroke Dynamics

Keystroke dynamics or typing dynamics refers to the automated method of identifying or confirming the identity of an individual based on the manner and the rhythm of typing on a keyboard. Keystroke dynamics is a behavioral biometric, which means that the biometric factor is 'something you do'.


Keystroke Logger

A keylogger, sometimes called a keystroke logger or system monitor, is a type of surveillance technology used to monitor and record each keystroke typed on a specific computer's keyboard. Keylogger software is also available for use on smartphones, such as Apple's iPhone and Android devices. Keyloggers are often used as a spyware tool by cybercriminals to steal personally identifiable information (PII), login credentials and sensitive enterprise data.


Kickbacks

A kickback is an illegal payment intended as compensation for favorable treatment or other improper services. The kickback may be money, a gift, credit, or anything of value. Paying or receiving kickbacks is a corrupt practice that interferes with an employee's or a public official’s ability to make unbiased decisions. It is often referred to as a bribe.


KYC (Know Your Customer)

Know Your Customer (KYC) refers to due diligence that banks and other financial institutions must perform on their customers before doing business with them. Know your customer policies are usually required by governments and enforced by bank regulators to prevent corruption, identity theft, financial fraud, money laundering and terrorism financing. Most Know Your Customer frameworks are based on four components: 1) customer identification, 2) customer acceptance, 3) transaction monitoring and 4) ongoing risk management. Requirements vary by country, but the collection of basic identity documents, comparison against certain name lists ('politically exposed persons' or PEP lists, for example), and analysis of transaction behaviors are most common.


Law Enforcement

Law enforcement could be described as a system where a number of members of society act in a systematic way to enforce the law, determining, discouraging, assimilating or even punishing those who break the rules and regulations that are known and governed by that society.


Lending

Lending (also known as "financing") in its most general sense is the temporary giving of money or property to another person with the expectation that it will be repaid. In a business and financial context, lending includes many different types of commercial loans. Lenders are businesses or financial institutions that lend money, with the expectation that it will be paid back, generally with some type of interest. The lender is paid interest on the loan as the cost of receiving the loan. The higher the risk of not being paid back, the higher the interest rate.


Level of Assurance

A Level of Assurance, as defined by the by ISO/IEC 29115 Standard, describes the degree of confidence in the processes leading up to and including an authentication. It provides assurance that the entity claiming a particular identity, is the entity to which that identity was assigned.


Liability Shift

Liability shift generally refers to the responsibility of covering the losses from fraudulent transactions moving from the merchant to the issuing bank when the merchant has authenticated the transaction using any of the 3D Secure (3DS) protocols. If the merchant does not authenticate the credit card transaction with a 3D Secure method, the merchant remains liable for chargebacks and fraud losses.


Log File

A log file is a file that keeps a registry of events, processes, messages and communication between various communicating software applications and the operating system. Log files are present in executable software, operating systems and programs whereby all the messages and process details are recorded. Every executable file produces a log file where all activities are noted.


Login

A login is a set of identifications used to validate a user: this generally involves a username and password that allows a person to log in to a computer system, network, mobile device, or user account. A login might contain further information, such as a PIN number, passcode, or passphrase. Logins are usually used by websites, computer applications, and mobile apps to verify a customer's identity. They are a safety measure aimed to avoid illegal access to private data or assets.


Login Authentication

The process that recognizes and validates a user's identity is known as login authentication. A common example is having to enter both a username and password into a website in order to gain access to an account.


Lottery Scam

A lottery scam is a type of advance-fee fraud which begins with an unexpected email notification, phone call, or mail-letter (sometimes including a large check) explaining that "You have won!" a large sum of money in a lottery. The recipient of the message—the target of the scam—is usually told to keep the notice secret, and is then solicited for some amount of money in order to "confirm" the prize they have won.


Loyalty Points Fraud

Loyalty points fraud occurs when a fraudster gains access to somebody else's loyalty rewards points account, and then redeems these points for products that will benefit the fraudster. This type of fraud is becoming more popular as card fraud becomes harder, and because loyalty point accounts aren't checked for malicious behavior very often, allowing this fraud to go undiscovered for long periods.


Machine Learning

Machine learning (ML) refers to the development of computer algorithms and statistical models to perform predictions and specific tasks without explicit instructions, rather using inferences and patterns instead. Machine learning is a subset of artificial intelligence and generally falls into two main categories: 1) supervised learning, in which the outcomes are known and labelled in training data sets and 2) unsupervised learning, in which no outcome is known and the goal is to have items self-organized into clusters based on common characteristics or features. Supervised learning uses techniques like neural networks, bayesian models, regression models, statistical models, or a combination thereof. Unsupervised learning uses techniques like k-means clustering and is often used for anomaly detection. Some computer systems have the ability to “learn” or make progressive improvements on a task based on algorithms and subsequent outcomes. As an example, machine learning in fraud prevention allows algorithms to make immediate decisions on new transaction decisions, but over time "learn' from the outcomes of the purchases and from that new data, self-correct to make increasingly accurate predictions going forward. The fastest and most reliable path towards the learning component relies on analysts’ insights, assisted by machine-learned predictions, to make well-informed decisions.


Mail Fraud and Wire Faud

Mail fraud and wire fraud are federal crimes in the United States that involve mailing or electronically transmitting something associated with fraud. Jurisdiction is claimed by the federal government if the illegal activity crosses interstate or international borders.


Mail Order Telephone Order

MOTO is a type of card-not-present (CNP) transaction in which services are paid and delivered via telephone, mail, fax, or internet communication. With the introduction of chip technology on most cards, there has been reduced fraud in “card present” transactions, but a corresponding increase in fraud in CNP transactions.The word stands for “mail order telephone order,” although those types of financial transactions are increasingly rare. MOTO has, therefore, become synonymous with any financial transaction where the entity taking payment does not physically see the card used to make the purchase.


Malware

Malware is software that is intentionally designed to cause damage to a computer, client, server or the network of a computer. Hostile, intrusive, and intentionally nasty, malware seeks to invade, damage, or disable computers, often by taking partial control over a device’s operations.


Man-In-The-Browser

A man-in-the-browser is a form of Internet threat that infects a web browser by taking advantage of vulnerabilities in browser security in order to modify web pages, modify transaction content or insert additional transactions, all in a completely covert fashion invisible to both the user and host web application.


