Comments
Getting the Customer Involved in Fraud Prevention
Newest First  |  Oldest First  |  Threaded View
Jonathan_Camhi
50%
50%
Jonathan_Camhi,
User Rank: Author
7/2/2013 | 9:17:10 PM
re: Getting the Customer Involved in Fraud Prevention
A lot of the big institutions are already ahead of the game on this but many smaller banks haven't been able to invest in the infrastructure and staff to support a data and analytics approach to fraud prevention.
The issue you bring up about card issuers not being able to control what goes on at the merchant's end is a good point. It'll be interesting to see what happens with the EMV deadlines approaching, and the responsibility moves from the issuer to the merchant if the merchant doesn't adopt EMV. The merchants are going to have to either pony up for the hardware upgrade or take over the fraud charges that the issuers have been responsible for.
Ann Employee
50%
50%
Ann Employee,
User Rank: Apprentice
7/2/2013 | 5:01:11 PM
re: Getting the Customer Involved in Fraud Prevention
This is old news. Card issuers have been doing this for years. I work in the industry and we use dozens of individual patterns to evaluate if a transaction is likely normal or fraud.

The point everyone is missing is that the cardholder has very little ability to protect themselves from most fraud because most of the time it's security breaches into poorly protected merchant systems that create the problem in the first place.

Merchants have a lot of liability protections to avoid chargebacks and losses from fraud. The irony here is the card issuer is usually the one that takes the losses for fraud, yet the card issuer has no control of the cardholder or the merchant's security practices.

Also, the card issuer does not control whether passwords or PINs are used to verify a cardholder. It is up to the merchant or the processing network if those controls are available or even turned on. Additionally, in order for any verification control to work, every card processor must be able to support it.

It's not as easy as it sounds to "just add security," which is why it takes years and years for standards to be created, software updated, and POS devices replaced to support new security standards.


Register for Bank Systems & Technology Newsletters
White Papers
Current Issue
Slideshows
Video