A common and relatively easy theft using credit card fraud is wide-ranging because credit cards have become such a common and basic payment medium both online and in brick and mortar organizations and can involve many methods to perform fraudulent transactions. Everything from obtaining goods without paying to performing unauthorized funds transfers from an account can be performed relatively easily when credit cards go stolen. The Federal Trade Commission, reports that while identity theft had been on a steady rise with a 21 percent increase peak in 2008. It’s credit card fraud, that is the number one motivation associate with identification theft.
The cost associated with card fraud is estimated to make up .07 % of your merchant’s transaction rate costs. Although this cost is only a small fraction of a transaction due to the high volume of transactions this translates to billions of dollars and in 2006, fraud in the UK alone was estimated at US$750 million.
The methods of fraud can vary from the physical theft of the card to data theft the credit card account, that can include the card account number, pin number and validation numbers and all other information that is required for a legitimate transaction. The routes to compromising the card can easily be conducted without the card holder, the merchant or the issuer’s knowledge, at least until the account is ultimately used for fraud. From a store clerk simply copying sales receipts to the card information being scanned for duplication and Internet transactions where database and network security holes have cost millions credit card accounts can be compromised at various technical levels.
Weather lost or stolen credit cards remains usable until the card holder notifies the issuer of the theft. As such it is possible for a thief to make unauthorized purchases on a card until it is canceled by the issuer.
The first and most common measure on all cards is a signature panel, but this signatures has not been effective since they are relatively easy to forge. So newer measures of security have emerged where some credit cards include the holder’s picture on the card itself. But busy self-serve payment systems are common places where stolen cards are used where there is card holder’s identity verification.
Now most cards are equipped with an EMV chip which requires a 4 digit PIN to be entered in to the merchants terminal before payment will be authorized. However, a PIN isn’t required for online transactions in many self-serve payment systems so these measures although help curve the use of stolen cards don’t necessarily prevent stolen card transactions.
All Card issuers have built sophisticated countermeasures within their credit card transaction systems that can analyze and perform credit transaction risk estimation that calculate the probability of fraud. Systems that perform analysis of the many conditions surround transactions that may cause a flag to be raised if, for example, a large transaction occurring a great distance from the cardholder’s home might seem suspicious or a series of transactions might involves high risk un-verified transactions using self-serve payment systems. The merchant may be alerted to call the card issuer or the transaction may be declined altogether forcing the card holder to communicate with the issuer for verification.