Man-In-The-Middle

Man-in-the-middle (MITM) is an attack where the attacker secretly relays and possibly alters the communications between two parties who believe they are directly communicating with each other.


Manpower Direct and Indirect Costs

Manpower Direct Costs include wages for the employees that produce a product, including workers on an assembly line, while indirect costs are associated with support labor, such as employees who maintain factory equipment.


Manual Review

Manual review is a technique that can be performed in-house or may be outsourced to or managed by a third party vendor. In either case, staff members perform manual checks on orders to determine the authenticity of an identity and transaction to establish which orders are fraudulent.


Manual Submission

Manual submission describes when somebody adds URLs to a search engine manually, filling out the form fields individually. This differs from automatic submissions, which involve filling out information only one time; the necessary information is then used by a software program to submit to many search engines.


Marketplace

A marketplace is the real, virtual or metaphorical space in which a market operates. The term is also used in the trademark law context to denote the actual consumer environment, i.e. the 'real world' in which goods and services are provided and consumed.


Marketplace Fraud

Marketplace fraud is the illegal practice of making false or misleading claims through a company. This includes exaggerating the qualities of a product or service in advertising, selling imitations as the genuine article, or hiding negative aspects or side effects. False advertising is a type of the marketplace fraud.


Medical Fraud

Medical fraud is a type of white-collar crime that involves the filing of dishonest health care claims in order to turn a profit. Health care fraud influences insurance rates every day, causing premiums individuals pay to rise to cover the insurance companies’ losses.


Medical Identity Theft

Medical identity theft occurs when somebody illegally accesses and uses a patient's personally identifiable information (PII) to obtain medical treatment, services or goods. The stolen information may be used to open credit card accounts or obtain medical services such as treatment at an emergency medical crisis location.


Merchant Account

A merchant account is a type of bank account that allows businesses to accept payments made by debit or credit cards.


Merchant Account Provider

Merchant account providers give businesses the opportunity to accept debit and credit cards for the payment of goods and services. This can be conducted face-to-face, over the phone, or even over the Internet.


Merchant Chargeback Insurance Provider

Chargeback insurance is an insurance product that protects merchants who accept credit card payments. The insurance protects the merchant against fraud in transactions where the use of the credit card was unauthorized, and covers claims arising out of the merchant's liability to the service bank.


MFA (Multi-Factor Authentication)

MFA or Multi-Factor Authentication is an approach to security authentication, in which the user of a system provides more than one form of verification to prove their identity and be granted access. Multi-factor authentication is so named because it leverages a combination of two or more factors of authentication. In the field of cybersecurity, the three major factors of authentication and verification are: 1) something a user knows (such as a password or the answer to a question), 2) something the user has (such as a smart card, a mobile phone or a security token), and something the user is (such as a unique biometric marker like a fingerprint).


Misrepresentation

Misrepresentation is a concept of English law, which describes when a party uses misleading statements or facts in negotiations to induce the other party to take certain actions.


Mobile

A "mobile" is a term used for phones, stemming from the term "mobile phones", which differs from their predecessor, wired or immobile phones. A mobile phone is a portable device whose primary use is to "call" other phones, allowing for a conversation to be had from pretty much any two places in the world between these two devices.


Mobile Device Analysis

Mobile device analysis is a branch of digital analysis that refers to the recovery of digital evidence or data from different mobile devices under the analysis of a sound condition. Mobile devices are used to save different types of personal information such as contacts, notes, calendars, and to communicate with others.


Mobile Phone Fraud

Mobile phone fraud is simply any fraud that involves the use of mobile phones. One type of this fraud is call-forwarding fraud, where a fraudster tricks a victim into mistakenly forwarding their phone calls to another number.


Money Laundering

Money laundering is the process of concealing the origins of illegally obtained money by going through a complex sequence of bank transfers to make the money look as if it came from a legitimate source or business transactions.


Monitoring

The term monitoring refers to the observing and checking of the progress or quality of something over a period of time. Monitoring services generally ensure the security and authenticity of something over time.


Mortgage fraud

Mortgage fraud is a crime in which the fraudster omits information on an application for a mortgage loan to obtain to greater loan than they would likely normally be eligible to recieve.


Mousetrapping

Mousetrapping is a technique used by websites to keep its visitors on the website for longer, and also to force visitors to engage with their website. It may occur from a website launching pop-up ads to delay the user from exiting the page.


Multichannel Merchanting

Multichannel merchanting describes the process of trying to sell products to both current and potential users through a variety of channels.


Near-Field Communication

Near-Field Communication, also known as NFC, is the set of communication protocols that allow two electronic devices to share information with one another based on their proximity to each other. NFC devices are used in contactless payment systems, allowing mobile phones to act as or supplement a credit or debit card in a transaction.


Network Effect

Network Effect, is a phenomenon in which a good or service gains additional value as more consumers use it. Technically, the term refers to the effect that one individual user of a product or service has on the value of that product or service to other people. The value of a product or service increases as more people use the product.


Neural Network

A neural network is a progression of algorithms that attempt to copy the manner in which the human cerebrum works in order to draw connections between different pieces of information. Neural systems can adapt to the evolution of inputs; in this way the system produces the most ideal outcome even when dealing with not-before-seen information.


Omnichannel

Omnichannel is a cross-channel content approach that companies use to improve their user experience. Instead of working in comparable communication channels, communication channels and their support resources are planned and organized to collaborate. Omnichannel indicates the combination and also the arrangement of the channels so that the experience will be attractive across all channels.


On-Premise Software

On-premises software (also known as on-premise, and shortened "on-prem") is implemented and activates on computers on the premises of the individual or company using the software, rather than at a distant facility such as a server farm or cloud. On-premises software is occasionally referred to as “shrinkwrap” software, and off-premises software is usually named “software as a service” ("SaaS") or “cloud computing”.


One-time Password

One-time Password is a password that is valid for only one login session or transaction, on a computer system or other digital device. This means that a potential intruder who manages to record an OTP that was already used to log into a service or to conduct a transaction will not be able to abuse it, since it will no longer be valid.


