CCFinder is a suite of utilities designed to facilitate the discovery, organization, and querying of financial data and related personally identifiable information in large-scale investigations. Its development is a direct result of the operational requirement of a federal law enforcement partner during the TJX and Heartland credit card fraud investigations.
CCFinder is more effective at validating credit card numbers and eliminating duplicates than many existing tools, which produce many false positives. Maintaining a pedigree of credit card numbers that shows all locations in which each number was found, CCFinder reveals how stolen numbers were traded (after an initial theft, financial account numbers are often shuffled, split into chunks, and sold) and therefore aids in tracing the source of the original theft. CCFinder also solves the problem of sheer size of recent financial times (the TJX Case required processing of 45 million credit card numbers), which had overwhelmed existing tools. Additionally, CCFinder streamlines the process of victim notification. "CCFinder was a big deal when we were working with 3 million account numbers," said team member Matthew Geiger. "Then we quickly went from there to 45 million in the TJX case."