Fresh Hacker News | SQL patterns I use to catch transaction fraud

▲SQL patterns I use to catch transaction fraud(analytics.fixelsmith.com)

61 points by redbell 6 hours ago | 6 comments

▲jstanley 59 minutes ago

> Real cardholders almost never buy something for exactly $1.00. Coffee is $4.73, gas is $52.81. The roundness is the signal.

Surely this depends on how the vendor sets their prices? If you're going to buy something from a website to test a stolen credit card you don't just get to make up your own prices.

And I think you may be over-indexing on the US "prices don't include tax" thing. Elsewhere, round-number prices are extremely common.

In fact a lot of the rest of the stuff in the post seems like it wouldn't work very well either. (E.g. you're flagging anyone who has done a transaction in the last 90 days outside the range of hours at which they have 2+ transactions? Wouldn't that be like 50% of people?).

It's unclear to me whether this article is an attempt at breaking down complex expertise into over-simplified SQL queries, or whether it is all speculative and made up.

There is a conflict between "Six SQL patterns I use to catch transaction fraud" and "Nothing here comes from anything I’ve actually worked on or seen".

▲normie3000 32 minutes ago

Worse than that.

Coffee usually _is_ a round number in my experience, and I know of people who aim for round numbers when filling their car, and of fuel stations which require a pre-set value, often 10, 20, 50€ etc

▲0cf8612b2e1e 22 minutes ago

  If a card swipes in Chicago and seven minutes later swipes in Los Angeles, one of those swipes is fake.

How does this work with online shopping? When I am sitting on the couch and buy from Amazon, where does the address get registered?

Can also imagine an edge case: couple shares an online account, one is traveling and purchases with the saved card details.

▲teraflop 13 minutes ago

Swiping a card (or inserting, or tapping) is a "card present" transaction. Online shopping, where you type in the card number, is a "card not present" transaction. Retailers and banks can tell the difference.

▲thedebuglife 13 minutes ago

They can tell based on transaction metadata. Source: I worked at a cc company

▲rootusrootus 14 minutes ago

I believe the system distinguishes between card present and card not present.

▲crmd 53 minutes ago

> Drawback: this doesn’t work until you have history. New accounts have no baseline.

This is an underrated CX factor: If my card gets denied when i’m a new customer or exhibiting a new pattern, i’m impressed with their software.

However if they deny a transaction where there is any previous history of me authenticating, then I’m frustrated by their naive paranoid algorithm.

▲maciekkmrk 32 minutes ago

What if I go on a roadtrip and suddenly get gas at 2am?

▲sincerely 32 minutes ago

This is quite interesting, but the blatantly AI generated explanations are like an anti-signal for quality

▲achierius 32 minutes ago

This seems interesting, but has so many signs of AI writing that I worry it's not just edited but generated from whole cloth. Probably still a lot of truth in there but it does give me pause!

> The roundness is the signal.

> Slight pain, same result.

to point at a few.