Countering Card Fraud: Is Chip & Pin Technology Enough?

Countering Card Fraud: Is Chip & Pin Technology Enough?

EuroPay, MasterCard and Visa (EMV) is a technical standard developed to ensure more secure Point-Of-Sale (POS) transactions. EMV allows non-static information to be transferred between

Countering Card Fraud: Is Chip & Pin Technology Enough?

EuroPay, MasterCard and Visa (EMV) is a technical standard developed to ensure more secure Point-Of-Sale (POS) transactions. EMV allows non-static information to be transferred between the card, the terminal, and the financial institution that processes credit card transactions. This takes care of skimming fraud where fake devices would copy data from magnetic stripes and use it on another card. While EMV is not new technology and has been in use for over a decade, it has made its way to the US in the last 2 years.

How does EMV Technology work?

EMV uses microprocessor chips that encrypt bank information making it far more secure than the old magnetic stripe cards. Magnetic Stripe uses static data that is stored in the stripe on the card (this makes it unsafe considering it can be stolen and used). The static information means that the number transmitted by the card for all transactions is the same.

When it comes to EMV standard, although the card data will be the same for every transaction, there will also be other pieces of data that gets re-organised for every transaction. This renders the data stolen at the POS useless for further use.

The verification method for EMV cards can be chip-and-pin or chip-and-signature, with the former being the preferred choice in Europe and the latter often used in the US. This is contactless transaction which is becoming popular as NFC (Near Field Communication) technology used by mobile payments is making inroads. While technological advancements are racing ahead to reduce frauds, fraudsters are not far behind, as they continue to seek innovative methods.

Fraud, the scare still exists

While POS frauds and card counterfeiting have reduced in countries that are early EMV adopters, the cybercrime scene has now shifted to the canvas of e-commerce and online transactions. Fraudsters are also keenly watching late EMV adopters as potential targets. With data breaches and online theft increasing, security agencies have reported a doubling in crime rates of online frauds. ATM frauds are not far behind – swindling with counterfeiting cards and duping to snatch PIN numbers are on the rise.

Research analysts report that these types of frauds are more damaging to the customer by the day. The frauds go unnoticed as the unauthorised purchases and withdrawals lie hidden in the transactional details list. Not many customers go through their transaction histories regularly and closely.

The microchip comes into play when trying to prevent counterfeit fraud because it makes it harder to produce a copy of the card. And a PIN comes into play for protecting against lost-or-stolen fraud because it makes it impossible to use the card unless they also know the PIN.

EMV adoption and the changing fraud types

Using EMV technology for cards has seen a reduction in skimming-type attacks, but the crime rate has increased in other ways of stealing money. Research firm Aite Group reports that losses from counterfeit, lost, and stolen cards in Canada dropped from $245 million in 2008 to $112 million in 2013.

A research by the European ATM Security Team (EAST) found that fraud-type attacks increased 28% during the first half of 2016 with cyber criminals stealing €174 million and Aite reported that there was a 79% increase in online fraud during the EMV adoption phase in Europe.

The banking sector is now making a move to bring in EMV-chip-enabled credit and debit cards, which generate a unique transaction code with each purchase, making them harder to spoof. With these systems and cards rolling out, mining credit card numbers will not be as valuable for criminals, says Privacy Rights Clearinghouse.

Precautionary steps

While fraud severely erodes customer confidence and the bank’s bottom line, fraudsters continue to keep pace with the very technologies that are being developed to keep them at bay.

While banks conduct frequent security audits, invest in advanced security measures and work proactively in mitigating risks, there’s no silver bullet that can eliminate fraud completely.

However, it does help to have an intelligent, pro-active, well-synchronised cross-channel system in place that –

  • Understands customers’ transaction patterns at a granular level using information from across all channels
  • keeps track of customers’ credit histories
  • screens transactions in real-time to quickly spot unusual / potentially suspect activity
  • applies login authentication rules (including mobile number / email id updates)
  • activates real-time alerts and notifications while potentially suspect transactions are in progress

To effectively combat fraud, Banks must go beyond conventional anti-fraud solutions. Intelligent platforms are now available that harness data in real-time from across channels to not only deliver a unified anti-fraud mechanism but also helps create a secure ecosystem.

A ‘Yin and Yang’ Approach to Growing Topline and Bottom-line

A ‘Yin and Yang’ Approach to Growing Topline and Bottom-line

How To Monetize your Anti-Fraud Solution to Make Money for you In Chinese philosophy, yin and yang (also yin-yang or yin yang, ‘dark-bright’) explains how seemingly opposite or contrary forces

January 2017 Issue

Break-Filter-BubbleFinancial Fraud: Greatest Hits of 2016

2016 had a financial fraud being committed once every 15 seconds, compelling financial institutions to buckle up. The trend will continue through 2017 with newer, more innovative attempts. Imperative therefore to think innovatively to stay ahead of the game.Read More

Fraud-proofing Credit Cards

While credit cards have transformed purchase transactions, it has not been without growing vulnerabilities. Read how globalization is driving card fraud and how innovative real-time, cross-channel approach can combat the trend.Read More

ETDigital Finance: What’s Next?

