Fraud Prevention, Dispute Resolution and PCI-DSS Masterclass

About Fraud Prevention, Dispute Resolution and PCI-DSS Masterclass

THE ULTIMATE PAYMENT SYSTEM FRAUD/DISPUTE MASTERCLASS

You'll find this ultimate masterclass contains two courses on payment system fraud and dispute:

_Fundamentals of Fraud Prevention and Monitoring_ ;

_Introduction to Payment Dispute Resolution_ ; Together in this masterclass, you'll find

the definitive experience

for any payment professional that wants to diagnose and address any type of payment issue. You will learn about dispute frameworks, fraud prevention tools and systems, internal processes, and more.

Much more

.

WHY FRAUD PREVENTION?

If you want to understand how fraud is committed, or how disputes are resolved, you'll see it's not that easy. You'll find countless fraud techniques to take into account. You'll learn that perpetrators can be of different types and use different approaches. And you'll soon get to know that disputes can come in many shapes and sizes, and due to many different reasons. If you're aiming to know more about fraud prevention an dispute resolution - whether as a fraud monitoring professional, a payments professional, a commercial banker, or any other type of professional that wants to master the theory and practice of both, you'll agree that finding the right information is crucial. Unfortunately, most fraud prevention or dispute resolution courses you'll find nowadays

don't fit the minimum requirements

. Either the information you come across is too academical and not something you can put into practice, or there are no specific examples, or information is just missing! In a world where information must be constantly updated, you'll hardly find a reliable, comprehensive information source for fraud and disputes And this has consequences not just for your career, but yourself personally as well. What happens when you don't have enough information (or the adequate format)?

You'll become confused by the myriad fraud prevention techniques and types of systems, or the myriad dispute resolution frameworks;

You won't be able to properly identify when to use a certain technique to prevent a certain type of fraud of manage a certain dispute;

You'll become frustrated and irritated that you don't know why a system works, or why it doesn't;

You won't be able to properly identify why a fraud detection technique works, or whether a dispute resolution process works or not;

You won't know how to optimize a specific fraud prevention solution (or why it's not optimized), or a dispute resolution process - both in terms of people and machine problems; So if you want to know everything about fraud and disputes, what is my proposed solution?

This new course masterclass

, of course!

THE ULTIMATE FRAUD AND DISPUTE PREVENTION COURSE

Unlike other fraud prevention or dispute resolution courses you'll find out there, this course is

comprehensive and updated

. In other words, not only did I make sure that you'll find more topics (and more in-depth) than other courses you may find, but I also made sure to keep the information relevant to the types of fraud and disputes you'll find nowadays. Because both fraud prevention systems and dispute resolution workflows seem complex, but they rely on simple principles and practices. In this course, you'll learn about the essentials of

how fraud is both performed and prevented

, as well as

how disputes and chargebacks are initiated, as well as managed

. Information that comes both from the principles and theory present in the finance world, but also my own experience and insider knowledge, working with multiple institutional banks. In this

11-hour+ masterclass

, you'll find the following modules: _Introduction to Fraud Prevention and Monitoring (~4 hours)_

You'll learn about the

Fundamentals of Fraud

(who are the perpetrators, how they obtain information, and how they commit fraud);

You'll get to know the main

Approaches to Fraud

(including general approaches of obtaining and using information, from identity theft, to convenience fraud, social engineering and more, specific techniques such as cash return fraud or card block fraud, and the different types of perpetrators);

You'll learn about all possible

Fraud Prevention

Techniques

(individual techniques to prevent fraud including hotlists, velocity checks, and many others);

You'll learn about full

Fraud Prevention

Systems

(how complete fraud prevention solutions are assembled and maintained, and best practices of doing so); _Introduction to Dispute Resolution (~2.5 hours)_

You'll learn the

Fundamentals of Disputes

(how they occur, which parties are involved);

You'll get to know the

ADR

or Alternative Dispute Resolution

framework (negotiation, mediation and arbitration, and when each should be used);

You'll learn what

ODR or Online Dispute Resolution

is (its context, steps, and implementations);

You'll get to know the principles of

Dispute Resolution in Merchant Banking

(how banks should deal with merchant disputes, process flow, and more);

You'll learn about all major

Chargeback Reason Codes

(an extensive list of the major categories of chargeback reason codes, from fraud to processing errors, authorization errors or consumer disputes, as well as guidelines for both banks and merchants); _Fundamentals of PCI-DSS (~5 hours)_

You'll learn about the

Essentials

of PCI-DSS (assessment process, history, goals, etc);

You'll learn about the

12 Requirements

of PCI-DSS v.3.2.1, and the specific controls demanded by every single one of them; By the end of this course, you will know exactly

how fraud is performed

,

how disputes occur and are resolved

,

how both can be prevented

, in terms of principles and techniques, and

how PCI-DSS compliance can be achieved

. The best of this masterclass? Inside you'll find

all these 3 courses

. In short, even if you only fit one of the three profiles (only fraud, only disputes, only PCI-DSS), you will still have a course dedicated to it! And naturally, if you are interested in multiple of these topics... this is

the ultimate package for you

.

THE PERFECT COURSE... FOR WHOM?

This course is targeted at different types of people. Naturally, if you're any current or future fraud prevention/dispute resolution professional, you will find this course useful. If you're a commercial banker, you'll even fit both criteria. But if you're any other professional that aims to know more about fraud or disputes, you'll also find it useful. More specifically, you're the ideal student for this course if: _Introduction to Fraud Prevention and Monitoring_

You're someone who wants to know more about

fraud execution itself

(how fraud is performed, specific executions, and by whom);

You're someone who is interested in

fraud prevention systems

(how they work, how can they be optimized, what problems usually occur);

You're someone who wants to know about

specific fraud prevention tools

and

how they act in combination

(identity verification tools, technological tools, others, and how they come together);

You're someone who is interested in

the role of both people and systems in fraud prevention

(how to optimize both a system, but also the people working with that system); _Introduction to Dispute Resolution_

You're someone who will directly deal with

dispute management or resolution

;

You're someone who wants to know more about

the different types of dispute resolution

(both litigation and ADR, offline or not);

You're someone who wants to specifically know

how to address disputes involving merchants and cardholders

(as a bank or merchant);

You're someone who wants to know more about

the different types of reason codes for chargebacks

(and how to prevent them); _Fundamentals of PCI-DSS_

You're someone who will directly deal with

PCI-DSS certification

;

You're someone who

regularly deals with card data

and wants to know about the associated security controls;

You're someone in charge of

specific controls

in an organisation that deals with card data (firewall, antivirus, access control, media protection or disposal, etc)

LET ME TELL YOU... EVERYTHING

Some people - including me - love to know what they're getting in a package. And by this, I mean,

EVERYTHING

that is in the package. So, here is a list of

everything that this masterclass covers

: From _Fundamentals of Fraud Prevention and Monitoring_

You'll learn about the

general approaches

to fraud, including convenience, social engineering, internal fraud and identity theft;

You'll learn about how

convenience fraud

works, with easily accessible information that can be used to commit fraud;

You'll learn about how

social engineering

works, manipulating people into giving up confidential information;

You'll learn about how

internal fraud

works, by leveraging internal information to facilitate fraud;

You'll learn about how

identity theft

works, by having enough information about someone to impersonate them;

You'll learn about the

different execution types

of fraud, including consumer fraud, card block fraud, single-use fraud, cash return fraud, collusive and affiliate fraud, and dynamic or morphing fraud;

You'll learn about how

consumer fraud

works, by lying about product characteristics or other elements to obtain returns or cash;

You'll learn about how

card block fraud

works, generating a batch of card numbers and gauging which are insecure, to be later exploited in purchases;

You'll learn about how

single-use fraud

works, by making one single purchase in a merchant (or multiple), being harder to catch;

You'll learn about how

cash return fraud

works, by buying products with a stolen card and returning them for cash;

You'll learn about how

dynamic or morphing fraud

works, by changing fraud execution to bypass fraud detection;

You'll learn about fraud prevention techniques relying on

data verification

, including velocity checks, card verifications, charge and deposit verifications;

You'll learn about how

velocity checks

work, by analyzing the number of times a credit card (or another field) is either used or changed within a given period of time;

You'll learn about how

card verifications

work, such as Mod10, BIN, and/or card security schemes, both for data integrity and identity verification;

You'll learn about how

charge verifications

work (verifying a charge with the bank) and deposit verifications (making a deposit to verify a bank account);

You'll learn about fraud prevention techniques relying on

identity verification

including lists, field verifications, address verifications, manual authentication and automated lookups;

