The Department of Home Affairs is seeking an off-the-shelf solution to tackle credit card fraud.
The department says it wants a solution that can help secure its revenue-collection streams. It ideally wants a commercial off-the-shelf software solution “with demonstrated market maturity” to reduce fraud risk, “particularly in the online, card not present, context”.
“The worldwide growth of credit card fraud, specifically, card not present and chargeback related fraud, warrants a proactive stance to be taken by the department to mitigate the risks of revenue collection from credit card fraud,” the advertisement states.
Earlier this year, a report from the Australian Institute of Criminology revealed that “one large entity” — which was not named — had been victim to roughly 340,000 fraudulent credit card transactions in 2016-17.
Along with the solution, the department has also requested an implementation service to ensure the product is up and running by June 30 next year.
“The system should be a payment gateway agnostic product that offers ease of configuration for integration with both the existing Commonwealth Bank of Australia and Westpac payment gateways, as well as other banking payment gateways, as required,” Home Affairs said.
According to the criteria, the risk assessment functionality for the proposed solution should offer real-time monitoring of payment requests — prior to the completion of the transaction — through a “seamless user experience”. It should allow the department to efficiently collect revenue for visa, citizenship, customs duties, and other products and charges.
“Once implemented and operational, it is anticipated the credit card fraud management solution for the department’s payment platforms should decrease risks of exposure to fraudulent chargebacks, reduce revenue loss, and shift liability away from the department,” Home Affairs said.
Cloud solutions offered through a Software as a Service or managed service are able to apply. However, the department notes that if the solution is offered as a Software as a Service, then the cloud hosting service should be located within Australia. Cloud platforms must also be assessed and certified by the Australian Signal Directorate and the Information Security Registered Assessors Program.
The tender is open until November 19.