Card issuers have massive computer systems that handle transaction processing. These companies also have some very advanced and large scale fraud detection systems.
Every time a credit card is reported as stolen, a huge amount of past data about that card is put into a big database. This database of pre-fraud activity is used in a large algorithm to look for similarities, which can signal the origination of stolen or lost credit card numbers. Since Visa and MasterCard have access to billions of transactions worth of information, they can screen for events that may signal that a business is losing card numbers.
If you were to greatly simplify this system and a map from it, it would look something like this:
In this case, the similarity is a single business where all of the stolen credit cards had been used before the cards had been involved in fraudulent activity. This could potentially be the sign of an employee skimming card numbers, or a breach in a database. There are always going to be coincidences involving data on a large scale, but because of the scale, it’s very difficult to end up with false positive fraud once a margin of error is established.
Let’s assume there isn’t any conclusive evidence that cards were stolen from a single business. Issuers are also looking at the processor a business is using. If there is a common processor or processing network that many businesses are using, it could be a signal of a data breach on a processor level.
The similarity in this case is the processor that many of the businesses were using. This is basically how the Heartland breach was discovered. Unfortunately, the only companies that can see fraud like this are ones that have access to huge amounts of past card usage. Their computer systems basically load billions of pieces of data about transactions, the businesses that accepted a customer’s card, and the processors who processed them. When enough lines meet up at a single point, there’s a chance that something happened there. It really doesn’t matter where in the process of a transaction the lines all cross, just that they do cross.
Keep in mind that these diagrams are grossly simplified, think a billion times simplified. But, it’s easy to see that if you have the right data and know what to look for, fraud can be easy to spot.