Open Authorization

Open Authorization, sometimes called OAuth, is an open standard for access allocation, usually used as a method for Internet users to give websites or applications access to their information on different websites but without providing them with the passwords. This method is used by some companies such as Amazon, Google, Facebook, Microsoft and Twitter to allow the users to share their account information with third parties, such as applications or websites.


OpenID

OpenID is an open standard and decentralized authentication protocol in which a user can create their own account by selecting an open ID identity provider, then after that, this account can be used to sign onto other websites. It allows users to be authenticated by co-operating sites using a third-party service, eliminating the need for webmasters to provide their own ad hoc login systems.


Out-of-band Authentication

Out of band authentication (OOBA) is a term for a process where authentication requires two different signals from two different networks or channels. These kinds of more sophisticated authentication prevent many kinds of fraud and hacking. Out-of-band authentication will effectively block many of the most common kinds of hacking and identity theft in online banking.


Pagejacking

Pagejacking is the process of illegally copying legitimate website content (usually, in the form of source code) to another website designed to replicate the original website. A pagejacker's intention is to illegally direct traffic from the original site to cloned Web pages. Pagejackers rely on search engines to index bogus site content to enable search result ranking and display with the original site.


Pass-Along Rate

A pass-along rate represents the percentage of people who pass on a message or file. Indeed, pass-along rates are a measure of word-of-mouth marketing. Objects typically passed include email messages, Web pages and multimedia files. Content typically passed includes humor and entertainment, late-breaking news, shopping specials, and technical gizmos.


Passive Authentication

In a passive authentication scenario a user is directed to a login page, and after logging in, the site directs the user back to the URL and allow the user to be authenticated on that site. The passive authentication can be achieved by using WS-Federation protocol or SAML 2.0.


Payables Fraud

Payable fraud, also known as AP fraud, is among the most ubiquitous and damaging of frauds that affect businesses of all sizes. It's also among the easiest frauds to perpetrate, since most of the money leaving a company legitimately goes through the accounts payable function.


Paying Personal Expenses

Paying personal expenses refers to the expenses of an individual that are not related to business or investment purposes. Personal expenses are not deductible unless specifically allowed under the tax law. Two examples of deductible personal expenses are medical expenses and personal property tax paid on personal-use property. Deductible expenses are returned when an employee creates and sends an invoice to the company, and in return the company will give them the money to pay those personal expenses.


Payment Application Data Security Standard

Payment Application Data Security Standard (PA-DSS) is a set of requirements that are intended to help software vendors to develop secure payment applications that support PCI DSS compliance.


Payment Fraud

Payment fraud is a blanket term for a variety of different frauds that all center around using false information or unauthorized means to make a purchase. This type of fraud can roughly be categorized into three kinds of situations; relating to fraudulent or illegal transactions, misplaced or stolen goods, and false requests for reimbursements or returns on goods.


Payment Gateway

A Payment Gateway processes credit card and debit card payments, as well as other forms of electronic payments, primarily on behalf of e-commerce and brick-and-mortar merchants. The Payment Gateway is responsible for authenticating, standardizing and relaying transaction data between the merchants and the payment processors. The payment gateway responsibilities include securing payment data according to PCI DSS standards, securely sending transaction data to the payment processor, and storing the transaction and subsequent settlement, refund and other financial event data for later access by the merchant. Banks often own the payment gateways, but payment service providers (PSPs) like PayPal, Square or Stripe can also create their own Payment Gateway software.


Payment Threshold

A payment threshold defines a situation in online marketing where an associate has to meet a certain criteria, generally a number of sales, before being paid by the affiliate company for their services.


Payment Verification

Payment Verification describes the set of procedures that allow customers to verify or confirm the payment they have made after purchasing any product or service. This set of procedures can usually be conducted through the Internet by the customer itself.


PayPal

PayPal Holdings, Inc. is an American company that operates a universal online payment method that supports online money transfers and also serves as an electrical substitute for the usual paper-based methods such as cheques and money orders. The company functions as a payment mainframe for online vendors, auction sites, and numerous other business users, who are charged an interbank fee for profits such as one-click transactions and password memory.


Paypal Fraud

PayPal fraud is fraud related to using the paypal payment system. It can be initiated or performed through emails, phishing sites, malevolent ads, doubtful links, and many more. These scams try to appear authentic in order to trick users into releasing personal information, such as usernames and passwords, or to illegally obtain payments and payment info.


Payroll Fraud

Payroll Fraud is a category of accounting fraud typically carried out by people who have access to employee information, their incomes or their wages. Companies that have not applied the accurate controls in their financial section – particularly in times of financial distress – will face more complex fraud risks than other companies.


PCI Compliance

Payment card industry (PCI) compliance refers to the practical and operational principles that companies need to follow to ensure that credit card information provided by cardholders is secure. PCI compliance is prescribed by the PCI Standards Council, and all companies that automatically store, process or convey credit card data are required to follow the compliance procedures.


PCI DSS

The Payment Card Industry Data Security Standard, also known as PCI DSS, is an IT security standard for companies that handle branded credit cards from the major card providers. The PCI Standard is mandated by the card brands and administered by the Payment Card Industry Security Standards Council. The standard was created to increase controls around cardholder data to reduce credit card fraud.


Persona

A persona is an artificial profile for a type of customer, created on certain identifying criteria. Personas are generally used in marketing efforts as a way of figuring out how to best target different segmented audiences.


Personal Details Compromise

Personal Details Compromise, also known as a data breach, is the planned or unplanned relief of protected or confidential data in an unreliable environment. Other types of this occurrence include unplanned data revelation, data leaks and data spills. A data breach is basically a security occurrence in which delicate, secured or confidential data is imitated, conveyed, observed, taken or used by a person who is not entitled to do so.


Personal Information

Personal Information can be described as any accurate or personal information, whether documented or not, about a recognizable person. Personal Information can include name, e-mail, address, civilization, race, identification number, occupation history, and other more related information.


Personally Identifiable Information

Personally identifiable information is any data that could potentially identify a specific individual. Any information that can be used to distinguish one person from another and can be used for de-anonymizing anonymous data can be considered PII.


Phantom Debt

Phantom debt collection fraud appears in many variants, but the most common component among them is the claim that a customer is indebted and has to pay it, or else they will incur heavy penalties. Regardless of whether the customer really took out a loan or not, they may accept a call later during which they will be asked to pay the money of the loan.


