Debit and credit card fraud: What to look out for and how to prevent it
The evolution of technology has enabled countless perks for daily life practices, including the handiness of paying with debit or credit cards as opposed to carrying cash
Although many people prefer having cards due to it’s convenience, paying with these has proven to be risky.
A study by the Nilson Report revealed that card fraud rates have been incrementally rising throughout the last few years, with a staggering U.S. $31.67 billion worldwide fraud loss projected by the year 2020. While the U.S. and European countries usually top the list each year, the latest ACI Worldwide Global Consumer Fraud Survey reveals Mexico and Brazil lead the way as the top two countries with most credit card fraud reported in 2016 with 56% and 49%, respectively. Moreover, countries in the Caribbean have seen this type of fraud flare up as of recently due to the high influx of tourists, to the extent that the United States Department of State Bureau of Diplomatic Security listed credit card fraud and cybersecurity breaches as an issue to take into consideration when travelling to Jamaica.
It’s important to note that although both credit and debit cards are similar in appearance and usage, they differ greatly in a crucial way: debit cards are tied directly to bank accounts, meaning that if fraud does occur, this money will be gone immediately and customers will have to wait for the bank to issue their money back. Contrary to popular belief, the weak link in people’s wallets is actually debit cards and not credit cards.
Common Methods and Places of Fraud
Hackers use a variety of techniques to commit fraud while the victims remain oblivious. Credit cards are generally associated to system hacks like stolen database information from merchants, while debit cards are usually linked to point of sale (POS) attacks, with groceries, restaurants and ATMs being the most commonly related to physical paying endpoints.
Skimming, however, is one of the most widely used techniques that threaten debit cards’ security as it’s a discreet method. The most common skim happens at stores where clerks or waiters run a card through a card reader device that copies the information from the magnetic strip. Once the thief has the credit or debit card data, he/she downloads it to a PC and burns the data to a gift card or a blank “white card.”Thieves also use a skimming technique known as EFTPOS skimming (electronic funds transfer at points of sale), where POS are replaced with a skimming device to copy the data in the cards.
The following are the top five places where credit/debit card fraud commonly occur:
1.Gas Stations: Skimmers often pose as fuel pump technicians and use a set of master keys to access terminals and the wires that connect the key pad and card reader with a device that reads unencrypted card data.
2.World Wide Web: Online shopping in fraudulent sites can lead to security breaches.
3.Outdoor ATMs: Criminals place a card reader device in an ATM and hide it so it looks as if it is part of the machine. The device obtains data remotely through Bluetooth while hidden cameras are placed in inconspicuous areas to extract the victim’s pin number.
4.Restaurants: Maintaining visibility of waiters when paying for meals is essential as customers seldom see when their credit/debit cards are being swiped and charged.
5.Public Computers and Wi-Fi Hotspots: The use of public computers and networks can risk unwanted collection of sensitive data as most of these are unsecured.
Why has it flared up?
People tend to use debit cards freely, without realizing the vulnerability of the information every time they swipe it somewhere. People who excessively use their debit cards anywhere to earn usage points redeemable for rewards may, in fact, be compromising their checking account information at any given swipe.
Tourism is another great opportunity for criminals, as tons of foreign tourists come in to the Caribbean islands and other vacation hotspots willing to spend money throughout their short time visiting, often losing focus on the transaction being made.
Advancements to Further Secure Sensitive Data
Most banks and financial institutions have enabled zero-liability protection against customers who experience fraud and have adapted to the changing threat landscape of card fraud. For instance, retailers and POS need to have (Payment Card Industry) PCI compliance in order to accept credit card payments, which include security controls for ensuring that customers’ card data is kept secure throughout the transaction process and also protect cardholder data during online or telephone payments.
Another notable advancement in credit/debit card security is the EMV (Europay, Mastercard and Visa) standard that equips cards with computer chips and the technology to authenticate chip-card transactions. Unlike magnetic strip cards, which contain unchanging data, the cards with these chips create a unique transaction code that cannot be used again.
With the large number of businesses in the retailer sector, especially in tourist-frequented areas, retailers must remain competitive and up-to-date on the latest security measures. Offering the most secure transactions and ensuring all of the following measures are implemented will make merchants and businesses more attractive to customers as they will feel safer when making transactions:
1.Provide safe hi-speed Internet access across the store’s physical space.
2.Adhere to PCI security standards.
3.Properly store customer’s necessary information.
4.Use protected equipment throughout the store, including employees’ mobile devices.
Steps to Take in Case of Security Breach and How to Prevent Them
If a person has been the victim of card fraud, the first thing to do is to monitor accounts and watch out for any unauthorized charges. Reporting suspicious activity to the bank as soon as possible can prevent any further damage to the victim’s finances.
Consumer education remains a key part of the strategy to protect cardholder account information. Understanding the difference between credit and debit cards can prevent users from using them blindly, while knowing the potential risks and common fraud techniques can make people alert of their actions and hopefully prevent fraud from happening.
This article is written by Julio Uricari who is a Systems Engineer for Fortinet, an American Multinational Corporation headquartered in Sunnyvale California which markets cybersecurity software, appliances and services.