As a BBC News investigation uncovers a
fresh call centre credit card scam
, industry expert Mark Kobayashi-Hillary explains how the call centre industry works, and how consumers can protect themselves.
How do fraudsters use card details?
Criminals can use details to clone a card - particularly in instances where they have both a credit or debit card and a Pin number.
Once a clone card has been created it can be used around the world to make transactions and withdraw money at cash machines.
How much money is lost by the UK to card fraud?
Card fraud losses totalled £609.9m in 2008, according to figures released by Apacs, the UK payments association.
Apacs said the main areas of fraud were on transactions not protected by chip-and-pin - specifically internet, phone and mail order fraud - and fraud abroad. The latter was committed by criminals using stolen UK card details in countries yet to upgrade to chip-and-pin.
Figures suggest the number of these overseas scams nearly doubled in two years. UK card fraud losses overseas totalled £230m in 2008, compared with £117m in 2006.
What security precautions do call centres take to prevent card fraud?
Many call centres ban mobile phones, cameras, data storage devices such as USB sticks or MP3 players, and laptops in the workplace. The aim is to make it difficult for staff to store customer details. In addition to preventing data storage, these precautions are intended to prevent workers passing on details to people outside the call centre.
Details taken by telephone operatives are placed in a secure computer system which is not internet-enabled. This means staff are unable to copy and paste material into a web page or e-mail them to another person.
The computer systems used to connect overseas call centres usually store data in the home country. In practical terms, this means telephone operatives usually can only see aspects of a customer's profile they are dealing with at the time, rather than all their details.
What precautions can consumers take to reduce the chances of card fraud?
A consumer should ensure that he, or she, is the person who initiated telephone contact with a bank. In some circumstances a bank may contact a customer. In such instances the consumer should arrange to call the bank back on an official number to ensure that it is a genuine issue and the representative is not a fraudster.
In most cases the telephone worker should be able to make a note on the customer's account making it clear that the person has been contacted and stating that he, or she, will call the bank.
Use different passwords for different bank accounts to ensure that any fraud that takes place is restricted. Using the same password while making use of telephone or online banking means fraudsters could go on to access a victim's details elsewhere. It is also advisable to routinely change passwords.
People should be wary of disclosing personal and family details, such as birthdays and family names, on social network sites. Fraudsters sometimes use such details to contact the relevant bank or credit card issuer and masquerade as the genuine cardholder.
Where can consumers get more information on preventing card fraud?
Information and advice for consumers and retailers regarding the best ways to avoid being a victim of card scams is available from Card Watch, a UK banking industry initiative that aims to raise awareness of card fraud prevention.
Mark Kobayashi-Hillary is a director at the National Outsourcing Association, a not-for-profit organisation which commissions independent research into the best ways to outsource.