News

10:12 AM
Connect Directly
Facebook
Twitter
Google+
RSS
E-Mail
50%
50%

One in Four Customers Are Card Fraud Victims, Study Finds

Banks need to do a better job engaging with customers and educating them about fraud, ACI's 2012 Global Fraud survey found.

A new study looking at the behavior and concerns of customers worldwide concerning card fraud was released today by payments solutions provider ACI Worldwide and the Aite Group, a research firm. The 2012 fraud report, titled "Global Consumers React to Fraud: Beware Back of Wallet," found that 27 percent of global consumers had been hit by credit card fraud over the past five years. Many of those who experienced fraud turned to using cash, checks or other cards more after receiving a replacement card. The study found that 46 percent of customers who received a replacement card because of a data breach or other fraud activity used the card less than before.

The study asked more than 5,200 customers in more than 17 countries around the globe if they had experienced card fraud and how that had change their consumer behavior. The percentage of respondents who had experienced fraud in the last five years stayed consistent with last year's findings, but there was a sharp increase in the number of respondents who had experienced fraud more than once in the last five years. This year 14 percent of the respondents had been victimized by fraudsters multiple times, compared to only 6 percent last year.

As more customers are experiencing multiple instances of fraud, they are becoming increasingly aware of fraud and accept that it is happening, Mike Braatz, SVP, Payments Fraud at ACI Wordlwide, told reporters in New York City yesterday. The good news, he explained, is that customers want to be part of the battle against fraud - they want to get alerts and approval notifications for suspicious transactions. But the study found that banks aren't doing enough to educate customers about actions they can take to prevent fraud, as 43 percent of the U.S. consumers in the study don't recall receiving any guidance from their bank regarding fraud activities.

The result is that many consumers still engage in activities that unnecessarily open themselves up to card fraud, the study noted. For instance, 23 percent of American consumers surveyed said they throw bank statements or ATM receipts in the trash without shredding them. And 18 percent of them admitted to not using the auto-lock feature on their mobile phones. Those numbers clearly illustrate a greater need for customer awareness and education about fraud.

Unfortunately, as ACI's Braatz said yesterday, "Banks have long considered fraud part of the cost of doing business." Banks build in an "acceptable" amount of fraud into their business model. In a world where consumers want to bank on their terms and fraud attacks are becoming increasingly sophisticated, that attitude might need to change. Customers who want to bank whenever and wherever need to be educated about the fraud risks out there today so they can be more proactive in helping to prevent fraud. That will require a more customer-centric view towards fraud than the conventional model of accepting a certain amount of total fraud as part of a bank's operations. That customer-centric view is exactly what ACI's fraud study was trying to encourage by going to the customers and asking about their fraud experiences. "This gets financial institutions away from that narrow view of [accepting a certain amount of] fraud and gets them to start making new investments in fraud," said Shirley Inscoe, senior analyst at Aite Group.

Jonathan Camhi has been an associate editor with Bank Systems & Technology since 2012. He previously worked as a freelance journalist in New York City covering politics, health and immigration, and has a master's degree from the City University of New York's Graduate School ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Janice, I think I've got a message from the code father!
Current Issue
Security Operations and IT Operations: Finding the Path to Collaboration
A wide gulf has emerged between SOC and NOC teams that's keeping both of them from assuring the confidentiality, integrity, and availability of IT systems. Here's how experts think it should be bridged.
Flash Poll
New Best Practices for Secure App Development
New Best Practices for Secure App Development
The transition from DevOps to SecDevOps is combining with the move toward cloud computing to create new challenges - and new opportunities - for the information security team. Download this report, to learn about the new best practices for secure application development.
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.

Dark Reading Radio
Archived Dark Reading Radio
In past years, security researchers have discovered ways to hack cars, medical devices, automated teller machines, and many other targets. Dark Reading Executive Editor Kelly Jackson Higgins hosts researcher Samy Kamkar and Levi Gundert, vice president of threat intelligence at Recorded Future, to discuss some of 2016's most unusual and creative hacks by white hats, and what these new vulnerabilities might mean for the coming year.