What Banks Failed To Mention About Credit Card Fraud

by Moritz Gastl, on category "Credit Card,Money Matters,Personal Finance"

June 29, 2017


 

what-banks-failed-to-mention-about-credit-card-fraud

 

Banking security has been a very hot topic as of late after two major system glitches from two leading banks, BPI and BDO. Representatives of both banks had to testify in front of the Senate and reassured that customer data is safe and the situation was under control at any point in time. But how safe are our transactions really?
Part of the move towards more secure banking environment is the shift towards the European MasterCard Visa (EMV) chip technology for card transactions. The BSP extended their deadline, which was originally set to 1st of January, 2017, to June 2018 for issuing EMV compliant cards to all clients. Local banks frequently claim that credit card fraud will largely be eliminated by the shift to the EMV technology and away from old magnetic stripes on all credit cards. So why are there still so many fraudulent transactions being reported even though most of the big banks already shifted to the new technology?

5463888252_d0a8e4e0ec_o

The types of credit card fraud

Let’s first have a quick look at different types of credit card fraud. The better you understand how scammers can use your data, the more measures you can take to protect yourself.

  • Lost or stolen cards: report and block your card immediately to minimize any damage
  • Account Takeover: when a fraudster gets access to personal information of a cardholder and for instance, reports a lost or stolen card to the bank to then obtain a new card in the soon-to-be-victim’s name
  • Counterfeit Cards: when a card is “cloned” from another and then used to make purchases. In Asia Pacific, 10% to 15% of fraud results from malpractices such as card skimming but this number has significantly dropped from what it was a couple of years prior, largely due to EMV.
  • Collusive merchant: when merchant employees work with fraudsters to defraud banks and customers. A popular method is to swipe the card twice, once through the payment terminal and once through a skimming device that collects all data from the card. The stolen is often being sold to fraudster on the “dark net”.
  • Card-Not-Present (CNP) fraud: Credit card fraud can be perpetrated against you if the account number and expiry date of your card are known. The fraud may be by way of mail, phone or the internet and does not require your physical card to be present unless the merchant requests the card verification code. To ensure the card works a criminal may attempt to process a small transaction. Scrutinize your bank statements for these types of charges. They are often only the beginnings of a major fraud attempt. This form of fraud has been on the rise since the roll-out of the new EMV technology.

debit-card-vs-credit-card-vs-atm-card-which-is-the-best

Security measures

Cards with only a magnetic stripe are more prone to data theft because the data on the stripes is not encrypted and static. Fraudsters could easily skim data off your cards, embed the details onto a blank card and use it for all kinds of transactions. EMV is going to be safer in that regard as the chip holds your data encrypted and creates unique transaction codes that cannot be used again. If a hacker stole the chip information from one specific point of sale, typical card duplication would never work because the stolen transaction number created in that instance wouldn’t be usable again and the card would just get denied.
When the UK, one of the earliest adopters of EMV technology, switched to the technology it saw a 75% decrease in credit card fraud at brick and mortar stores over 8 years. Fraud, however, did not disappear but merely moved to online transactions, more elaborate ATM fraud, and to other markets where EMV technology wasn’t implemented yet. MasterCard recorded a 54 percent decrease in counterfeit fraud costs among its EMV-ready merchants from April 2015 to April 2016. Conversely, they also saw a 77 percent increase in counterfeit card fraud year-over-year among merchants who had yet moved to EMV or were in the process of doing so.
This is where the banks have clearly failed to educate their consumers. In fact, banks and credit card issuers primarily benefit from EMV. Retailers who do not adopt EMV readers (or are using older point-of-sale terminals) leave consumers susceptible to curb fraud. Because of the high cost of most EMV readers, many small businesses are unable to adopt them. Merchants then require customers to swipe their cards, which means the chip-technology is not being taken advantage of. Even more important is understanding the EMV fraud liability shift that also benefits banks and creates a headache for smaller merchants. If a merchant has not yet updated their payment terminals to be able to accept EMV-compliant cards, the merchant would be liable for the fraudulent transaction. This can be very costly for smaller merchants that want to offer card payments but have not yet updated to the newest technology.

Final thoughts

A very popular way that scammers try to obtain credit card information in the Philippines is public networks. If you connect your phone or laptop to such a network in, for example, a hotel or a restaurant, be very careful with entering personal information. Understanding how your payment cards work is the first step towards protecting yourself from fraud and to actually enjoy the convenience of electronic payments.
A version of this article also appeared in the Manila Times.
best credit cards