Card Fraud Myth Busters: Five Common Misperceptions Your Members May Hold
December 21, 2015
December 8, 2015
Here in the U.S., card fraud is rampant. In fact, according to a recent Barclay’s report published in Security Magazine, 47 percent of the world’s credit card fraud happens in the U.S., even though Americans account for just 24 percent of total credit card volume worldwide.
While technologies such as EMV and tokenization will eventually play a key role in curtailing U.S. card fraud, experts agree that their best weapon against this threat is an informed consumer.
“In life, information is powerful,” said Bill Freer, risk manager for CO-OP Financial Services. “Nowhere is this better illustrated than in the fight against card fraud. Teaching members proper security protocols should be a top priority for every credit union, especially with so many misperceptions out there about how fraud occurs.”
Myth #1: I’m Safer On-Site Than Online
According to Freer, the number one misperception most consumers have about card fraud is that online transactions pose the greatest risk. “Online fraud is always a concern, but most of the fraud we see occurs because of skimming devices and malware at merchant sites and ATMs,” he said. “These tools allow fraudsters to record all the card data information they need often without ever touching a physical card.”
Myth #2: I Know Exactly Where My Card Was Stolen
Another common misperception is that the last transaction made before fraud is detected is the source of the compromise. “This is not usually the case,” said Freer. “Most of the time, card information is stolen weeks or even months before fraud surfaces. This is because the data is frequently posted on illegal websites and sits out there on the Internet until a fraudster decides to purchase it.”
Myth #3: PIN Transactions create less risk than Signature Transactions
This is not necessarily true, Freer says. “During a debit transaction, it puts less card info at risk for compromise when signing for a purchase rather than to enter a PIN,” he said. “In addition, if a PIN is captured, it’s even more valuable to a fraudster, as it makes it that much easier to turn that card data into cash. It can be devastating to have a checking account drained, and having access to the cardholder’s PIN makes it much easier for a fraudster to do just that.”
Myth #4: There’s No Way to Stop Fraud Myself
While credit unions and their service providers work diligently to prevent fraud, Freer notes that their efforts are more successful when cardholders contribute to fraud monitoring efforts. He encourages credit unions to make new, advanced technologies for card controls and alerts available to members. “With these tools, members can determine exactly when, where and how their cards can be used, and they can block unauthorized transactions themselves,” he said. “This practice alone can save credit unions and their members immeasurably in terms of time, money and aggravation.”
Myth #5: I Should Avoid Digital Wallets
EMV chip cards are a must, according to Freer, but he also emphasizes the benefits of new tokenized payment options. “Many consumers are not aware that tokenized digital wallets such as Apple Pay are highly secure,” he said. “In a tokenized transaction, digital tokens replace card data throughout the transaction, which means actual magnetic stripe data from a card never changes hands. As a rule of thumb, the less information that is transferred during a transaction, the less risky the transaction.”
He continued, “To educate members about fraud, take advantage of all your communication tools. Post security reminders on ATM screens that catch the eye. Use the information banner on your website to promote your card controls and alerts solution. Let members know about your fraud detection services, and advise them to respond immediately whenever they are contacted by a fraud analyst. Ultimately, detecting card fraud is an inexact science that is much more precise when cardholders participate in the process.”
Questions about this story? Contact James Pearson: 206.340.4790, firstname.lastname@example.org.
Posted in Article Post.