[an error occurred while processing this directive]
BBC News
watch One-Minute World News
Last Updated: Tuesday, 8 November 2005, 15:04 GMT
Card fraudsters target easy prey
By Julian Knight
BBC News personal finance reporter

A person operating a mouse
Most "card not present" fraud takes place online
Card issuers and retailers could be forgiven for breaking into a collective smile today.

Card fraud, a problem that was seemingly getting out of hand, is finally on the decrease.

The introduction of chip and pin technology, at an estimated cost of over 1bn, has led to a 13% cut in total debit and credit card fraud.

Under chip and pin, card users verify transactions by keying in a pin number rather than signing a receipt.

Chip and pin has helped slash levels of card counterfeiting and fraud resulting from card theft.

The criminal gangs behind a lot of this fraud are well organised and resourced, they see card not present as a point of attack
Ken Farrow, Lloyds TSB

Without access to the precious pin number fraudsters are stopped from using counterfeit or stolen cards in shops.

But when it comes to card fraud committed via the internet, phone, or mail order it is a very different story.

During the first half of 2005, so-called "card not present" fraud has leapt 29% year-on year.

It is now the single biggest type of card fraud.

It takes seconds

It can be startlingly easy to commit this type of fraud.

All that the fraudster needs is the card number, issue number (in the case of a debit card), expiry date, cardholder's name and the verification number, which is located on the signature strip.

It can take a matter of seconds for a fraudster to gather these details.

"What seems to be happening is that people are handing over their cards in shops, garages and restaurants the details are being taken down and then used to buy goods and services, mainly online," Sandra Quinn, spokeswoman for the Association of Payment Clearing Services (Apacs), said.

Card not present fraud rising
2000 73m stolen
2001 96m stolen
2002 110m stolen
2003 110m stolen
2004 151m stolen
2005 (first six months) 91m
Source: Apacs

The explosion in this type of fraud is following a familiar pattern where fraudsters hone in on the weakest link in the banks', consumers' and retailers' defences.

"The criminal gangs behind a lot of this fraud are well organised and resourced, they see card not present as a point of attack," Ken Farrow, group head of fraud at Lloyds TSB, said.

So what are card issuers doing to tackle this burgeoning type of fraud?

Again, as with chip and pin, the issuers are banking on new technology to hold the answers.

"We could see customers using card readers when they shop online...The card would be swiped through the reader producing a randomly generated code which the consumer would enter on the online retailer's site.

"This code would then be verified by the retailer with the issuer," Mr Farrow said.

However, trials of this technology are unlikely to start until late next year and ultimately costs may prove prohibitive.

In addition, it does not seem to offer a solution to the problem of fraud via phone or mail order.

Nipped in the bud

About 1 in 20 transactions that are flagged up as unusual turn out to be fraudulent
Phil Wilson, Adeptra

Credit card companies are turning their attention to stopping the fraudster faster than at present

They already have software in place designed to detect unusual card transactions. But following up the leads thrown out by this software can be expensive and time consuming.

"About 1 in 20 transactions that are flagged up as unusual turn out to be fraudulent. It can take a lot of effort and time for staff to contact customers to check if fraud is taking place," Phil Wilson, chief executive officer of security technology firm Adeptra, told BBC News.

"Some card issuers are taking the step of stopping cards as soon as they see something unusual on the account, potentially inconveniencing customers," he added.

Adeptra have developed software which automatically calls a customer as soon as an unusual transaction is detected.

The computer-generated voice then checks with the customer whether the transaction is bona fide or fraudulent.

The idea is to nip fraud in the bud.

According to Mr Wilson, Adeptra's software is already in use in the United States and is catching on amongst UK banks too.

But, it seems, whatever technology the card issuers adopt, the fraudsters will find a way to bypass it.

"There is every chance that the criminal gangs are already working on technology to break chip and pin," Mr Farrow said.

And if the fraudsters do crack chip and pin the collective smile may disappear off the faces of card issuers and retailers.

The BBC is not responsible for the content of external internet sites


Americas Africa Europe Middle East South Asia Asia Pacific