Growing Card Fraud?Visa Says Card Fraud Remains Stable, But ACI Survey Suggests the Opposite
I ran into a similar situation this week related to the topic of card fraud.
ACI Worldwide recently released results from its 2010 Global Card Fraud Survey. The online consumer survey, conducted in December, included 4,200 collective responses from 14 countries: Australia, Brazil, Canada, China, Dubai, France, Germany, India, Italy, Netherlands, Singapore, Sweden, the United Kingdom and the United States.
Even if fraud is relatively low and stable, the fact that Visa is promoting a program that encourages dynamic authentication shows the Visa network, too, clearly supports movement toward more advanced card technologies that offer enhanced security benefits.
According to the findings, 29 percent of consumers across eight major economies have been victims of card fraud in the past five years. The results reflected an 11 percent increase since ACI last conducted the survey in summer 2099. Luckily, the survey found that consumers appear to be more educated about card fraud - 79 percent who had been victims of fraud said they were satisfied with the way their financial institutions handled the incidents. That percentage was up from 2009, when only 75 percent said they were satisfied.
According to the survey, U.S. consumers reported the highest instances of card fraud; 32 percent said they had been victims of fraud in the past five years. In 2009, only 27 percent said they had been affected by card fraud. And other countries, like China, got hit even harder; 43 percent of respondents there said they had fallen victim in the last five years.
Since the survey results were evenly distributed, with 300 results taken from each market, the findings were balanced, not skewed by varying population density or cardholder acceptance.
On the heels of the release of ACI's findings, Visa Inc. announced the launch of its new Visa Technology Innovation Program - a compliance program designed to help international merchants cut some of their PCI expenses. In countries where the majority of a merchant's transactions are EMV chip transactions, the merchant may be able eligible to bypass annual validations required for compliance with the Payment Card Industry Data Security Standard. That's because EMV, a dynamic authentication process, removes card data from the transaction. When card data is removed, why do you need PCI?
My question to Visa, however, was this: That's great for EMV countries, but how is the U.S., the world's largest payment-card market, going to address its growing card-fraud problem?
Visa clearly states in a release it issued about the new Tech Innovation Program that it sees EMV chip technology as being far superior to the mag-stripe. "Visa has repeatedly underscored the need for authentication solutions to move to dynamic data technologies such as EMV chip," the release notes. "Although Visa's global fraud rate remains at an all-time low of less than 6 pennies out of every $100 transacted, we believe the future of security lies in dynamic data. Our experience suggests that as markets move to chip, they become less vulnerable to counterfeit fraud and, ultimately, to mass data compromise attacks."
Eduardo Perez, head of Visa's global payment system security, says contactless and mobile payments, as well as tokenization and end-to-end encryption will be the focus in the U.S. And he says fraud rates in the U.S., as far as Visa transactions are concerned, remain relatively low and stable. "The U.S. does not actually have escalating incidents card fraud," he says.
So what do we believe? According to ACI's study, card fraud in the U.S. is clearly growing. Granted, the ACI study includes information about cardholders that fall outside the purview of Visa. But Visa, being the largest global card brand, should have a relatively close handle on fraud.
I'm not going to worry too much about the discrepancy. I interview enough sources in the payments space to accept that card fraud is a growing problem. Even if fraud is relatively low and stable, the fact that Visa is promoting a program that encourages dynamic authentication shows the Visa network, too, clearly supports movement toward more advanced card technologies that offer enhanced security benefits. And I expect consumers, who are more educated about card fraud than they were even 18 months ago, as the ACI survey reveals, will soon expect movements to more advanced card technologies as well.
According to ACI's findings, the main indicator for customer satisfaction globally relates to the speed with which stolen funds related to card fraud are refunded. And in the U.S., 40 percent of consumers indicated satisfaction hinges more on the bank's ability to identify the fraud first - before the consumer finds it - than on actually getting the money back.
I wonder how long that percentage will hold. As more countries move to dynamic solutions, like EMV, and the U.S. remains stagnant, I bet we can expect to see a drop in that percentage the next time ACI conducts its card fraud survey. I could be wrong, though. Maybe tokenization and end-to-end encryption will satisfy them, but I doubt it.