Credit card fraud soars, despite new safeguards
New fraud-prevention technology has made credit card crime more difficult in the U.K., but it is increasing in other countries that have not adopted "chip-and-pin" safeguards. Chip-and-pin credit cards are cards containing electronic chips that contain the information otherwise found on magnetic strips.
According to the Association of Payment Clearing Services (APACS), the U.K. clearing service, credit card crime in the U.K. dropped 4 percent in the first half of this year, compared with the first six months of 2006. However, fraud on UK-issued cards, primarily in the U.S., rose 126 percent during that time. Chip-and-pin is not accepted universally, so cardholders' names and account numbers, expiration dates, and security codes are still stored on the magnetic strip of a credit or debit card, as well as on the microchip.
Criminals are copying the data on the strip to create a fake card that is then used in a country that has yet to upgrade to chip-and-pin technology, the BBC reported. All European Union members plan to upgrade by 2010.
Fraud patterns are changing. Last year, losses suffered by retailers, credit card users and financial institutions fell by 3 percent. But this year the numbers are rising due to the surge of cloned cards in the U.S. and elsewhere, along with a 44 percent increase in online and telephone fraud for the first half of this year, FinanceWeek reported.
The good news in the U.K. is that online banking fraud is down, thanks to chip-and-pin and other security measures, as are losses from stolen cards being used to withdraw money from cash machines, which is down by 57 percent. When it comes to transactions where the cardholder is present, fraud has fallen 11 percent, FinanceWeek
U.S. companies are boosting spending on credit card security, however, under the threat of fines. According to The Wall Street Journal, rules called the Payment Card Industry's Data Security Standards discourage encoding customer information on the magnetic strips. The rules call for ways to encrypt information to make it unreadable to hackers and methods to control employee access to sensitive information. The rules are not new, but Visa has announced it would start levying fines of up to $25,000 a month to large merchants who aren't following the rules.
Forrester Research says that the biggest merchants in the U.S. are forecast to spend $400 million to $500 million this year on technology to meet the security standards.
Another technology is making its way into circulation in the U.K.: a bank card that allows shoppers to pay for inexpensive items without using a PIN or signature, The Times London reported. These so-called contactless cards will be issued in London over the next couple of months. APACS estimates 5 million will be issued by the end of next year.
Contactless payment cards use short-range radio to exchange payment information with the register for items less than £10. Shoppers merely tap their debit or credit cards on a reader. A PIN will still be needed for more expensive items.
Robert Kenly of moneysupermarket.com, a price comparison site, told the Times: "There will be a number of checks in place and so long as cardholders remember to report lost cards immediately, they will always have any losses refunded. For some people it will perhaps seem too risky but, as with anything new, once people have tried it they may find that they actually like it."
Banks in the U.S. have been issuing contactless cards since 2003, with more than 10 million now accepted by 30,000 shops and restaurants, the Times reported.