November 30, 2003

Forged checks have always been a problem, but increasingly sophisticated technology is making it easier to create these checks. Today, it is not uncommon to see forged checks of more than one million dollars-so banks must be on the alert.

TowerGroup, headquartered in Needham, Mass., estimates check fraud will cost commercial banks $853 million in 2003 and that banks will avoid losses of another $4.478 billion by taking preventative measures.

According to Peter L. James, senior analyst, wholesale banking, TowerGroup, "We estimate that the U.S. banking industry spends over $280 million per year on these measures, equaling a total cost to the industry of over $1.1 billion per year in losses and prevention costs."

And with the recent signing by the president of the Check 21 legislation, banks will no longer have the canceled check on hand for verification. "Banks will need to make their pay or no-pay decision based on electronic information, not on the physical characteristics of the paper," James says.

Image presentation opens up new challenges to companies and banks. James points out that banks will receive two items of data in the new image-based environment: the Electronic Check Presentment (ECP) information that captures the MICR line data from the check and the digital image of the check.

DIGITAL WATERMARKS

"On the market today, there are methods that offer what one might term `image-resistant' watermarks," James says. "These rely upon a way of encoding information on the check, such as the amount and payee name. By printing this encoded data on the check in a special way, it cannot be read or duplicated by a criminal."

This technology indicates there have been no changes to the information on the face of the check. In addition, the customer doesn't have to give the bank an issuance file since issuance data is encoded on the check. "Each check is a self-contained validation of itself," he said.

One product on the market today is the Secure Seal from EnSeal Inc. (Whitney, U.K.), a partner of Fiserv Inc. (Brookfield, Wis.) and ImageSoft (Lake Mary, Fla.). Primarily designed for corporate accounts, Fiserv creates approximately 100 characters in the seal that can be either a logo or a design, which is 1.25 inches in each direction. Based on the various pixel arrangements, information such as payee name, serial number and dollar amount are encapsulated inside the seal. "When the check is presented for payment, a bank can scan the check and decode the information to compare it to see if the check has been altered in any way," says Ted Umhoefer, senior vice president, product management and industry relations, Fiserv Item Processing.

The seal is decoded using a licensed reader package and specific information from the issuer. If there is discrepancy between the information identified within the actual check fields and the information encoded in the Secure Seal, it will be marked as an exception for review.

Kevin LeBlanc, manager, authentication division, RSA Security (Bedford, Mass.), says "to provide data integrity, institutions can use digital certificates and digital signatures. This involves the digital signing of an image either by an operator or by the device creating the image." RSA provides products such as RSA Keon Certificate Authority software for this purpose. LeBlanc also recommends that banks have a trusted time-stamping mechanism added to the process.

"In the rush to image-enable their check operations," TowerGroup's James adds, "banks should not lose sight of the fact that the counterfeiters are also preparing their next move, and that they too have access to the latest technology."