A visual depiction of how digital finance is transforming transactions along with a snapshot of the change indicators.Read More

“Inside Job”

The next episode in the financial fraud thriller series based on Clari5 product use-case scenarios, co-produced and directed along with Banking Technology magazine. Read the previous episodes –

Ep 2: Blacklisted
Ep 1: Malafide Intentions​

Read More

A ‘Yin and Yang’ Approach to Growing Topline and Bottom-line

How To Monetize your Anti-Fraud Solution to Make Money for you

Yin and Yang blogsIn Chinese philosophy,   yin and yang (also yin-yang or yin yang, ‘dark-bright’) explains how seemingly opposite or contrary forces may actually be complementary, interconnected, and interdependent in the natural world.

This intriguing idea actually applies perfectly in the context of banking, if we were to see the yin as saving money (from losses) and the yang as making money (from sales).

The fundamental principle is that the very same investment in data analytics and real-time decisioning for detecting/preventing fraud can be monetized for earning more revenues.

Imagine an intelligent system that understands customers’ behavioral patterns to detect and prevent fraud is also creating precise personas for marketing teams to target.

This is because the same extreme real-time, context-aware logic/approach used to combat cross-channel fraud can also help enable intelligent, hyper-precise targeted and contextual customer engagements.

At the heart of the hypothesis lies the fact that banks have the ‘soul’ of the customer.

Customer flowBanking is the only industry where the entire life of the customer flows through it. A bank knows how much its customers earn, where they live, where they travel to, how much they spend, who’s part of the family, whether they own their home, even how much fuel they put in the car.

No other industry (not even telco or retail) has this very special privilege of having a 360 degree view of a customer’s life. Only banks have the advantage and ability to actually convert this ‘resident intel’ to their benefit.

A real-time, enterprise-wide, cross-channel fraud management solution requires that every banking transaction is available in memory in real-time.

But since only a relatively small percentage of transactions are fraudulent and since the data is available in the system memory, the bank can run positive scenarios in real-time after having assigned fraud risk to certain transactions during the negative-scenario test-run.

Absolute real-timeThe solution can use the same data captured per transaction and analyze the spending and behavior patterns to throw up potential cross-sell and up-sell scenarios in absolute real-time.

Precise data analytics on behavior patterns helps create intelligent and efficiently targeted customer interactions and campaigns to grow the topline.

So while the solution helps the bank’s larger enterprise fraud management initiatives with …

  • A unified case management system for fraud/AML investigation with 360-degree view of behavior across products and channels in one single place.
  • Extreme real-time, context-aware, cross-channel fraud detection and prevention.
  • Monitoring financial and non-financial transactions of customers, accounts, users and employees across branch and channel transactions in real-time to detect suspicious fraud and respond with the right decision in real-time and generate alerts for investigation.
  • Monitoring Salary Accounts’ to identify increase in Salary Credits or non-usage of Salary Accounts.

… it can also be used for –

  • Tracking customers’ POS/E-com channels transactions for generating extreme real-time, as-of-the-moment cross-sell and up-sell alerts.
  • Identifying customers who usually travel internationally and offering them custom products in real-time.
  • Creating customer delight in branch and digital transactions.

So altogether the bank benefits from a –

  • Smart, intelligent, extreme real-time solution that manages fraud detection/prevention as well as enables customer revenue maximization.
  • Non-invasive, bolt-on solution that integrates seamlessly with source systems and reduces TCO.
  • Lowered cost of compliance of fraud and AML regulatory requirements.
  • Single, unified platform that helps protects the bottom-line and grows topline.

Unified Fraud ManagementWhile there may not be many solutions that have the ability to see topline and bottom-line as 2 sides of the same coin, CustomerXPs’ Clari5 seems to one. Its unified fraud management platform leverages the same context-aware, real-time decisioning to enable real-time customer cross/upsell.

Clari5 handles exceptionally large data volumes across multiple channels and source systems in real-time, and processes transactional as well as non-transactional events in real-time and applies over 150 rules to generate alerts in real-time that can be leveraged for both fraud management as well as revenue enhancement.

Banks get to use the same real-time insights that helps combat fraud to also generate profits because the approach that uses the same fundamental logic to protect/save money (curb fraud losses) is also being used to make money (upsell / cross sell).

If banks can view their topline and bottom-line as the yin and yang of their operations, then a single solution that helps achieve both can very well be the proverbial one stone designed to kill two birds.