Search

Brian Pennington

A blog about Cyber Security & Compliance

Tag

3-D Secure

UK Card Fraud losses fall because of technology and risk awareness

The UK Card Association along with the Cheque & Credit Clearing Company, Financial Fraud Action UK and other industry groups has produced their report on UK fraud activities during 2011.

The results released in March 2012 show, Fraud losses on UK cards fell 7% from £365.4m in 2010 to £341.0m in 2011, a ten year low.

The reductions have been attributed to the efforts of the industry to “deter, detect and prosecute fraudsters”.

Card Scheme initiatives have been noted as working, for example:

  • MasterCard SecureCode
  • Verified by Visa
  • American Express SafeKey

Awareness and technology have combined to improve fraud protection by:

  • Offering advice to retailers and consumers
  • Improved the sharing of fraud data and intelligence within the industry
  • Sharing fraud data with law enforcement
  • Chip and PIN equipment
  • Fraud detection tools

Payment Card Industry Compliance was not mentioned in the release but from experience the majority of awareness campaigns, training and policies implementations by Merchants have resulted from the mandates of PCI DSS.

Of interest is the switch in direction by the fraudsters to older fraudulent methods e.g. telephone and cheques, see the exact numbers at the end of the post.

Melanie Johnson, Chair of The UK Cards Association comments:

Driving down fraud and keeping cards safe continues to be a priority for the industry. This is the third year card fraud losses have fallen – clear proof that our endeavours to fight fraud are packing a punch. Customers have also played their part in driving down losses by taking heed of advice about looking after their personal and financial details. Fortunately, they can always be confident that if they are the innocent victim of fraud, they have excellent fraud protection that they don’t get if they use cash.”

DCI Paul Barnard who heads up the industry-sponsored police squad, the Dedicated Cheque and Plastic Crime Unit says:

As technological advances have made our payments more secure, we’ve seen a spike in more simplistic crimes. Many scams involve customers being conned into handing over their cards and PINs, or their telephone banking security details by someone calling, pretending to be their bank or police. Our appeal to the public is to be wary of any unsolicited phone calls or emails. Never hand over your card and PIN or bank security details in full as neither your bank or the police will ever ask you for these.”

UK Fraud broken down by type over the past 5 years is shown below:

Card Fraud Type on UK-issued credit & debit cards 2007 2008 2009 2010 2011 % +/- 10/11
Telephone,   internet and mail order fraud (card-not-present fraud) £290.5m £328.4m £266.4M £226.9m £220.9m -3%
Counterfeit   (skimmed/cloned) fraud £144.30 £169.8m £80.9m £47.6m £36.1m -24%
Fraud on lost or stolen cards £56.2m £54.1m £47.7m £44.4m £50.1m 13%
Card ID theft £34.1m £47.4m £38.2m £38.1m £22.5m -41%
Mail non-receipt £10.2m £10.2m £6.9m £8.4m £11.3m 34%
TOTAL £535.2m £609.9m £440.0m £365.4m £341.0m -7%

See a summary of the 2010 figures here.

.

Advertisements

Five Ways to Fall Victim to Credit Card Fraud

Fox News Talk
Image via Wikipedia

Originally published on September 09, 2011 by Fox News this article by Lora Shinn is a simple but effective way of avoiding becoming another victim of credit card fraud.

Review these mistakes to avoid becoming a victim of  debit or credit card fraud.

1. Failing to Look for Skimmers

Thieves may attach skimming devices to the exterior  of an ATM or point-of-sale terminals requiring a PIN, or personal identification  number. It’s worth the few seconds it takes to glance before you swipe.

“Always take a look at the machine to see if there  (are) any visible traces of activity, such as glue or scuff marks or loose bits  around the PIN pad or the place where you insert your card,” says Manisha  Thakor, co-author of “On My Own Two Feet: A Modern Girl’s Guide to Personal  Finance.” “Those are telltale signs that an attempt may have been made to attach  a skimmer.”

She says you should pay close attention when you’re  visiting an ATM in a low-traffic locale, where it’s easier for someone to attach  a device. When in doubt, use a different ATM.

2. Banking Online in a Cafe

You may have free Wi-Fi access at your favorite  coffee shop, but you might not want to use it to check the balance in your  savings account. If you’re using an open wireless network, it’s easier for  hackers to intercept online transactions, passwords and other private business.

 “It’s not the time to do financial business, your online banking or your  shopping,” says Marian Merritt, a Norton Internet safety advocate at Symantec,  a manufacturer of security software.

That goes for websites that start with HTTP and  HTTPS as well because you don’t know how securely the coffee shop, hotel or  other free Internet access point is set up. Hackers can set up “man in the  middle” attacks to grab your passwords, card number and other information while  you’re on the public network. So enjoy the latte and save checking your credit  card statement for later.

3. Responding to Phishing Messages

If you receive a text message on your phone from  your bank, and it asks you to log into your card account immediately — but you  didn’t contact the bank — raise your mental drawbridge. The same goes for a  message that arrives via Facebook, Twitter  or any other mode of communication.

“Any unsolicited phone call, email, text or social  media message could be a phishing attempt,” says Erik Mueller, vice president of  payment system integrity at MasterCard  Worldwide. “Be skeptical of these messages, especially if they request credit or  debit card data or personal information, or link to another website or Web  page.” With the right data, a phisher will quickly find a way to commit credit  card fraud.