Pharming

Pharming is a cyber-attack aimed at exchanging traffic from an official website to a different fake website. Pharming could be performed either by varying the hosts folder on a victim's computer or by misusing a weakness in DNS server software. Pharming involves undefended access to a target computer, such as a customer's home computer, rather than a corporate server.


Phishing and Pharming

Phishing and Pharming are two methods of cyberattacks to lure a victim to false websites in order to send them malware or get his/her personal information. Phishing involves getting a user to enter personal information via a fake website. Pharming involves modifying DNS entries, which causes users to be directed to the wrong website when they visit a certain Web address.


Phishing Kit

The phishing kit can be described as a collection of several software programs that allows an individual to manage and launch specific types of campaigns and phishing scams. The phishing kit makes it easy for those with even few technical skills to launch some kind of phishing exploit.


Phishing Schemes

Phishing schemes involve getting a user to enter a website and input their personal information for the fraudster to then take advantage of. This website often times emulates the design of a legitimate business's website, in the hopes of tricking people into entering their information on a site they think is real and trustworthy.


Plagiarism

Plagiarism refers to the illegal act of copying someone’s work and presenting it as one’s own original work. This act may include the stealing of handwriting, online drawings, or any other online aspect that can be stolen and presented as original. Plagiarism is believed to be a crime in almost all the countries over the world.


Platform

On the internet, a platform refers to a virtual space where a company, a person, or a community can create its own page or website, or even a network that can serve the people who come to visit. This type of business is referred to an e-commerce and most international organizations have their own online platforms.


Point-To-Point Encryption

P2PE, or point-to-point encryption, refers to all the processes and tools involved in protecting different online procedures and actions throughout all steps of the process. It is usually provided by a third-party, and often when an organization purchases this solution from an outside party, that party will then help the company in setting up the encryption.


Policy Violation

A policy violation occurs when a user records an expense with details violating the company's expensing policies. There are different types of sanctions which are put in place in the event of a breach of policy, and some of these sanctions are set by the authorities. Policies and sanctions can differ across fields and organizations, based on many different factors.


Privacy

Privacy is the practice or idea of keeping certain information a secret from a certain group. It also describes the capability of the individual to protect the information he or she considers personal.


Processing Unauthorized Payroll

The processing of unauthorized payroll refers to the act of identifying whether payroll has been calculated for an unauthorized person in the organization's list. This process is done to prevent payroll fraud, where a payroll manager knowingly approves fraudulent payroll transactions, generally with the purpose of taking that money for themselves.


Proofing

Proofing refers to the act of verifying and authenticating the identity of legitimate customers. Identity proofing is required when a person wants to withdraw money or take any other confidential information from online resources.


Proxy Piercing

Proxy piercing refers to a patented Fraud.net technology which enables hosts to determine whether a person is making a proxy purchase or not. It also allows them to identify the type of network used by an online user. At a higher level, this also determines the location of that user.


Purchase Amount Filter

A purchase amount filter is a technology, method, or practice that allows e-commerce website hosts to identify or prevent scams that occur with ease by setting up limitations on the amount of a product that can be purchased at one time.


Pyramid Schemes

A pyramid scheme is a fraudulent business model where an initial group of people recruit others to join their company, but charge them an upfront-fee in order to become an employee, and then urges those new employees to recruit others and get up-front fees from them as well. As new recruits join, their upfront fees go towards paying earlier members of the pyramid scheme, and so the goal of the business is really just to trick people into joining the company and paying this fee; the company may have an actual product to sell, but selling the product is often not the focus of this business.


Ransomware

Ransomware is a type of malicious software that can be downloaded by opening an email which is infected or a website which hosts it. It is designed to block access to a computer system until a sum of money is paid.


Real-Time Risk Management

Real-time risk management is a process which enables a person to handle risks associated with payments as the payment happens. It allows the person to effectively ensure that all the transactions are being carried out in a proper way, and can be denied at the business owner's discretion in case they believe a purchase to be fraudulent. This solution can be provided by a third-party as well.


Record Destruction

Record destruction refers to the process of illegally destroying information stored in the form of documents. This is an ethically wrong practice and if spotted within an organization can lead to the termination of that person's employment.


Relying Party

Relying party or third party is a computer term used to refer to a server providing access to a secure software application. Claims-based applications, where a claim is a statement an entity makes about itself in order to establish access, are also called relying party (RP) applications. Actually RP refers to the person who provides services to the customer not directly but just by connecting the customer to the actual seller. Usually, the host or the merchant has to identify the real party that is delivering services to the customers.


Reshipping Fraud Scheme

In a reshipping scam, the criminals purchase high-value products with stolen credit cards and recruit willing or unsuspecting people (reshipping mules) to receive and forward the packages on behalf of the criminals. In the package, there will be stolen items and in case of arresting, the re-sender will be arrested first.


Retail Loss Prevention

Retail loss prevention is actually a set of practices and methods which are employed by retail companies to preserve profit, so to ensure that there are as few scams associated with transactions as possible. Profit preservation is any business activity specifically designed to reduce preventable losses. Usually, most crimes are related to retail and in order to minimize this risk, these practices are adopted by the retailer, and are known as retail loss prevention methods.


Return On Investment (ROI)

Return on investment (ROI) is a performance measure used to evaluate the efficiency of an investment or compare the efficiency of a number of different investments. ROI tries to directly measure the amount of return on a particular investment, relative to the investment’s cost.


Risk Assessment

Risk assessment is the systematic process of evaluating the potential risks that may be involved in a projected activity or undertaking. To assess the risks, different tools and methods can be utilized. In addition, risk assessment also involves determining the likelihood of risks that will threat the system in the future.


Risk Management

Risk management describes the process and practices of companies in attempting to prevent malicious or fraudulent activity from occurring within their systems, as well as addressing any other issues that would create financial risks. It can be more simply defined as the practice of forecasting and evaluating potential financial risks alongside identification procedures that aim to avoid or minimize their impact.


Risk-Based Authentication

Risk-based authentication is a non-static authentication system which takes into account the profile(IP address, User-Agent HTTP header, time of access, and so on) of the agent requesting access to the system to determine the risk profile associated with that transaction. False insurance claims are insurance claims filed with an intent to defraud an insurance provider.


Rules Engine

A rules engine is a software system or a program that is capable of executing one or more than one business rules in an environment of run time production. The rules might be coming from a company policy, legal regulation, or some other sources. Most organizations tend to them.


Rules-Based Fraud Detection

It can be said that rule based fraud detection system utilizes logical comparisons, statistics, and the correlation of data for identifying potential acts of fraud within insights that are obtained from previous, known incidents of fraud.


Run of network (RON)

Run of Network, or RON, is actually a form of internet marketing where an online advertising campaign is applied to a wide collection of websites without the ability to choose specific sites. In run-of-network advertising, advertisers generally give up say over placement in return for low rates and broad reach. Ads may be placed randomly in unsold, less valuable portions of sites within an ad network.


Sales scam

Sales scam are a type of crime associated with online retailing, where money is snatched from the users without delivering them products or sending a different cheap product instead. There are different types of e-commerce fraud methods which can be utilized by the scammer to commit crimes and fool customers.


SCA (Strong Customer Authentication)

SCA is defined as “an authentication based on the use of two or more elements categorized as knowledge (something only the user knows), possession (something only the user possesses) and inherence (something the user is).The process considers national identity of the customer, tracking of the position, analysis of interest and information of the services. Strong customer authentication is required before any type of business transaction in order to have full access to customer accounts in case of fraud.


Scammer

The term scam refers to fraudulent schemes in which goods and money are taken from unsuspecting persons, generally through the deceit of the victim.


Scams

A fraudulent scheme performed by a dishonest individual, group, or company in an attempt to obtain money or something else of value. Scams traditionally resided in confidence tricks, where an individual would misrepresent themselves as someone with skill or authority, i.e. a doctor, lawyer, investor.


Scareware

Scareware malicious computer programs designed to trick a user into buying and downloading unnecessary and potentially dangerous software, such as fake antivirus protection. Also known as deception software, rogue scanner software or fraudware, scareware may come in the form of pop-ups. These appear as legitimate warnings from antivirus software companies, and they claim your computer's files have been infected.


Scholarship Scam

Scholarship scam is described as a situation where fraudsters offer a fraudulent scholarship to attract the victims. Sometimes the seminars do provide some useful information, but actually they are disguised sales pitches for financial aid consulting services (e.g., maximize your eligibility for financial aid), investment products, scholarship matching services and overpriced student loans.


Scraper

A site scraper can be defined as a kind of software that duplicates content from a website. Site scrapers work similarly to web crawlers, which essentially perform the same function for the purposes of indexing websites. Web crawlers cover the whole Web, however, unlike site scrapers, which target user-specified websites.


Script Kiddie

A script kiddie is an offensive term used to refer to non-serious hackers who use existing computer scripts or code to hack into computers, rather than them creating their own due to them lacking the skills or expertise to write their own.


Second Party Fraud

Second party fraud, or money mules, is where a person allows another to use their identity or personal information to perform fraud. Businesses may find second party fraud difficult to detect and challenge since the identity of the person that is used to carry out fraud has largely allowed it to take place.


Secure Element

A Secure Element (SE) is a microprocessor chip which can store sensitive data and run secure apps such as payment. It acts as a vault, protecting what's inside the SE (applications and data) from malware attacks that are typical in the host (i.e. the device operating system).


Security Protocol

Security protocol, also called cryptographic protocol, could be described as a sequence of operations that ensure the protection of data. Used with a communications protocol, it provides secure delivery of data between two parties.


Security Threat and Risk Assessment

Security Threat and Risk Assessment can be defined as a technique that classifies the overall business and security risks with the aim of defining the competence of security controls, together with the service, in order to reduce the set of risks that appear for the business.


Security token

A security token is a physical device used to gain access to an electronically restricted resource. The token is used in addition to or in place of a password. It acts like an electronic key to access something. Some tokens may store cryptographic keys that may be used to generate a digital signature, or biometric data, such as fingerprint details.


Sensitive data

Sensitive data is defined as information that is protected against unwarranted disclosure. Access to sensitive data must be safeguarded. Protection of sensitive data may be required for legal or ethical reasons, for issues pertaining to personal privacy, or for proprietary considerations.


SEO

SEO is an abbreviation for Search Engine Optimization, which is the art of having your website optimized, or attractive, to the major search engines for optimal indexing. It refers to the process of increasing the quality and quantity of the traffic of the website and this process is used to increase the visibility of web pages for search engine users.


Serious Fraud Office (SFO)

The Serious Fraud Office (SFO) is a non-ministerial government department of the Government of the United Kingdom that investigates and prosecutes serious or complex fraud and corruption in England, Wales and Northern Ireland.


SERP

Search Engine Results Pages (SERP) are the pages displayed by search engines in response to a query by a searcher. The main component of the SERP is the listing of results that are returned by the search engine in response to a keyword query, although the pages may also contain other results such as advertisements.


Shopping Cart

A shopping cart is a feature in online shopping that works as a temporary record of items selected for eventual purchase from the online vendor's website.


Shoulder Surfing

Shoulder surfing is the practice of spying on the user of an ATM, computer, or other electronic device in order to obtain their personal access information. This is generally done by looking over someone's shoulder at the information on screen, hence its name.


SIM Cloning

SIM cloning is the procedure through which a genuine SIM card is reproduced. When the cloning is accomplished, the cloned SIM card’s classifying information is transported onto a separate, secondary SIM card. The secondary card can then be used in a different phone while consuming all the calls and related charges credited to the original SIM card.


Single sign-on

Single sign-on (SSO) is a session and user authentication service that permits a user to use one set of login credentials (e.g., name and password) to access multiple applications. SSO can be used by enterprises, smaller organizations, and individuals to mitigate the management of various usernames and passwords. In a basic web SSO service, an agent module on the application server retrieves the specific authentication credentials for an individual user from a dedicated SSO policy server, while authenticating the user against a user repository such as a lightweight directory access protocol (LDAP). The service authenticates the end user for all the applications the user has been given rights to and eliminates future password prompts for individual applications during the same session.


Skimmer

Skimmers are essentially malicious card readers attached to real payment terminals so that they can harvest data from every person that swipes their cards. The typical ATM skimmer is a small device that fits over an existing card reader.


Skimming

Skimming is considered a type of white-collar crime,and is described as the theft of cash from a business prior to its entry into the accounting system for that company. Although skimming is one of the smallest frauds that can occur, it is also the most difficult to detect.


Skimming cash receipts

Skimming is slang for taking cash "off the top" of the daily receipts of a business (or from any cash transaction involving a third interested party) and officially reporting a lower total. The formal legal term is defalcation. Even though skimming is one of the smallest frauds that could appear, they are considered as the most difficult fraud to detect.


Smart Card

A smart card is a physical card that has an embedded integrated chip that acts as a security token. Smart cards are typically the same size as a driver's license or credit card and can be made out of metal or plastic. They connect to a reader either by direct physical contact (also known as chip and dip) or through a short-range wireless connectivity standard such as radio-frequency identification (RFID) or near-field communication (NFC).


SMishing

SMishing is a security attack in which the user is tricked into downloading a Trojan horse, virus or other malware onto his cellular phone or other mobile device. SMiShing is short for "SMS phishing."


Sniffing

Sniffing is the process of monitoring and capturing all data packets passing through given network, and is illegal to be done by an unauthorized party. This stolen information can be used for fraud and obtaining other significant data from users. Sniffers are used by network/system administrators to monitor and troubleshoot network traffic. Attackers use sniffers to capture data packets containing sensitive information such as password, account information etc.


Social Media

Social media is a large platform where people entertain, communicate, and connect with the world. It consists of different social networking sites which can be used by hackers and fraudsters to steal personal information of users. This information includes credit card numbers and other personally identifiable information, which are often solicited through "phishing" attacks done on social media sites.


Social media tracking

Social media tracking or monitoring is a process of using social media channels to track, gather and mine the information and data of certain individuals or groups, usually companies or organizations, to assess their reputation and discern how they are perceived online.


Social Security fraud

Social Security fraud usually occurs when an unauthorized third-party gains access to an individual's Social Security number and exploits it for their own financial benefit.


Social security number (SSN)

A Social Security number (SSN) is a nine-digit number that the U.S. government issues to all U.S. citizens and eligible U.S. residents who apply for one. The government uses this number to keep track of your lifetime earnings and the number of years worked. Using a social security number, personal data can be obtained, and can let a criminal use the information for purposes of defrauding the owner of that social security number. Often this involves stealing money or the identity of that SSN owner.


Software Piracy

Software piracy is the illegal copying, distribution, or use of software. It is such a profitable "business" that it has caught the attention of organized crime groups in a number of countries. According to the Business Software Alliance (BSA), about 36% of all software in current use is stolen.


Spam

Spam refers to an irrelevant or inappropriate message sent on the Internet to a large number of recipients. These messages are often used by scammers to trick people into providing their personal data so that they can be used to blackmail the person. Normally, spam offers an advertisement which is not validated under the actual name of organization.


Spear phishing

Spear phishing is the fraudulent practice of sending emails ostensibly from a known or trusted sender in order to induce targeted individuals to reveal confidential information. For instance, a person may get an offer from an organization that he knows. He might click on it and provide confidential information, perhaps to log-in to the website. In reality, the message is not from the actual organization, and he has given his credentials to the actual site to the spear-phisher.


Spider

A spider is a program that visits Web sites and reads their pages and other information in order to create entries for a search engine index. All major search engines on the Web have these kinds of programs, which are also known as "crawlers" or a "bots". Spiders are usually programmed to visit sites that have been marked by their owners as fresh or modernized.


Spoofs

A spoofing attack is when a malicious party impersonates another device or user on a network in order to launch attacks against network hosts, steal data, spread malware or bypass access controls.


Spyware

Spyware is software that can be installed on a computer system or computer device without the device user's knowledge. The software allows the installer to directly obtain or convert information from a computer and to transmit all that data to their own hard drive.


Statute of Limitations

A statute of limitations is a law that sets the maximum time the parties involved have to initiate legal proceedings from the date of an alleged offense, whether civil or criminal. However, cases involving serious crimes, like murder, typically have no maximum period under a statute of limitations.


Stealing

Stealing is the action that occurs when someone takes possession of another person's identity, posessions, or information without any legal rights and without any permission, without any intention of returning it. In computer system the stealing means the unauthorized or illegal copying, sharing or usage of copyright-protected software programs. Software theft may be carried out by individuals, groups or, in some cases, organizations who then distribute the unauthorized software copies to users.


Stealing or providing business secrets

Stealing business secrets is the act of accessing a business's confidential information and revealing it to people who are not properly authorized to see that information. Intellectual property theft is a kind of stealing of business secrets.


STR (Suspicious Transaction Report)

A suspicious transaction report (STR) refers to the information demanded by the Internal Revenue Service (IRS) from banks and other financial institutions regarding suspicious transactions. It provides a report of the financial flows and other information related to the money flows in a regulated private sector.


Supervised Machine Learning

Supervised machine learning is the machine learning task of learning a function that maps an input to an output based on example input-output pairs. It infers a function from labeled training data consisting of a set of training examples.


Sweepstakes Scam

Sweepstakes scams are when a company or fraudster tells someone they have won a sweepstakes prize, but that as the winner they must first pay a fee to insure delivery of their prize. The winner may pay and then never recieve anything.


Sweetheart scam

A sweetheart scam is a situation where a scammer will pretend to be romantically interested in somebody, with the intention of learning their personal information so that they may commit fraud with it.


Swindling

The term 'swindler' refers to a person who takes advantage of others through deceit. Swindling is a crime committed by a person who defrauds another, causing the victim to suffer damage, by means of unfaithfulness or abuse of confidence. Swindling can be committed by a group of people or an individual involved in defrauding actions in order to get financial benefits or property by exploitation or fraud.


Synthetic identity

A synthetic identity is created by using a combination of fabricated credentials, leading to a fake identity that is not associated with an actual, real person. Fraudsters may create synthetic identities using potentially valid social security numbers (SSNs) with accompanying false personally identifiable information (PII).


Synthetic Identity Creation

Synthetic Identity Creation (SIC) represent the process of creating a false identity. Synthetic Identity Creation (SIC) as a generic term shows how fraudsters collect information about real people and manipulate their identities with false and fabricated information to ensure the creation of a new identity, which is assigned to no actual real-life person.