You'll learn about how

lists

work - both hotlists and warm lists of known offenders, but also whitelists for trusted clients;

You'll learn about how

simple field verifications

work for email, age, and others - quick, but not very effective security measures;

You'll learn about how

address verifications

work, for both the billing and shipping addresses (the latter being more complex and expensive, but a lot more secure in terms of preventing fraud);

You'll learn about how

manual authentication

works - by having someone call the client to verify a transaction, or manually search information to verify their identity (usually done by bank staff for KYC requirements);

You'll learn about how

automated lookups

of addresses or phone numbers work, mostly to double-check existing information;

You'll learn about fraud prevention techniques relying on

technology

(device or token identification, digital signatures and/or consumer location);

You'll learn about how

device

or

token identification

works, by using software such as cookies or hardware such as USB dongles, smart cards or biometrics in order to tie a device to a specific person, and authenticate them using that device;

You'll learn about how

digital signatures

work, through asymmetric cryptography, authenticating a transaction through the person's private key;

You'll learn about how

consumer location techniques

work - both in terms of tracking someone's IP or proxy (including VPN), or through their cell phone GPS location;

You'll learn about how

fraud scoring and fraud rules

can work to prevent fraud - appearing to be competing solutions, but actually working well together under certain conditions;

You'll learn about fraud prevention techniques that are actual

processes of institutions

, including insurance, guarantees, manual reviews and representment;

You'll learn about how

insurance and guaranteed payments

work, helping reimburse a merchant in the case of fraud, but representing an overhead in terms of costs and being restrictive in terms of the transactions accepted;

You'll learn about how

manual reviews

by banks help guarantee the authenticity of a transaction, and how representment of information by the acquiring bank can help a merchant, but both with unstable results and high costs;

You'll learn about

technique considerations

when assembling fraud prevention strategies, including determining the risk level of an entity, and the recommended techniques based on it;

You'll learn about considerations in terms of

the usage of fraud data

- fraud rules, fraud scores, and guaranteeing consistency in the database;

You'll learn about considerations in terms of

the processing of fraud data

- making sure that database field changes are documented, and that ETL (Extract, Transform, Load) processes don't ruin the data between operational DB and data warehouse; From _Introduction to Payment Dispute Resolution_

You'll learn about the

essentials of disputes

(contractual vs. non-contractual disputes, payment disputes, issuer and acquirer banks);

You'll learn about how

ADR (Alternative Dispute Resolution)

is and how it differs from litigation;

You'll learn what

the different types of ADR

are (negotiation, mediation and arbitration), as well as the differences between these, and specific implementations of them;

You'll learn about the

ODR (Online Dispute Resolution) framework

, as well as its context and six key principles (accountability, transparency, accessibility, credibility/accreditation, security and enforceability);

You'll learn about

the three major steps

in an ODR process;

You'll learn about

the three major types of ODR tools

(cyber courts, electronic ADR, internal ADR);

You'll learn about

implementations of ODR

(such as blind bidding, cyber mediation, cyber negotiation and cyber arbitration), as well as specific case studies, such as ICANN-WIPO;

You'll learn about

general guidelines

for more efficient dispute resolution as a merchant bank;

You'll learn about

the steps in the lifecycle of a dispute between an issuer and an acquirer bank

, including the retrieval request, chargeback, and second chargeback;

You'll learn about

the conditions under which the payment scheme may become involved

in a chargeback, as well as some measures by them (allocation vs. mediation, pre-arbitration vs. arbitration, liability shifts);

You'll learn about

disputes by different payment systems

: debit cards, credit cards, ACH, prepaid cards, ATM;

You'll learn about

the four major categories of chargeback reason codes

: fraud, authorization errors, processing errors, customer disputes;

You'll learn about the usual types of

chargeback reason codes due to fraud

(not authorised or recognised transactions, fraudulent processing, monitored merchant or monitored card, the EMV liability shift);

You'll learn about the usual types of

chargeback reason codes due to authorization issues

(missing or declined authorisation, card in recovery/lost card/stolen card, invalid authorization information),

You'll learn about the usual types of

chargeback reason codes due to processing errors

(late presentment, invalid transaction code or invalid transaction data, duplicated payment or paid by other means, currency mismatches);

