December 2014 Issue

Our 'Newsletter on Financial Fraud' is your monthly insight into the various new fraud types and methods used by fraudsters globally in the banking space. 

In this issue, we bring to light the effect of banking fraud creeping in and making banks lose millions to this plaguing menace.

CNP Fraud Going Up, Regardless of EMV

One of the biggest concerns surrounding the migration to EMV (Europay, MasterCard, and Visa) is that experts often predict it will lead to an increase in Card Not Present (CNP) fraud. That prediction played out in many countries that switched to EMV. 

After EMV was implemented, making it more difficult to commit to counterfeit card transactions at the point of sale, fraudsters moved their business to e-commerce sites and online transactions.

A recent report from Javelin Strategy & Research predicted that Card Not Present will increase dramatically over the next few years. But little of that growth will be because of the switch to EMV. The e-commerce space has evolved since the UK, Australia, and others switched to EMV and saw big jumps in CNP fraud, the report pointed out. Online transactions will see explosive growth over the next few years, and that will in turn drive a large increase in CNP fraud unless online fraud prevention solutions are more widely implemented among e-commerce businesses, the report warned.

Card Not Present fraud is just happening. In Europe, EMV deployments were correlated with increases in Card Not Present fraud," Nick Holland, senior analyst at Javelin and author of the report, remarked. "That mythology has been transcribed to the US market. Retailers think that if you bring in EMV, they will get a net negative. They think you're just moving fraud to online."

If Javelin's predictions are correct, those retailers will need to be worried about CNP fraud rising regardless of whether or not EMV is implemented. If EMV is implemented, Javelin said that CNP fraud would jump from $9 billion last year to $18.6 billion in 2018. But if EMV isn't implemented, then Javelin projected that CNP fraud would still increase to $18.4 billion in 2018. Most of that growth in CNP fraud will be because e-commerce transactions will increase from $351.9 billion last year to $486.3 billion in 2018, Javelin predicted.

The rise in CNP fraud will require companies to up their game in fraud prevention, Holland suggested. Solutions exist today to help mitigate fraud in online transactions, like tokenization and encryption. But those solutions need to be more widely implemented, which won't likely happen unless retailers are incentivized to deploy them, he said.

Source: Information Week

ANZ to combat card skimming theft with Tap-and-pin ATMs

ANZ is fitting its ATMs with new "tap and pin" technology to prevent criminals from skimming the details of people's cards through its readers.  

Skimming occurs when someone illegally copies account details from the magnetic strip on a credit or debit card by placing something inside the ATM reader.

According to the Australian Payments Clearing Association, $37.8 million was lost in 2013 due to counterfeit and skimming fraud on all credit and debit cards issued in Australia, an annual fall of 29 per cent. But the amount lost to skimming in Australia rose 4 per cent to $24.3 million, with an increase in ATM skimming the main cause.

ANZ's new technology will allow customers to get money out by "tapping" their cards rather than inserting them into a reader. It will still require the use of a pin number.

"Counterfeit card fraud is a massive issue for the industry and law enforcement that causes significant inconvenience for customers," ANZ's Australia chief executive Philip Chronican said. "The growing dependence on technology means customers want simpler and faster ways to bank, but they also want to know their money is secure."

The widely used tap-and-go technology has meant fewer people rely on cash for transactions.

ANZ admits that the use of ATMs generally has declined, but says the new technology is still worth the investment. It says it will retain the use of the pin number for security reasons.

Source:  Sydney Morning Herald

Sharp Increase in Bank Card Fraud in South Africa

The banking industry's gross losses due to South African issued credit card fraud has increased by as much as 23% from last year.

The South African Banking Risk Information Centre (SABRIC) on Tuesday said bank card fraud came in at R453.9 million in 2014, up from R366 million in 2013. SABRIC CEO said the biggest contributor to the increase has been false applications fraud, which saw a very significant increase from R6.2 million in 2013 to R78.3 million in 2014.

Of all fraud perpetrated on cards acquired through false applications, 88% of the transactions occurred in South Africa. "SABRIC has found that criminals misuse the online application channels provided by banks by using false details to open multiple credit card accounts. Consequently, they then obtain legitimate cards and PINs," said the CEO.

With regards to counterfeit credit card fraud losses inside South Africa, SABRIC reported a decrease of 12% from R55.1 million in 2013 to R48.4 million in 2014. However, "card not present" fraud committed within South Africa increased by 21% from R56.7 million in 2013 to R68.9 million in 2014. The losses associated with debit card fraud also showed an increase of 5% from R117.7 million to R123.5 million in 2014.

The majority of the debit card losses, according to SABRIC, are related to counterfeit card fraud and most of the transactions occurred within South Africa.

Card skimming involves the illegal copying of encoded information from the magnetic strip of a legitimate card by means of a card reader, and this could occur either at ATMs or points of sales.

Source: all Africa

Are the banks using customers’ Situational Intelligence for effective real-time fraud protection?

How can you help customer to control the banking transactions happening on their accounts and use this as an effective fraud protection mechanism? Customer communication and preferences play a key role in detecting fraud at earlier stage and at a lower cost.

Consider the following scenarios:

  • A customer is going on vacation to Switzerland for 2 weeks and he wants all the card transactions   (debit card and credit card) originating from home country to be blocked for the next two weeks
  • Customer wants all fund transfer (Third Party transfer) transactions originating from his internet banking account at any location in home country to be blocked for next 2 months as he is travelling to US for business
  • Customer runs domestic business and don’t travel abroad. The customer wants to disable any transaction originating abroad
  • Customer wants all payee addition transactions to be blocked in his account till he turn this feature on ( aka Facebook privacy settings)
  • Customer wants to be alerted of any attempt of transaction of more than a set limit with the option to respond with a decision to decline or authorize the transaction ( aka. reverse positive payee used for cheque transactions in the commercial banking world)
  • Customer holds multiple credit cards and uses a specific credit card for all his ‘Card Not Present’ transactions (online payments). Customer wants all the CNP transactions to be blocked on all his other debit/credit cards
  • Customer wants to block or fix specific limits for purchase of electronic or jewelry items on his debit/credit card
  • Customer wants to limit the use of his debit card/credit card to any particular state/states within the country

In all these scenarios, the bank customers provide the vital situational intelligence which can be built in to the banks’ processes for effective fraud protection.  In turn, customers also benefit with the convenience of banking on their own terms and securing their accounts.

If you think this is too futuristic, you may be wrong. Reserve Bank of India’s expert committee on customer service in banking has already given recommendations to this effect. We might see these recommendations getting implemented by Indian banks very soon.

Bank’s core system i.e. core banking, internet banking and credit card processing systems, however modern they may be, are ill-suited to handle this kind of agility. Current generation systems can at the best match a transaction to a bank maintained blacklist and stop a transaction when an entity match occurs.

Banks need to handle this using agile fraud management system which can take this situation intelligence into consideration as part of its decision making strategy for fraud protection. What banks need is a dynamic fraud management system that can digest the relevant information about the debit blocks/limit preferences customer has opted for the given time period and the same system is used for real time fraud protection.

A real time fraud protection system monitors every transaction and decides  whether to allow, decline or challenge based on the fraud risk system inherently derives or based on the customer provided situational intelligence. This is an example of a technology that can truly achieve the dual objectives of enhanced customer experience and improved fraud control.

Source: CustomerXPs

Related Blogs and Posts

Subscribe to Our Monthly Newsletter

Get insights & updates from the world of financial crime management in your inbox. Be on our newsletter mail list.

Subscribe Newsletter

©2018. CustomerXPs® Software