Countering Card Fraud: Is Chip & Pin Technology Enough?

Countering Card Fraud: Is Chip & Pin Technology Enough?

Naresh Kurup

Marketing Director at CustomerXPs

Views 1364

Countering Card Fraud: Is Chip & Pin Technology Enough?

31.01.2017 06:30 am

 

Pin and Chip

 

EuroPay, MasterCard and Visa (EMV) is a technical standard developed to ensure more secure Point-Of-Sale (POS) transactions. EMV allows non-static information to be transferred between the card, the terminal, and the financial institution that processes credit card transactions. This takes care of skimming fraud where fake devices would copy data from magnetic stripes and use it on another card. While EMV is not new technology and has been in use for over a decade, it has made its way to the US in the last 2 years.

How does EMV Technology work?

EMV uses microprocessor chips that encrypt bank information making it far more secure than the old magnetic stripe cards. Magnetic Stripe uses static data that is stored in the stripe on the card (this makes it unsafe considering it can be stolen and used). The static information means that the number transmitted by the card for all transactions is the same.

EMV TechnologyWhen it comes to EMV standard, although the card data will be the same for every transaction, there will also be other pieces of data that gets re-organised for every transaction. This renders the data stolen at the POS useless for further use.

The verification method for EMV cards can be chip-and-pin or chip-and-signature, with the former being the preferred choice in Europe and the latter often used in the US. This is contactless transaction which is becoming popular as NFC (Near Field Communication) technology used by mobile payments is making inroads. While technological advancements are racing ahead to reduce frauds, fraudsters are not far behind, as they continue to seek innovative methods.

 

Fraud, the scare still exists

While POS frauds and card counterfeiting have reduced in countries that are early EMV adopters, the cybercrime scene has now shifted to the canvas of e-commerce and online transactions. Fraudsters are also keenly watching late EMV adopters as potential targets. With data breaches and online theft increasing, security agencies have reported a doubling in crime rates of online frauds. ATM frauds are not far behind – swindling with counterfeiting cards and duping to snatch PIN numbers are on the rise.

Research analysts report that these types of frauds are more damaging for the customer by the day. The frauds go unnoticed as the unauthorised purchases and withdrawals lie hidden in the transactional details list. Not many customers go through their transaction histories regularly and closely.

The microchip comes into play when trying to prevent counterfeit fraud because it makes it harder to produce a copy of the card. And a PIN comes into play for protecting against lost-or-stolen fraud because it makes it impossible to use the card unless they also know the PIN.

EMV adoption and the changing fraud types

EMV adoptionUsing EMV technology for cards has seen a reduction in skimming-type attacks, but the crime rate has increased in other ways of stealing money. Research firm Aite Group reports that losses from counterfeit, lost, and stolen cards in Canada dropped from $245 million in 2008 to $112 million in 2013.

A research by the European ATM Security Team (EAST) found that fraud-type attacks increased 28% during the first half of 2016 with cyber criminals stealing €174 million and Aite reported that there was a 79% increase in online fraud during the EMV adoption phase in Europe.

The banking sector is now making a move to bring in EMV-chip-enabled credit and debit cards, which generate a unique transaction code with each purchase, making them harder to spoof. With these systems and cards rolling out, mining credit card numbers will not be as valuable for criminals, says Privacy Rights Clearinghouse.

Precautionary steps

Precautionary steps

While fraud severely erodes customer confidence and the bank’s bottom line, fraudsters continue to keep pace with the very technologies that are being developed to keep them at bay.

While banks conduct frequent security audits, invest in advanced security measures and work proactively in mitigating risks, there’s no silver bullet that can eliminate fraud completely.

However, it does help to have an intelligent, pro-active, well-synchronised cross-channel system in place that –

- Understands customers’ transaction patterns at a granular level using information from across all channels

- keeps track of customers’ credit histories

- screens transactions in real-time to quickly spot unusual / potentially suspect activity

- applies login authentication rules (including mobile number / email id updates)

- activates real-time alerts and notifications while potentially suspect transactions are in progress

To effectively combat fraud, Banks must go beyond conventional anti-fraud solutions. Intelligent platforms are now available that harness data in real-time from across channels to not only deliver a unified anti-fraud mechanism but also helps create a secure ecosystem.

Latest blogs

Darren Capehorn Icon Solutions

Unbanked and Unconnected: Supporting Financial Inclusion Beyond Digital

Many of us take it for granted, but accessing basic financial services is fundamental to our economic and social development. It is hard to ‘get on’ if you are forced to hide life savings under the mattress, or rely on predatory loan sharks for Read more »

Konstantin Demishev Archer Software

How Machine Learning Helps Fintech Companies Detect Fraud

Machine learning (ML) is one of the most discussed technological tools, and if in the past only a few companies could use it due to high cost and lack of resources, today many industries use ML. The financial sector is not an exception and embraces Read more »

Nish Kotecha Finboot and Bryan Foss, NED, Visiting Professor at Bristol Business School and member of the FRC Audit & Assurance Council

How Listed Companies Can Use Blockchain to Prevent Auditing and Reporting Malpractice and Avoid Scandal

Not too long ago, there was very little to link Wirecard, the disgraced payments platform in Aschheim, Germany, with Boohoo, the fast-fashion online retailer in Leicester, England, but both have recently been embroiled in high-profile scandals. Read more »

Leon Muis Yolt Technology Services

The Time for Financial Services to Become Truly Digital is Now

The financial services industry looks set to change dramatically over the next couple of years in response to COVID-19. The pandemic has certainly highlighted some inefficiencies and weak spots in current processes for many businesses, such as those Read more »

Granville Turner Turner Little

The Lockdown Money Revolution

Many Brits have found that lockdown has been beneficial for their money, having cut back on personal spending and managing to put away some extra cash. According to eToro, Brits with unspent discretionary income are set to accumulate £75.5bn in Read more »

Related Blogs

Sandra Higgins Sysnet Global Solutions

Are You ‘Prescribing’ the Right Security Solution to Your Merchants?

When it comes to leading a healthy lifestyle, eating the right food, taking regular exercise, and maintaining a positive mindset are key. However, despite these best intentions and practices, you still might not get all the nutrients your body needs Read more »

Sunil Jhamb WL Payments

Staying in control of digital payments

For the CIOs and CTOs of banks and PSPs, fraud and security are never very far from their minds. Protecting both their own organisations and their merchants from the threat of cybercrime is a truly business-critical challenge – and one in which the Read more »

Gabriel Leperlier Verizon Enterprise Solutions

Why is Payment Security Compliance Declining with only 1 in 3 Companies Globally Making the Grade?

When companies are attacked, personal and financial customer information from payment card data is often the target. The Payment Card Industry Data Security Standard (PCI DSS) was designed to help protect payment data from the point of purchase and Read more »

Alan Stewart-Brown Opengear

Security Challenges for Financial Institutions – How Smart Out-of-Band (OOB) Management Keeps Networks Up and Running

Information technology and telecommunications are fundamental to service delivery in financial institutions today. Firms are increasingly reliant on IT networks to deliver core services but this can leave them vulnerable to ever-expanding security Read more »

Ali Raza Financial Software Systems

The Best of both Worlds: Security and User Experience

Globally e-commerce is booming. According to industry estimates digital commerce is projected to grow at a 20% CAGR to reach $5.8 trillion by 2022.  At the same time fraud losses are mounting. Read more »

Magazine
ALL
Free Newsletter Sign-up
+44 (0) 208 819 32 53 +44 (0) 173 261 71 47
Download Our Mobile App
Financial It Youtube channel