Academic journal article ABA Banking Journal

Will E-Commerce Reverse Card Fraud Trend?

Academic journal article ABA Banking Journal

Will E-Commerce Reverse Card Fraud Trend?

Article excerpt

Overall statistics show continued progress, but the web unquestionably is a fertile field. Merchants, for now, are the ones on the hook

Listen to card processors and you get a rosy story of how credit-card fraud is continuing its decade-long decline down to losses of less than a penny for every $10 in purchases. Listen to anecdotal horror stories, spiked with a skittish public attitude toward Internet security, plus informal surveys, and you feel like calling off the whole e-commerce revolution.

The ambiguity arises from these facts:

1. the card associations don't break out statistics on credit-card fraud when a card is not present (referred to in shorthand as "CNP"). This includes mail-order and Internet transactions.

2. A typical Internet fraud begins with an old-fashioned theft of a physical credit card or a card number, and thus isn't basically a breach of Internet security.

3. Sophisticated risk-management measures may be mainly responsible for the downward trend of losses and may be able to lower Internet fraud losses to acceptable levels.

The official statistics on card fraud are indeed impressive. Visa U.S.A. announced an "all-time low" in fraud losses for 1999: six cents for every $100 in transactions (0.06%), compared with 0.07% in 1998 and 0.18% in 1992. "It's actually never been safer to use your Visa card," beamed Carl F. Pascarella, president and CEO of Visa U.S.A. Not only are cards safer to use, but beginning this month, consumers won't be liable for any losses from fraudulent use of credit or debit cards over the Visa system. This supersedes the rarely enforced industry standard under which cardholders could be liable up to $50 if the fraud hadn't been reported within two days. Significantly, that immunity extends to GNP (including Internet) transactions.

As this article went to press, Mastercard waived a cardholder's liability for unauthorized credit card use , "if you promptly report your card missing, in most circumstances."

In its report on 1998 results, Mastercard enthused that it was continuing "a decade of success in fighting fraud." Its fraud losses in that year rose 5.2% to 0.081%, still less than half the global peak of 0.18% in 1992.

The ABA's 1998 Bank Card Industry Survey (covering 1997) reported fraud losses sustained by three classes of banks: Group I-less than $50 million in card outstandings or less than 50,000 card accounts with balances; Group II-$50-759 million and thousands of cards; and Group III-$750 million or greater in both categories.

For the smaller banks of Group I, fraud losses declined 38% from 1996-'97, to about $31,000 per bank. Losses by the average Group II bank dropped 43%, to about $600,000. For Group III, the corresponding figures were 58% and $8.5 million. Each case of fraud cost the smallest banks $1,720, compared with $895 and $1,069 for Group II and III banks. The ABA report commented that the high per-case cost for smaller banks was "presumably due to a lack of technology and processes to quickly identify suspected fraudulent account activity."

For the seventh consecutive year, loss or theft of cards was the biggest single source of fraud loss for all groups, in terms of both number of cases and dollar losses. Counterfeit cards caused the second-highest dollar losses--26% of all losses by Group I banks and 10% and 12% for Groups II and III. Much fewer incidents and lower losses were attributed to fraudulent applications, intercepting cards in the mail, mail or telephone transactions, account takeovers, and others. (ABA will release a new card report later this spring. Preliminary figures indicate a further decline in fraud losses.)

Anatomy of Internet fraud

Has the Internet made the fraud artist's life easier than it was when he operated in a "card-present" regime? Yes, is the consensus answer from insiders. Because by definition the card is never present in an Internet transaction, the criminal's Job One is to get a valid account number. …

Search by... Author
Show... All Results Primary Sources Peer-reviewed


An unknown error has occurred. Please click the button below to reload the page. If the problem persists, please try again in a little while.