If you think the message might be legitimate or you  have concerns about fraud, contact your issuer directly using the customer  service phone number on the back of your debit or credit card.

4. Ignoring Your Rights and Responsibilities

If you’ve lost your credit or debit card, suspect it  was stolen or think someone has lifted your number off the Internet, call your  card issuer immediately. Credit cards offer the greatest protection against  fraud. Most card issuers provide zero-liability fraud protection, and federal  law says once you report the loss or theft, you have no further responsibility  for unauthorized charges. Your maximum liability under federal law is $50 per  card.

With debit cards, your responsibilities and rights  change. While you may have zero-liability fraud protection on your debit card,  it may not apply to PIN-based transactions or ATM withdrawals. Federal law also  has some caveats when it comes to debit card fraud protection. If someone made  fraudulent purchases with the debit card data and you don’t report the theft  immediately, your liability could skyrocket, especially if you wait longer than  60 days to report it. In addition, if a thief uses your debit card to drain your  bank account, you’ll be short on cash while your bank investigates.

5. Not Using Free Fraud Protection

Additional fraud protection is available for free by  numerous card issuers and financial institutions, though most require a little  investigation or enrollment. For example, the Verified by Visa program sets up  Visa cardholders with an additional password they can use to shop at  participating online merchants. MasterCard SecureCode works similarly. It  requires the user to enter the correct PIN during checkout at a participating  online retailer.

Another option: Try one-time or “virtual” credit  card numbers, which are offered by some banks such as Citibank  and Bank of America. These numbers are used for only one purchase and then are  no longer usable — so you don’t have to worry they’ll be swiped and reused by a  fraudulent user.

You can also minimize debit and credit card fraud by  making use of free account alerts, which notify you when certain transactions or  changes occur, such as a transaction for more than a certain dollar amount or a  purchase made overseas.

Check your bank or card issuer’s site to find out  whether they participate in these programs and services.

The original Fox News post can be found here.

.

Fraud losses drop on UK cards, cheques and online banking

The UK Card Association reports that fraud losses over 2010 in the UK on cards, cheques and online backing has dropped against 2009 figures.

Total fraud losses on UK cards fell to £365.4 million in 2010 – a 17 per cent reduction compared with losses in 2009. This is the lowest annual total since 2000 and follows on from a fall of 28 per cent in 2009. This current downward trend is due to the banking industry’s ongoing investment to deter, detect and prosecute fraudsters.  Initiatives include: better awareness amongst retailers about how to protect their chip and PIN equipment from criminal attack; greater sign-up to online fraud prevention initiatives such as MasterCard SecureCode and Verified by Visa by cardholders and retailers; improved industry sharing of fraud data and intelligence; increasing use of fraud detection tools by banks and retailers; the increasing roll-out of chip and PIN abroad and the upgrade of chips on UK cards.

Online banking fraud losses totalled £46.7 million in 2010a 22 per cent fall on the 2009 figure. Factors contributing to this fall include customers better protecting their own computers with up-to-date anti-virus software combined with banks’ use of sophisticated fraud detection software. This decrease has occurred despite a continuing rise in phishing attacks, up 21% from 2009.

Phone banking fraud losses totalled £12.7 million during 2010, an increase of five per cent from 2009. Most losses involve customers simply being tricked into disclosing their personal security details – through cold calling or fake emails – which the criminal then uses to commit fraud. This suggests that some customers are still not aware that their bank will never cold call or email them to ask for login details and passwords.

Cheque fraud losses decreased from £29.8 million in 2009 to £28.9 million during 2010. The vast majority of attempted fraud gets stopped before the cheque is paid. The industry’s ongoing work to prevent cheque fraud has helped drive these losses down. The continuing drop in cheque usage has also contributed to the three per cent fall in overall cheque fraud losses.

Detective Chief Inspector Paul Barnard, Head of the Dedicated Cheque and Plastic Crime Unit (DCPCU) – the industry-sponsored specialist police unit that tackles the organised criminal gangs behind fraud – comments: 

“Whilst another drop in fraud is good news, the fraudsters haven’t shut up shop which is why there can be no room for complacency on the part of the banking industry, retailers, law enforcement or indeed customers themselves.  By taking simple steps, such as:  shielding our PIN with our free hand whenever we enter it, particularly at cash machines; being wary of unsolicited emails or calls; and making sure that our computers have regularly updated anti-virus software in place, we can make life harder for the criminals.

“Fortunately in the UK – unlike some other countries – innocent victims of any type of payment fraud on their debit or credit card or account are protected and should not suffer any financial loss.”

Melanie Johnson, Chair of The UK Cards Association, which represents UK credit and debit card providers said:

“The cards industry is greatly encouraged by the major decrease in card fraud losses for a second successive year, but we will not be easing off our efforts as a result. It is essential to us that customers feel safe and secure when they use their cards and we will continue to invest in a wide range of fraud prevention initiatives to keep it this way.”

Fraud figures released by the National Fraud Authority (NFA) earlier in the year also serve to put these banking fraud losses into perspective. The NFA estimated that fraud in all its guises costs the UK more than £38 billion a year – card and banking fraud accounts for just over one per cent of this figure.

Details of the figures from 2007, 2008, 2009 and 2010 compare can be found here http://www.theukcardsassociation.org.uk/media_centre/press_releases_new/-/page/1323/

Blog at WordPress.com.

Up ↑

%d bloggers like this: