Credit card fraud falls to record low
Thursday July 07, 2005 11:55 - (SA)
By Stephen Gunnion
Credit and debit card fraud is at a record low, despite growing volumes of transactions globally. A recent breach of security at a third-party card-processing plant in the US, which compromised up to 40-million card numbers globally, is unlikely to alter the statistics, says credit card company Visa.
Visa says industry efforts to combat fraud are paying off as card issuers tighten payment-processing security.
Jim Devlin of Visa's fraud department for central Europe, eastern Europe, the Middle East and Africa region (Cemea) says that last year only 6c of every $100 spent with credit cards was lost to fraud.
Counterfeit cards remain the highest contributors to fraud, at 47%, followed by lost and stolen cards at 29%, Devlin says.
Simon Dean of the same Visa fraud department says MasterCard, Visa and American Express, the three largest credit card companies, have aligned standards to which banks have to adhere to protect account holder information.
Despite this, the "phishing" of account holder information by the US card processor highlighted a flaw in the system.
Phishing is when customers' personal information, including account details and PIN number, is collected to conduct fraudulent transactions on internet and telephonic transactions.
About 22-million of all the account numbers at risk globally were of Visa cards, while about 14-million were of MasterCards.
Devlin says the effect of the US breach on customers was minimal, with about 20000 accounts compromised but not necessarily affected by fraud.
Last month, Visa said only 6000 of its South African account numbers had been compromised, and a number of those had expired.
MasterCard said 6000-7000 of the total number of MasterCards that had been exposed to risk were for South African accounts.
At the time only one South African account had been affected.
Standard Bank, SA's biggest credit card issuer, had identified about 1500 credit card customers who could potentially be affected, and all accounts were replaced with new ones as a security precaution.
"It was a highly unfortunate incident and one that hasn't done the industry any benefit," Dean says. He says while the financial loss from the card compromise in the US was small, the damage to the reputation of credit card companies was large.
"The last thing Visa would want is for the internet and e-commerce to be deemed insecure. The protection of data is most important," he says.
Dean says the US card compromise was still the subject of an FBI investigation in the US and it was still unclear how it happened.
Customer data that should not have been stored had been stored by the processor, he said.
Under an industry-wide security programme, banks, merchants and card processors have to adhere to certain security standards.
Dean says the move to chip-based cards will reduce fraud even further as it will take the responsibility away from merchants to ensure cards are authentic. Chip cards had successfully addressed this in France, where they were introduced in the 1990s.
Growth in card fraud between 1993 and 2003 had prompted the UK to move quickly to chip cards, Dean says.
But Devlin says it would be years before chip-based cards were rolled out world wide. Merchants would need special chip readers before the system was implemented.
Business Day
Thursday July 07, 2005 11:55 - (SA)
By Stephen Gunnion
Credit and debit card fraud is at a record low, despite growing volumes of transactions globally. A recent breach of security at a third-party card-processing plant in the US, which compromised up to 40-million card numbers globally, is unlikely to alter the statistics, says credit card company Visa.
Visa says industry efforts to combat fraud are paying off as card issuers tighten payment-processing security.
Jim Devlin of Visa's fraud department for central Europe, eastern Europe, the Middle East and Africa region (Cemea) says that last year only 6c of every $100 spent with credit cards was lost to fraud.
Counterfeit cards remain the highest contributors to fraud, at 47%, followed by lost and stolen cards at 29%, Devlin says.
Simon Dean of the same Visa fraud department says MasterCard, Visa and American Express, the three largest credit card companies, have aligned standards to which banks have to adhere to protect account holder information.
Despite this, the "phishing" of account holder information by the US card processor highlighted a flaw in the system.
Phishing is when customers' personal information, including account details and PIN number, is collected to conduct fraudulent transactions on internet and telephonic transactions.
About 22-million of all the account numbers at risk globally were of Visa cards, while about 14-million were of MasterCards.
Devlin says the effect of the US breach on customers was minimal, with about 20000 accounts compromised but not necessarily affected by fraud.
Last month, Visa said only 6000 of its South African account numbers had been compromised, and a number of those had expired.
MasterCard said 6000-7000 of the total number of MasterCards that had been exposed to risk were for South African accounts.
At the time only one South African account had been affected.
Standard Bank, SA's biggest credit card issuer, had identified about 1500 credit card customers who could potentially be affected, and all accounts were replaced with new ones as a security precaution.
"It was a highly unfortunate incident and one that hasn't done the industry any benefit," Dean says. He says while the financial loss from the card compromise in the US was small, the damage to the reputation of credit card companies was large.
"The last thing Visa would want is for the internet and e-commerce to be deemed insecure. The protection of data is most important," he says.
Dean says the US card compromise was still the subject of an FBI investigation in the US and it was still unclear how it happened.
Customer data that should not have been stored had been stored by the processor, he said.
Under an industry-wide security programme, banks, merchants and card processors have to adhere to certain security standards.
Dean says the move to chip-based cards will reduce fraud even further as it will take the responsibility away from merchants to ensure cards are authentic. Chip cards had successfully addressed this in France, where they were introduced in the 1990s.
Growth in card fraud between 1993 and 2003 had prompted the UK to move quickly to chip cards, Dean says.
But Devlin says it would be years before chip-based cards were rolled out world wide. Merchants would need special chip readers before the system was implemented.
Business Day
