Title: Surging Debit Card Fraud Will Take Broad Effort to Stem
Abstract: Question: What do bank customers and criminals in common? Answer. They both love debit cards. For bank customers, debit cards represent convenience, and they are using them in droves. By 2009, debit cards will generate almost 30% of bank's DDA fee income, according to McKinsey & Co. Today, they generate about 16%. For criminals, debit cards provide fast access to cold, hard cash. With fraudulent credit cards, criminals first purchase goods which they then sell for cash. Debit cards take out the middle step, allowing criminals to get cash directly out of a victim's checking account. In criminal circles both in the U.S. and abroad, debit cards are the new must have item. And criminals are inventing increasingly sophisticated ways of getting them, including hacking into merchant point of sale (POS) systems that store both PIN and magnetic stripe information from purchasers' cards. Also, knowing that banks will be monitoring transactions right after a data breach, criminals oftentimes don't use the cards until three to six months after the breach has taken place and banks let their guard down. Although much of the media focus on debit card fraud has been as a result of a data breach at a merchant, skimming--in which criminals place a device over the PIN pad at a POS terminal or ATM to capture the card number and the PIN--is also on the rise. PIN and mag stripe stored together is a goldmine for fraudsters, says Bruce Cundiff, senior analyst, Javelin Strategy and Research, San Francisco. But I did nothing wrong! For many bankers, debit cards become a source of frustration. Their customers want them, they want to issue them to their customers, and yet bankers little control over the security of the cards. In some cases, merchants are not stepping up to the plate and taking the security precautions needed to defend against hackers (e.g., not storing PINs and account numbers). But it's banks that are left holding the bag, having to reissue cards, notify customers that a breach has occurred even if the card hasn't been used fraudulently, manage customer fallout, and absorb any losses. Industry estimates of the costs to reissue a card range from $7 to $20 per card, and cards often be reissued even if there has not been any actual theft. And because criminals can use fraudulent debit cards to quickly deplete a victim's checking account, customers can rack up bounced check fees and late payment fees. Janet Lamkin, president and CEO of the California Bankers Association, says that the banks she works with been reimbursing their customers and taking the losses. She adds that most of the breaches she's aware of are caused by merchants rather than the banks. It's an imbalance, says Lamkin. merchants a big part in the transactions, yet they don't the liability. We want merchants to do more to secure the information and ultimately be held liable as well. The ABA likewise is concerned about how the costs related to fraud are shared by all parties. In an April 26, 2006 letter to executives at Visa, American Express, Discover, and MasterCard, ABA President and CEO Edward Yingling wrote: Issues of who should bear the burden of costs and losses resulting from a breach, including how to provide the correct incentives to parties to meet security standards, need to be addressed. According to Aaron McPherson, research director for the Payments Industry Practice at Financial Insights, Framingham, Mass., an even bigger cost to banks is the risk of losing customers because they don't feel safe. If customers a bad experience with your debit card, they may switch to another bank and you'll lose lending and deposit products and potential growth. With the cost of acquiring new customers, the cost of losing one is very high, says McPherson. Consumers can't defend themselves Like most banks, Seattle's Viking Bank, $410 million in assets, absorbs any losses as a result of a data breach. …
Publication Year: 2006
Publication Date: 2006-11-01
Language: en
Type: article
Access and Citation
Cited By Count: 1
AI Researcher Chatbot
Get quick answers to your questions about the article from our AI researcher chatbot