What is a fraud attempt? • How is the result of a fraud attempt defined exactly?
Usually, during FAR determination, a fraud attempt is an attack using the features of a non-authorized person. This, however, pretends a high security which is not present since there are a lot of further possibilities for promising attacks. A fraud attempt is successful if the user interface of the application provides a “successful” message or if the desired access is granted. A fraud attempt counts as rejected if the user interface of the application provides an “unsuccessful” message. In cases where no “unsuccessful” message is available, a verification time interval has to be given to ensure comparability. If the verification time interval has expired the fraud attempt is counted unsuccessful.
