Academic journal article Economic Review (Kansas City, MO)

The Changing Nature of U.S. Card Payment Fraud: Industry and Public Policy Options

Academic journal article Economic Review (Kansas City, MO)

The Changing Nature of U.S. Card Payment Fraud: Industry and Public Policy Options

Article excerpt

Debit and credit card payments are convenient for consumers, widely accepted by merchants, and more efficient than paper forms of payments. But as cards have become the primary payment instrument in retail transactions, awareness of identity theft and concerns over the safety of payments has increased. For example, a recent data breach at Heartland Payment Systems compromised 130 million records of payment cards--the largest in a succession of security failures that have compromised growing numbers of payment records.

Like all forms of payment, cards have security vulnerabilities. Traditional forms of card payment fraud are still an important threat, but fraud resulting from unauthorized access to payment data appears to be rising. Payment providers are exploring options to protect sensitive data, such as the recently implemented payment card industry data security standard. But the damage from card payments fraud is a rising concern, and we are only beginning to get a sense of the dimensions of the problem.

As the central bank of the United States, the Federal Reserve has responsibility to ensure that payments are safe, efficient, and accessible. Confidence in the safety of payments is particularly important. Thus far, the role of public policy has been to encourage the card payment industry to develop its own standards and procedures that limit fraud. Whether this policy stance is sufficient depends on the effectiveness of industry efforts to limit fraud in light of the dramatic shift towards card payments.

This article provides an overview of card payment fraud in the United States. The process for approving card payments depends to a large extent on information. Thus, criminals have a strong incentive to steal that information, leading to attacks on computer systems, data breaches, and ultimately payment fraud. Such criminal efforts are increasing in organization and scale. To assess the resulting damage, this article presents a preliminary estimate of the rate of card payment fraud in the United States. According to the estimate, card fraud is higher in the United States than in several other countries for which data are already available. While the U.S. payment industry is taking steps to combat payment fraud, progress has been slowed by conflicts of interest, inadequate incentives, and lack of coordination. The principal conclusion is that policymakers should monitor the card payment industry to see if it better coordinates security efforts, and if not, consider actions to help the industry overcome barriers to effective development of security.

The first section examines the information-intensive card payment approval process and the security vulnerabilities that emerge as a result of shifting to electronic forms of payments. The second section explores what we know about how criminals gather and use payments information to commit fraud. The section also addresses the monetary harm that fraud inflicts on participants in the payment system. The third section reviews several important initiatives, in the United States and elsewhere, designed to combat card payment fraud. It goes on to discuss the limited effectiveness of industry efforts to establish payment security standards on its own and the resulting policy concerns.

1. EMERGING VULNERABILITIES OF CARD PAYMENTS

The primary aim of card payment security is to ensure that only payments authorized by the account holder are allowed. Vulnerabilities exist in the card payment approval process, however, that enable criminals to make fraudulent card payments. These vulnerabilities are related to an information-intensive payment approval process. Criminals have begun concerted efforts to collect and exploit this information, especially targeting electronic records.

While traditional forms of card payment fraud (such as from lost or stolen cards) remain important, this section will focus on newer forms of payment fraud, which are often a result of breaches of personal information. …

Search by... Author
Show... All Results Primary Sources Peer-reviewed

Oops!

An unknown error has occurred. Please click the button below to reload the page. If the problem persists, please try again in a little while.