Are there any solutions to prevent sophisticated fraud syndicates plundering our credit card accounts? asks Karen Harverson
CREDIT cards represent convenience to card holders, big business for banking institutions and increasingly, easy pickings for criminals.
Credit card fraud, estimated at millions of dollars a year worldwide, has more than doubled in South Africa this year, on last year figures, despite efforts by the banks to implement security measures.
One of the factors influencing the sudden surge in credit card fraud is South Africa’s re-entry into the global arena, with the country now viewed as a destination market. Amid the flood of overseas visitors entering the country, are highly sophisticated fraud syndicates which are cashing in while South Africa’s security systems catch up with the rest of the world.
Fortunately for card holders, they carry very little risk. If a customer’s card is stolen and reported as such, they are not held liable for any fraudulent transactions taking place thereafter. If their credit card number is used on a counterfeit card, they are credited in full for any transactions which took place without their signature.
So who carries the risk? In almost 95 percent of the cases involving credit card fraud, the banks carry the loss. Ultimately though, this risk does filter down to the customer in the form of increased service charges.
“Unfortunately, the more controls put in place by the bank to contain the risk, the more inflexible and inconvenient the system becomes for the customer,” says Nedcor Bank assistant general manager of the card division, Gerald
And so the financial institutions are caught in a dilemma of trying to offer a flexible service to customers and balance this service with the risk it carries.
Kitchen reports that there are numerous problems surrounding credit card fraud and numerous solutions. “As one area is stopped by the banks, another area opens up and at present, we face a flood of counterfeit cards.”
Unlike stolen cards which are blocked as soon as the customer reports the card missing, counterfeit cards take longer. Theoretically banks have to wait for the holder of the genuine card to query fraudulent transactions, before they realise that the card has been
“We are implementing neural or knowledge-based technology to help identify trends in a cardholder’s spending so that fraudulent transactions trigger early warning signals to the issuing bank that there could be a problem,” says Kitchen. In a situation where an unusual authorisation request comes through, the bank may request that the client contact the bank before it is authorised.
But again, this treads the line between providing a service to the client and limiting the bank’s risk without infringing on the convenience the client is seeking.
“Many customers are relieved when we query a certain transaction but others are infuriated by the delay this may cause them.”
Far more problematic than stolen cards is the credit card which is intercepted in the post, known as “renewals not received”.
Stolen cards at least have the customer’s signature on the back which still has to be matched by the criminal, who has a limited time period before the card is reported stolen and blocked. However, the intercepted card is unsigned, which allows the criminal to sign his own signature on the back and easily make transactions for several weeks until the customer informs the bank that they haven’t received the card, or until they receive their transaction statement with a long list of fraudulent transactions.
“We’re now considering using courier services to deliver credit cards to the customer because the postal service is proving to be insecure at present,” says Kitchen, adding this area accounts for the bank’s greatest losses.
Standard Bank assistant general manager (card division) Peter Abbott says there is a rising incidence of “white plastic” fraud cases. White plastic refers to a plastic card which has a counterfeit magnetic stripe and/or embossed number on it but does not actually look like a credit card.
“In this situation, the white plastic can only be used if the criminal is in collusion with the merchant,” says Abbott, adding that in most cases, the merchant obtains authorisation from the bank for a large amount of goods which are never actually sold.
The money is split between the merchant and
While existing merchants are generally found to be honest, some individuals applying for merchant facilities with the express purpose of defrauding the banking system.
Standard Bank market research and development divisional general manager Gus Warwick reports that customers who buy goods off the Internet and supply their credit card numbers to do so, take the risk of their numbers being fraudulently re-used.
“The customer is free to buy goods off the Internet, but it is not a secure payment system yet although Master Card, Visa and others are implementing measures to safeguard payments.”
He says the system is as secure or insecure as ordering something by telephone using one’s credit card number. “If the merchant sends the goods to the cardholder, there’s no problem but if not, the customer has to go to their card issuer and declare a dispute with the merchant. The financial institution in turn debits the merchant’s account and refunds the customer.”
He believes the system will improve once the fundamentals of the Internet change so that the customer rather than the merchant asks the financial institution to make payment.
On the issue of new technology, Warwick reports that within the next 12 months, personal identification numbers (pin) will be used generally at the point of sale to verify the card holder.
“The pin may be encrypted in the card using smart card technology or the information on the magnetic stripe will be sent up line to a security module and decrypted, and checked against the pin entered at the point of sale.”
Further down the line, Warwick believes a biometric system whereby the fingerprint of the client can be transported to the point of sale and checked against the card holder will be
Kitchen says it will cost millions of rands to upgrade the global infrastructure so that chip technology can be used at point of sale systems.
“There are mitigating factors, such as the years of investment in magstripe technology, which may delay chip technology being used for credit cards in the near future.”