14,921 research outputs found
Electronic fraud detection in the U.S. Medicaid Healthcare Program: lessons learned from other industries
It is estimated that between 850 billion annually is lost to fraud, waste, and abuse in the US healthcare system,with 175 billion of this due to fraudulent activity (Kelley 2009). Medicaid, a state-run, federally-matchedgovernment program which accounts for roughly one-quarter of all healthcare expenses in the US, has been particularlysusceptible targets for fraud in recent years. With escalating overall healthcare costs, payers, especially government-runprograms, must seek savings throughout the system to maintain reasonable quality of care standards. As such, the need foreffective fraud detection and prevention is critical. Electronic fraud detection systems are widely used in the insurance,telecommunications, and financial sectors. What lessons can be learned from these efforts and applied to improve frauddetection in the Medicaid health care program? In this paper, we conduct a systematic literature study to analyze theapplicability of existing electronic fraud detection techniques in similar industries to the US Medicaid program
Data mining for detecting Bitcoin Ponzi schemes
Soon after its introduction in 2009, Bitcoin has been adopted by
cyber-criminals, which rely on its pseudonymity to implement virtually
untraceable scams. One of the typical scams that operate on Bitcoin are the
so-called Ponzi schemes. These are fraudulent investments which repay users
with the funds invested by new users that join the scheme, and implode when it
is no longer possible to find new investments. Despite being illegal in many
countries, Ponzi schemes are now proliferating on Bitcoin, and they keep
alluring new victims, who are plundered of millions of dollars. We apply data
mining techniques to detect Bitcoin addresses related to Ponzi schemes. Our
starting point is a dataset of features of real-world Ponzi schemes, that we
construct by analysing, on the Bitcoin blockchain, the transactions used to
perform the scams. We use this dataset to experiment with various machine
learning algorithms, and we assess their effectiveness through standard
validation protocols and performance metrics. The best of the classifiers we
have experimented can identify most of the Ponzi schemes in the dataset, with a
low number of false positives
The changing nature of U.S. card payment fraud: industry and public policy options
As credit and debit card payments have become the primary payment instrument in retail transactions, awareness of identity theft and concerns over the safety of payments has increased. Traditional forms of card payment fraud are still an important threat, but fraud resulting from unauthorized access to payment data appears to be rising, and we are only beginning to get a sense of the dimensions of the problem. ; Thus far, the role of public policy has been to encourage the card payment industry to limit fraud by developing its own standards and procedures. Whether this policy stance is sufficient depends on the effectiveness of industry efforts to limit fraud in light of the dramatic shift toward card payments. ; Sullivan provides an overview of card payment fraud in the United States. He develops a preliminary estimate of the rate of U.S. card payment fraud and suggests that such fraud is higher than in several other countries for which data are available. The U.S. payment industry is taking steps to combat payment fraud, but progress has been slowed by conflicts of interest, inadequate incentives, and lack of coordination. Thus, policymakers should monitor the card payment industry to see if it better coordinates security efforts, and if not, consider actions to help overcome barriers to effective development of security.
Chip and Skim: cloning EMV cards with the pre-play attack
EMV, also known as "Chip and PIN", is the leading system for card payments
worldwide. It is used throughout Europe and much of Asia, and is starting to be
introduced in North America too. Payment cards contain a chip so they can
execute an authentication protocol. This protocol requires point-of-sale (POS)
terminals or ATMs to generate a nonce, called the unpredictable number, for
each transaction to ensure it is fresh. We have discovered that some EMV
implementers have merely used counters, timestamps or home-grown algorithms to
supply this number. This exposes them to a "pre-play" attack which is
indistinguishable from card cloning from the standpoint of the logs available
to the card-issuing bank, and can be carried out even if it is impossible to
clone a card physically (in the sense of extracting the key material and
loading it into another card). Card cloning is the very type of fraud that EMV
was supposed to prevent. We describe how we detected the vulnerability, a
survey methodology we developed to chart the scope of the weakness, evidence
from ATM and terminal experiments in the field, and our implementation of
proof-of-concept attacks. We found flaws in widely-used ATMs from the largest
manufacturers. We can now explain at least some of the increasing number of
frauds in which victims are refused refunds by banks which claim that EMV cards
cannot be cloned and that a customer involved in a dispute must therefore be
mistaken or complicit. Pre-play attacks may also be carried out by malware in
an ATM or POS terminal, or by a man-in-the-middle between the terminal and the
acquirer. We explore the design and implementation mistakes that enabled the
flaw to evade detection until now: shortcomings of the EMV specification, of
the EMV kernel certification process, of implementation testing, formal
analysis, or monitoring customer complaints. Finally we discuss
countermeasures
Payments fraud : consumer considerations
This article examines the potential for fraud associated with various "traditional" payment methods and the protective measures that consumers should take when using them.Payment systems ; Checks ; Credit cards
- …