System integrator

A systems integrator (or system integrator) is a person or company that specializes in bringing together component subsystems into a whole and ensuring that those subsystems function together, a practice known as system integration. They also solve problems of automation.


Tax Identity Theft

The term "tax identity theft" represents fraud made by someone to get advantages in tax returns and tax payments. Tax-related identity theft occurs when someone uses your stolen Social Security Number to file a tax return claiming a fraudulent refund. People create false identity by using the personal information of another person to demand a fraudulent tax return. The only way to detect this kind of fraud is a notice from IRS (The Internal Revenue Service).


Tech Support Scams

A technical support scam refers to a type of telephone fraud, where a scammer claims to be able to provide a legitimate technical support service, frequently through cold calls to innocent users, with the hopes of eliciting a payment without completing the services requested. These calls are mostly targeted at Microsoft Windows users, with the caller often claiming to represent a Microsoft technical support department.


Technology Theft

High technology crimes (or cybercrimes) are generally defined as any type of illegal activity that makes use of the internet, a private or public network, or an in-house computer system. Technology theft can be described as a scheme where different activities are conducted by one or more thieves, in order to steal techniques, resources, or devices, with the aim of obtaining personal benefits from those actions.


Telecommunication fraud

Telecommunication fraud is the theft of telecommunication services (such astelephones, cell phones, computers and so on) or the use of telecommunication service to commit other forms of fraud. Victims of the fraud include consumers, businesses and communication service providers.


Theft of Assets

Theft of assets refers to the actual theft of a person or entity's assets. Causing an organization to pay for goods and services not actually received (for example fictitious vendors or employees) or using an organization's assets for personal use are types of theft of assets.


Theft of Checks

Check theft involves stealing, and usually cashing, the check of another. Check theft may also refer to receiving goods or services by passing a bad check which is noncollectable due to insufficient funds or closed account. Penalties for this fraud vary by state.


Threat

A threat is any condition or event that may negatively influence managerial operations (include assignment, purpose, picture, or status), organizational resources, or individuals through an information scheme by using illegal access, devastation, confession, alteration of information, and/or rejection of service.


Timecard Tampering

Timecard Tampering, also known as time sheet or time card fraud, is when an employee puts down hours they did not work and collects payment for them. There are rules and laws in place against it but some employees still try to game the system to get more pay and commit time theft.


Token

A token is a unique frame that is approved from node to node about a ring system, it is a sequence of bits passed continuously between nodes in a fixed order and enables a node to transmit information. When it gets to a node that requires transmitting data, the node modifies the token into a data frame and transfers it to the receiver. A token is fundamental to the internal workings of a token ring network.


Tokenization

Tokenization is the process of replacing sensitive data with unique identification symbols that retain all the essential information about the data without compromising its security. Tokenization, which seeks to minimize the amount of data a business needs to keep on hand, has become a popular way for small and mid-sized businesses to bolster the security of credit card and e-commerce transactions while minimizing the cost and complexity of compliance with industry standards and government regulations.


TOR

TOR is a free and open-source software that allows anonymous web surfing and protecting against traffic analysis. The name comes from an acronym for a software project named "The Onion Router." The browser uses exit relays and encrypted tunnels to hide user traffic within the network.


Transaction Authentication Number

A transaction authentication number (TAN) is used by some online banking services as a form of single use one-time passwords (OTPs) to authorize financial transactions. TANs are a second layer of security above and beyond the traditional single-password authentication.


Travel

Travel is defined as the progress of people between two distant locations. Travel could be done by foot, bicycle, vehicle, train, boat, bus, airplane, ship or further means, with or without baggage, and could be one way or round trip.


Triangulation Fraud

Triangulation fraud denotes that there are three individuals who play a role in the purchase of the order. An unsuspecting customer places an order on an auction or marketplace using some form of credit, debit, or PayPal tender, a fraudulent seller who receives that order and then places the order for the actual product with a legitimate eCommerce website using a stolen credit card, and a legitimate eCommerce website that then processes the criminal’s order.


True Negative

True negative, also known as specificity, is the ratio of correctly identified non-fraud cases to total non-fraud cases. A true negative test result is one that does not detect the condition when the condition is absent. It is an outcome where the model correctly predicts the negative class, for example if a disease test correctly identifies a healthy person as not having that disease.


True Positive

A “true positive” occurs when something innocent is wrongly deemed suspicious. Card issuers have developed sophisticated, automated fraud detection systems that work by detecting activities and patterns associated with fraud, but these systems don't work perfectly.This differs from false positives, which are negative results that a system incorrectly marks as positive.


Trust

A trust is a fiduciary connection where one person places some type of trust, confidence, or reliance on another person. The person who is delegated that trust and confidence would then have a fiduciary duty to act for the benefit and interest of the other party. The party who owes a duty to act for the best interest of the other party is called the fiduciary. The party to whom the duty is owed are called principal. The main purpose for fiduciary connection is to establish an honest and trusted relationship between two parties where one party can rely and be confident that the other person is working for their interest and are not using their power for their own interest or the interest of a third party.


Trusted Third-Party

In cryptography, a Trusted Third-Party (TTP) is an entity which facilitates interactions between two parties who both trust the third party; the Third Party reviews all the critical transaction communications between the parties. TTPs are ordinary in profitable transactions, cryptographic digital transactions, and in cryptographic protocols.


Two tier affiliate program

In a two-tier affiliate program, or a multi-tier program (two or more levels), the first tier of commission is the same as in a regular affiliate program. The only difference is the additional tier(s), whereby marketers also earn a commission on sales generated by people they referred to the program.


U2F (Universal 2 Factor)

U2F or Universal 2-Factor Authentication is a form of 2-factor authentication, in which the user completes a login process using a physical device as one form of verification to prove their identity and be granted access. U2F devices are physical security keys in and are usually combined with one of the other two major authentication factors: 1) something a user knows (such as a password or the answer to a question) or something the user is (such as a unique biometric marker like a fingerprint) - in order to grant access to a system. The benefit of a physical key over its counterparts, usually software-based keys, is that software keys, which generate one-time passwords delivered by phone or email, are known to be vulnerable to phishing attacks.


