Under the present invention a biometric reading, an audit point identity and transaction information are collected for each electronic transaction. Upon collection, the biometric reading, audit point identity and transaction information are packaged into an audit packet, which is then encrypted and stored in a log or the like. One or more of the electronic transactions can then be audited using this stored information. Specifically, for the electronic transactions that are to be audited, the corresponding audit packets are retrieved from storage and decrypted. Once decrypted, the biometric readings will be compared to each other to determine whether a set (e.g., one ore more) of the electronic transactions is potentially fraudulent. Typically, a set of electronic transactions is potentially fraudulent if a plurality of the biometric readings are identical or too similar to each other.