You'll learn about the usual types of

chargeback reason codes due to consumer disputes

(mismatches in terms of goods - counterfeit, misrepresented, not delivered, others - cancelled or incomplete transactions, credit not processed); From _Fundamentals of PCI-DSS_ :

You'll learn about the clarification of all terms used in the PCI-DSS, including what is the CDE, what is CHD, SAD, whether an organisation must take an ROC or SAQ, as well as some "general" payment industry terms such as what is an issuing bank and an acquiring bank;

You'll learn about the history of the PCI-DSS since 2004, with several iterations and its own release lifecycle;

You'll learn about the merchant assessment process, based on their classification from Level 1-4, and how both SAQs and ROCs work, as well as the 8 different types of SAQs, and the types of machines/merchants they target, including the SAQ-A and SAQ-A-EP, the SAQ-B and SAQ-B-IP, the SAQ-C and SAQ-C-VT, the SAQ-P2PE-HW, and finally, the most general SAQ-D;

You'll learn about the anatomy of a payment process, involving a cardholder and a merchant, from authorisation to authentication, clearing and settlement, and the role of the issuing bak, the acquiring bank and the card company;

You'll learn about an overview of all 12 PCI-DSS requirements, as well as their relationship with the 6 goals;

You'll learn all about Requirement 1 (Have a Firewall), including firewall configurations and standards, documentation on network topology and card data flows, setting up a DMZ, rejecting unsecured traffic, and more;

You'll learn all about Requirement 2 (No Defaults), about removing default passwords/accounts/strings from devices, but also isolating server functionality and removing unnecessary ports/services/apps that may present vulnerabilities;

You'll learn all about Requirement 3 (Protect Stored Data), about using strong encryption to protect cardholder data, as well as having proper data retention policies, data purging, as well as masking plaintext PANs, not storing SAD, and using proper key management and key lifecycle procedures;

You'll learn all about Requirement 4 (Protect Transmitted Data), about using strong encryption when transmitting CHD across public networks such as cellular or satellite, as well as masking plaintext PANs in transit, especially across IM channels;

You'll learn all about Requirement 5 (Prevent Malware), about having an antivirus solution on all commonly affected computers in order to prevent malware, as well as access control policies to prevent disabling AV software;

You'll learn all about Requirement 6 (Develop Securely), about doing vulnerability ranking and timely patch installation for both internal and 3rd-party applications, as well as including security requirements in the SDLC, as well as training developers to protect against common exploits such as code injections, buffer overflows and many others;

You'll learn all about Requirement 7 (Need-to-Know Access), about limiting access to CHD by personnel as much as possible, defining permissions by role, and having a formal mechanism for access control to consolidate this, such as LDAP, AD or ACLs;

You'll learn all about Requirement 8 (Identify Access), about tying each action to a unique user, including forcing unique IDs, automatic logouts on inactivity, lockouts on wrong password attempts, removing inactive accounts, limiting third-party access, forbidding the use of shared IDs, forcing physical security measures to be used only by the intended user, and more;

You'll learn all about Requirement 9 (Restrict Physical Access), about authorising and distinguishing visitors, enforcing access control to rooms with CHD, as well as the proper transport, storage and disposal of physical media containing CHD, with different sensitivity levels;

You'll learn all about Requirement 10 (Monitor Networks), about logging. Having a logging solution that is operating, logging specific events (such as all failed operations, all admin operations, all operations on CHD, etc), logging specific elements in each event (such as the user ID, the operation status, the affected resource, etc), as well as having a single time synchronisation mechanism for all logs, FIM (File Integrity Monitoring) on logs, frequent log review and proper log retention;

You'll learn all about Requirement 11 (Test Regularly), about performing regular scans for Access Points (APs), both authorised and non-authorised ones, as well as regular vulnerability scanning and regular penetration testing (from inside and outside, and multiple layers), as well as having FIM (File Integrity Monitoring) on all critical files, as well as having an IDS/IPS (Intrusion Detection/Prevention System) to prevent attacks;

(Rest truncated due to text length limit);

MY INVITATION TO YOU

Remember that you

always have a 30-day money-back guarantee

, so there is no risk for you. Also, I suggest you

make use of the free preview videos to make sure the course really is a fit

. I don't want you to waste your money. If you think this course is a fit and can take your fraud prevention knowledge to the next level... it would be a pleasure to have you as a student. See you on the other side!