Unauthorized Disbursements

A disbursement is a payment made on behalf of another person for which reimbursement in the future is expected. An unauthorized disbursements could be defined as an amount of disbursements or expenditures made without any authorized approval. Unauthorized disbursements include five type of categories which are; check tampering, billing schemes, payroll schemes, register disbursements, and also expense reimbursement schemes.


Unauthorized use of assets

Unauthorized use of assets describes the intentional, illegal use of the property or funds of another person for one's own use or other unauthorized purpose, particularly by a public official, a trustee of a trust, an executor or administrator of a deceased person's estate, or by any person with a responsibility to care for and protect another's assets.


Underdelivery

It is the delivery of less impressions, visitors, or conversions than contracted for a specified period of time. Underdelivery can occur for a variety of reasons. A site or network may experience an unexpected drop in traffic. Low CPM campaigns may be bumped for high CPM campaigns. Pay-for-performance may be bumped for any CPM campaigns, plus there is the added risk that the creative units fail to generate the anticipated level of response.


Unique Identity

A unique identifier (UID) is a numeric or alphanumeric string that is associated with a single entity within a given system. Unique identifiers can be assigned to anything that needs to be distinguished from other entities, such as individual users, companies, machines or websites.


Unsupervised Machine Learning

Unsupervised machine learning algorithms infer patterns from a data set without reference to known, or labeled, outcomes. Unlike supervised machine learning, unsupervised machine learning methods cannot be directly applied to a regression or a classification problem because you have no idea what the values for the output data might be, making it impossible for you to train the algorithm the way you normally would. Unsupervised learning can instead be used to discover the underlying structure of the data.


URL

URL stands for Uniform Resource Locator, and is used to specify addresses on the World Wide Web. A URL is the fundamental network identification for any resource connected to the web (e.g., hypertext pages, images, and sound files). The domain name is the computer on which the resource is located.


URL spoofing

URL spoofing is the process of creating false or fake URLs which pose as another website. The spoofed URL or website address appear to be very similar to the original, actual URL, but in reality redirects the user to a 'booby trapped' website.


Utility fraud

Utility fraud is when a person fraudulently uses someone else's name or identity to order water, gas, cable or other types of services. Cable fraud is the most commonly committed utility scam.


Validation

Validation describes the process of ensuring that something is being completed in the way it is meant to be completed, and by somebody who is meant to be doing that action. There are many kinds of validation involved in fraud prevention and cybersecurity, most generally in the context of log-in information being confirmed (or rather, validated) as accurate.


Velocity Filters

Velocity filters are a critical tool in fraud prevention efforts. Their function is to observe the precise information parts (such as e-mail address, telephone number, billing number and even shipping addresses) and to limit the number of transactions that a website could process in a given period of time (one hour, one day) using this information.


Velocity of Money

The velocity of money is a measurement of the rate at which money is exchanged in an economy. It is the number of times that money moves from one entity to another. It also refers to how much a unit of currency is used in a given period of time. Simply put, it's the rate at which consumers and businesses in an economy collectively spend money.


Verified by Visa (VBV)

Verified by Visa (VBV) is a free program offered by Visa that gives you an added level of protection and offers ease of mind intended for online shoppers. It is a password-protected authentication scheme intended to verify the identity of the cardholder once a Visa card is used online. By requesting a password which is recognized only by the cardholder, the bank can verify that the authentic cardholder is inflowing their card details into an e-commerce website.


Virus

A computer virus is a kind of malevolent software or a piece of code that, when executed, is capable of copying itself and typically has a detrimental effect, such as corrupting the system or destroying data. When this replication succeeds, the areas are then said to be "infected" with a computer virus.


Vishing

Vishing, or voice-phishing, is the fraudulent practice of making phone calls or leaving voice messages purporting to be from reputable companies in order to induce individuals to reveal personal information, such as bank details and credit card numbers. The term is a combination of "voice" and "phishing." Vishing attacks are intended to produce scare the victim into acting quickly and therefore happen within short time frames.


Voice Authorization

Voice Authorization is a security measure used by the credit card industry to ensure that a particular purchase is being authorized by the actual card-holding customer and not someone else. Merchants only incur this fee if a Voice Authorization is initiated, and for most merchants it is a rare occurrence.


Voice Over IP

Voice over Internet Protocol (VoIP), also called IP telephony, is a method and set of technologies for the transfer of voice communications and multimedia sessions over Internet Protocol (IP) networks, such as the Internet. The terms Internet telephony, broadband telephony, and broadband phone service specially submit to the provisioning of communications services (voice, fax, SMS, voice-messaging) over the public Internet, rather than through the public switched telephone network (PSTN).


Web Browser

A web browser is a software program that allows a user to locate, access, and display web pages. Browsers are used primarily for displaying and accessing websites on the internet, as well as other content created using languages such as Hypertext Markup Language (HTML) and Extensible Markup Language (XML).


Whois

WHOIS (pronounced "who is") is an Internet service used to look up information about a domain name. Whenever an individual or organization registers a new domain name, the registrar is required to make the registration information publicly available.


Wire Fraud

Wire fraud can be defined as an online fraud based on promises. In this fraud a person conducts a plan or scheme to attain a sum of money by blackmailing the other person, or by otherwise convincing them to send the fraudster money. The main communication methods used for this purpose are phone call, fax, email, text , or any social media source used to contact any other person.


Work-from-home scam

A work-from-home scheme describes when a fraudster makes an offer to a victim to work from home for a very good amount of money. The fraud truly takes place when the fraudster attempts to illicit money from the victim, generally to pay something like an up-front fee to get the job in the first place.


Workers' Compensation Fraud

Workers’ Compensation fraud occurs when someone willfully makes a false statement or conceals information in order to receive workers' compensation benefits or prevents someone from receiving benefits to which they might be entitled.


Workflows

Workflow is the definition, execution and automation of business processes, where tasks, information and documents are passed from one person to another for actions according to a set of procedural rules. It involves work by one or more people, and transforms materials, information or services. Fruad.net’s workflow queue manager sends suspicious transactions to review agents to deliver appropriate transaction resolutions.


Write-Off Schemes

A write-off is an accounting action that reduces the value of an asset while simultaneously debiting a liabilities account without having proper approval. It is primarily used in its most literal sense by businesses seeking to account for unpaid loan obligations, unpaid receivables, or losses on stored inventory. Generally it can also be referred to broadly as something that helps to lower an annual tax bill.