Monday, October 10, 2005

Credit card fraud down by 29% (or is it?)

Well hurrah for Chip and Pin!

Spotted on the BBC News site this morning...

The Association of Payment Clearing Services announces that:

Fraud involving the stealing and counterfeiting of debit and credit cards has fallen 29% year-on-year in 2005"

Well that is a triumph... Except that:

"But the figures are incomplete as they do not include card fraud over the telephone or internet. In addition, the figures do not include fraud committed when cards go missing in the post."

Err yes, umm, well those are kind of obvious omissions right? Cos if I steal a card, am I more likely to use it face-to-face in a pub or shop, or to use it for an anonymous transaction over the Internet - now there's a tricky one! Secondly, somehow they exclude numbers where cards go missing in the post, and therefore I also assume that Identity Theft is also missing from the numbers.

Well let's give the banks their dues, in-person fraud is down by 29%, therefore:

"Between January and June these types of card fraud cost banks £89m, compared with £127m for the same period in 2004."

But, and here's the rub, it isn't the banks that are hurt by card fraud. And it isn't the individual, as they claim their money back from the card company. And it isn't the card payment gateway/machine providers as they claim no responsibility whatsoever, even when they are supposed to authorise the transaction and validate the card-holders identity.

No, it is the retailer every time! When a card holder reports that their card has been used fraudulently, they tell the bank, the bank takes the money back from the retailer (plus a "chargeback" admin fee), and it is up to the retailer to prove that the card transaction was not fraudulent. This is a process that rarely succeeds, is very time-consuming, and when your business is taking a few high value transactions every day, that is a tough risk to have to accept.

So, conclusions:

1) I grudgingly admit that Chip n' Pin has made a difference in face to face scenarios. You just have to wonder why they've had the system in Continental Europe for at lest 10 years before we in the UK agreed it was worth a try.

2) It doesn't make a jot of difference to internet or phone transactions, which is where the majority of fraud takes place.

3) The banks that are making £ billions of profits every year are all to eager to take the credit for the change, despite the fact that they aren't the ones to suffer, and actually they didn't bear the costs of the change to Chip n' Pin either - the retailers are the ones who had to fund new POS systems, card readers etc. It is time they took responsibility for the flaws in their products and systems, and bore the brunt of the risks they present.


Post a Comment

<< Home