Abstract
Bank transaction fraud results in over $13B annual losses for banks,merchants, and card holders worldwide. Much of this fraud starts with aPoint-of-Compromise (a data breach or a skimming operation) where credit anddebit card digital information is stolen, resold, and later used to performfraud. We introduce this problem and present an automatic Points-of-Compromise(POC) detection procedure. BreachRadar is a distributed alternating algorithmthat assigns a probability of being compromised to the different possiblelocations. We implement this method using Apache Spark and show its linearscalability in the number of machines and transactions. BreachRadar is appliedto two datasets with billions of real transaction records and fraud labelswhere we provide multiple examples of real Points-of-Compromise we are able todetect. We further show the effectiveness of our method when injectingPoints-of-Compromise in one of these datasets, simultaneously achieving over90% precision and recall when only 10% of the cards have been victims of fraud.