| CPC G06Q 20/4016 (2013.01) [G06Q 20/4015 (2020.05); G11C 11/41 (2013.01)] | 20 Claims |
|
1. An apparatus comprising:
one or more processors; and
memory having programmed instructions that when executed cause the one or more processors to:
identify a point-of-compromise (POC) location;
determine a number of transaction cards having suspicious fraud activity at the POC location for each of a plurality of time slices of a first time interval;
for each of a plurality of transaction cards, dynamically update a matrix stored in the memory by incrementing a counter stored in the matrix and corresponding to the transaction card responsive to the transaction card performing a fraudulent transaction at any location subsequent to performing a non-fraudulent transaction at the POC location during the first time interval;
identify an initial POC time slice;
determine an end POC time slice after the initial POC time slice, wherein a time period beginning at the initial POC time slice and ending at the end POC time slice is a window of compromise;
determine one or more transaction cards of a plurality of transaction cards that performed non-fraudulent transactions at the POC location during the first time interval but outside and not within the window of compromise between the initial POC time slice and the end POC time slice; and
responsive to the determination of the one or more transaction cards that performed non-fraudulent transactions at the POC location during the first time interval but outside and not within the window of compromise between the initial POC time slice and the end POC time slice, remove data associated with each of the one or more transaction cards from the matrix stored in the memory.
|