Boston, MA
October 2008

Fraud to the Left of Me, Risk to the Right
Fraud and Risk Management Solutions for Acquirers


Problems of merchant fraud and risk management in the acquiring space are nothing new. As merchant card acceptance services organizations within banks grew in the early days of the bankcard industry, either organically or through merger and consolidation, exposure to the various forms of risk associated with acquiring payment card transactions naturally arose.

As broader concerns about efficiency and profitability grew, and as banks began outsourcing acquiring operations to ISO’s, non-bank clearinghouses, and data processors, soon before the time that electronic processing of transactions began to become standard, the challenge posed to acquirers in managing their fraud-related costs was daunting indeed.

As electronic data capture and magnetic stripe cards were introduced to the market, and the payments industry began turning to automation of paper-based back-office processes, so too did acquirer risk management operatives seeking to meet the challenge of preserving profitability for their operations. Out of necessity, technology was enlisted to support these objectives.

What is new in acquirer risk is the level of sophistication within the technology being used in the current generation of acquirer risk management systems. A number of experts in the software space that supports the payments industry have also pointed out that adoption of new systems by acquirer risk departments is cyclical, and we are possibly now hitting a new adoption cycle.

In this report, Mercator present a general picture of the card fraud landscape, delineates the various risks associated with bankcard payment acquiring, as well as provides profiles of the product and service offerings of several selected vendors addressing the acquirer market. We discuss ways in which payment card acquirers are exposed to credit risk due to fraudulent card payments and other activity, and systems with which acquirers can mitigate those risks. The opportunity for risk systems and service providers targeting the acquiring space is also a running theme that we touch on throughout the report.

One of the 6 Exhibits included in this report

This report contains 24 pages and 6 exhibits.

Report Highlights:

  • Deployment cycles for risk management systems may be reaching a market-wide transition. Several of the world’s largest acquirers are poised for significant systems upgrades. Plus several ISOs are ready to make the jump to super-ISO-hood.
  • As in all sectors of the payment space, the dissolution of the Paymentech joint venture between JPMorgan Chase and First Data is having an impact on the IT side of the business as well. System providers are pursuing the potential opportunities that this event is creating.
  • Payment card fraud in the US, while nowhere near its peak in the early nineties, is again on the rise. Uncertain economic times have been the harbinger of bigger losses in the past. Acquirers are battening the hatches as the current storm strengthens.
  • Acquirers face numerous risks from both the merchants they serve and their merchants’ customers. Malevolent actors hoping to exploit acquirers’ vulnerabilities have dreamed up quite sophisticated and effective schemes.
  • Vendors that currently have products focused on payment acquirer risk management number fewer than a couple of dozen. Two of these are particularly dominant in the global market.

David Fish, Senior Analyst in Mercator Advisory Group’s Credit Advisory Service and principal analyst on the report, comments, ” It’s every acquirer’s worst nightmare: the Fraud Merchant. Especially when the fraudsters are targeting any one given acquirer in an organized manner, for whatever reason – poor and rushed underwriting, lax risk monitoring, outdated detection systems – the losses can quickly stack up, taking months for the targeted acquirer to recover optimal profitability. Small ISOs are often dependent on their processors for underwriting and risk monitoring. Large acquiring operations are also vulnerable to these types of attacks and loss budgets can become quickly depleted if fraud rings are extremely active, since fraud detection and loss prevention are only two aspects of one of the several goals of acquirer risk management.”

Members of Mercator Advisory Group have access to this report as well as the upcoming research for the year ahead, presentations, analyst access and other membership benefits.

Please visit us online at

For more information call Mercator Advisory Group’s main line: 781-419-1700 or send email to