Mitigating Fraud
Fraud Prevention Strategy
As a bank-holding company and state member bank, Green Dot has a fraud program dedicated to protecting customer finances, detecting and preventing fraud, and verifying individuals who wish to open an account via our Customer Identification Program (CIP). Green Dot implements tools and processes to mitigate identity theft, unauthorized account activity, and other risk-based vulnerabilities, using a combination of both in-house and third-party solutions. To view KYC and IDV Best Practices, click here.
Green Dot manages all fraud functions for BaaS programs, including:
- Establishing and implementing a fraud prevention strategy
- Setting and updating fraud rules: rules may decline suspicious transactions in real-time and, in some cases, place a block on the account and/or card and prompt for additional verification
- Selecting and operating fraud systems; and
- Providing fraud reporting
Customer Identification Program (CIP)
In full compliance with the requirements of the U.S. Patriot Act and Bank Secrecy Act (BSA), Green Dot collects, at a minimum, the following information from all potential accountholders prior to activating an account:
- Name
- Date of Birth
- Residential Address
- Social Security Number and ITIN
In addition to regulatory requirements, Green Dot has developed and implemented an enhanced CIP process with additional verification tools, including conducting multiple identity checks and collecting mobile number and e-mail information, to assist in identifying and monitoring any suspicious identities or behavior.
Fraud Reporting
During the implementation phase, Green Dot will provide you with a fraud reporting template which will set forth the regular reporting you will receive on aggregate fraud trends and metrics.
If you would like further information on Green Dot’s fraud operations, please speak to your program manager.
Post-Registration Negative Match
During account registration, Negative Match processing is performed on the customer’s SSN, phone Number, email, and address attributes. After registration, when the account has already passed CIP and is active, if the customer changes any of those attributes (except SSN, which cannot be changed after an account has already been opened), no further Negative Match processing occurs. This is when fraud can and does occur.
To mitigate fraud, when a customer attempts to change a phone number, an email, or an address after an account is active, the Fraud service checks the customer’s change request against Negative Match. If any change attribute is on Negative Match, the Fraud service triggers Core, Gateway, and other upstream layers to perform the following in real-time:
- Decline the change request.
- Display, on the customer’s device, a generic decline message indicating the request was declined and that the account is now temporarily blocked pending additional verification.
- Lock the account with a "manual" cure.
Next, CRM creates a Fraud Referral Case for the FraudOps team, which performs the following:
- Reviews and resolves the case within a two-business day SLA, at which time they can decide whether to keep the account blocked, unblock it, prompt additional cure, etc.
- Applies any desired account status change via CRM or Strike3.
Finally, Status Reason Code “FR-POTF” (Potential fraud) is logged in the database and passed to CRM. This makes agents and analysts (i.e., the BSA/AML team) aware of the post-reg neg match trigger in case they would like to conduct any further reviews.
Fraud Status Reason Code
If an error occurs during Negative Match processing, the following status reason is returned.
- statusReasonCode = FR-POTF
- Description = Potential Fraud
Response
{
"responseDetails":[
{
"code":5,
"subCode":110,
"description":"Negative Decline",
"url":"http://tbd"
}
]
}
Fraud State Vs. Features Matrix
Account status reasons with an asterisk are deprecated.
Account Status | Account Status Reason | Cure | Comments | Can Replace (Y/N) | Can Activate (Y/N) |
---|---|---|---|---|---|
normal | healthy | healthy | Y | Y | |
pending | registrationNotComplete | IDV | This is during registration when KYC fails but OFAC passes. No paymentInstruments or cards have been created yet. | N | N |
locked | registrationFailed | none or manual | This is during registration when KYC fails without a cure. The cure will be manual if OFAC also failed. No paymentInstruments or cards have been created yet. | N | N |
locked | registrationNotComplete | IDV | This is during registration when OFAC fails but KYC is curable. If IDV passes, then the cure would transition to manual for OFAC review. No paymentInstruments or cards have been created yet. | N | N |
locked | registrationNotComplete | manual | This is during registration when OFAC fails but KYC passed. No paymentInstruments or cards have been created yet. | N | N |
restricted | potentialFraud | IDV (default or manual) | This is after registration. Card is still functional but all transfers (including cash reload and ACH In) will be declined. Direct Deposit will still work. | Y | Y |
locked | potentialFraud* potentialThirdPartyFraud potentialAccountTakeover potentialIdentityTheft potentialOtherFraud | IDV (default, manual, or none) | Example: Account Takeover - All functionality is blocked if account status is locked. However, account status is still curable. | N | N |
locked | confirmedFraud* confirmedFirstPartyFraud confirmedThirdPartyFraud confirmedAccountTakeover confirmedIdentityTheft confirmedOtherFraud | none (default) | This is after registration and the card will also be locked. All transfers, cash reloads, and direct deposits will be declined. There is no cure. | N | N |
restricted | customerInitiatedSpendDown | none | Customer has asked to close the account. Inbound transfers, including direct deposits, will be declined. Outbound transfers such as ACH out, spend, and ATM withdrawals are still allowed. | Y | Y |
restricted | spendDown | none (default) | Accounts can only be placed into spendDown by the Green Dot fraud team for fraud related reasons. Same restrictions as above apply. | Y | Y |
normal, restricted, locked | changedByCSR | manual (default, healthy, IDV, or none) | An authorized user (fraud agent) can temporarily change the status of an opened account. | Normal = Yes Locked = No Restricted = Yes | Normal = Yes Locked = No Restricted = Yes |
closed | bankInitiatedClosed or customerInitiatedClose | n/a | The account was officially closed at some point. All transfers and activities are prevented, but users can still retrieve statements and transactions. | N | N |
If Status = Normal: All features are allowed
- If Status = Pending or Locked: No state changing features are allowed.
- Note: If there is a cure, then KYCGates may still be used. When an account is locked, access to the retrieval APIs is still allowed; however, guidance should be sought from a partner’s onboarding contacts.
- If Status = Closed: See Closed Accounts for details.
- If Status = Restricted: See below tables.
Money Movement Features & Statuses
Feature | Statuses = Restricted and statusReason = 'Spend Down' or 'Customer Initiated Spend Down' | Status = Restricted and statusReason = ‘Change by CSR’ | Status = Restricted and statusReason = ‘Potential Fraud’ |
---|---|---|---|
ACH Out | Allow | Deny | Deny |
ACH Pull | Deny | Deny | Deny |
BillPay | Allow | Deny | Deny |
Direct Deposit | Deny Credit Allow Debit for 'Customer Initiated Spend Down' | Deny DD credits. Deny DD Debits | Allow DD credits. Deny DD Debits |
Debit Card In (IFT) | Deny | Deny | Deny |
Debit Card Out (IFT) | Allow | Deny | Deny |
E-Cash | Deny | Deny | Deny |
P2P Send | Allow | Deny | Deny |
P2P Receive | Deny | Deny | Deny |
Cash Reload | Deny | Deny | Deny |
Spend (Debit and Credit) & ATM Withdrawal | Allow (but subject to change for credits) | Allow | Allow |
Vault/Savings Purses | GD moves $ to Acct Balance for spend down | Deny | Deny |
Non-Money Movement Features & Statuses
Feature | Statuses = Restricted and statusReason = 'Spend Down' or 'Customer Initiated Spend Down' | Status = Restricted and statusReason = ‘Change by CSR’ | Status = Restricted and statusReason = ‘Potential Fraud’ |
---|---|---|---|
Account Profile Mgmt | Allow | Allow | Allow |
Lock Card | Allow | Allow | Allow |
Change PIN | Allow | Allow | Allow |
Card Replacement | Allow | Allow | Allow |
Activate Card | Allow | Allow | Allow |
Webhooks | Allow | Allow | Allow |
Rules for Determining Statement Dates
The Statement Period runs from the Billing Cycle Date to the day prior to the Billing Cycle Date of the following month.
If the account was activated between the 1st and 28th of a month, the Billing Cycle Date is based on the date the account was activated.
If the account was activated on the 29th, 30th or 31st of a month, then the Billing Cycle Date is the 1st.
The statement period is based on the end date of the statement.
Statements are made available 3 calendar days after the Billing Cycle Date. This is to allow enough time for any posts to be reconciled.
Examples
If an Account was Activated on 8/24 then:
Billing Cycle Date is the 24th
September Statement would run from Aug. 24th to Sept. 23rd
September Statement would be available, and the notification would be published on Sept. 27th
If an Account was Activated on 8/29 then:
Billing Cycle Date is the 1st
August Statement would run from Aug. 29th to Aug 31st
September Statement would run from Sep. 1 to Sep 30th.
September Statement would be available, and the notification would be published on Oct. 4th
eStatement Logo Requirements
To enable an eStatement logo, you must provide Green dot with a copy of the desired logo to be configured.
Requirement Type | Requirement |
---|---|
Preferred Format | PNG |
Background | Transparent |
Max Image Height (vertical px) | 45px |
Max Image Width (horizontal px) | 250px |
Minimum Resolution (px) | There is no minimum, but we do recommend 500 px for simple logos and 1000px for more complex ones. |
Green Dot Google Pay Email Example
Device Statuses
Statuses include the following:
active
suspended
deactivated
deleted
inactive
resume
tokenizationException
replacement
eWallet - Initial Provisioning Flow
eWallet - Status Update Flows
Updated 10 months ago