Daily Bulletin


The Conversation

  • Written by Cassandra Cross, Senior Lecturer in Criminology, Queensland University of Technology

Online credit card fraud is on the rise in Australia, but pointing the finger at any one group won’t help. It’s an ecosystem problem: from the popularity of online shopping, to the insecure sites that process our transactions, and the banks themselves.

A recent report from the Australian Payments Network found that:

  • the overall amount of fraud on Australian cards increased from A$461 million in 2015 to A$534 million in 2016
  • “card not present” fraud increased to A$417.6 million in 2016, up from A$363 million in 2015
  • 78% of all fraud on Australian cards in 2016 was “card not present” fraud.

“Card not present” fraud happens when valid credit card details are stolen and used to make purchases or other payments without the physical card, mainly online or by phone.

Read more: Inside the fight against malware attacks

While these numbers may seem alarming, it’s important to put them in context. Australians are increasingly carrying out transactions online; the report notes that we made 8.1 billion card transactions totalling A$715.5 billion in 2016.

The shift towards online credit card fraud also comes at the cost of other types of fraud. Cheque fraud, for example, was down to A$6.4 million in 2016, from A$8.4 million in 2015.

Still, it’s fair to ask: are the banks doing enough to keep our details secure?

The banks and security

The banks currently have a range of measures in place to protect customers from card fraud:

  • Chip and pin: Australia mandates the use of “chip and pin” technology. This replaced the need to swipe the magnetic strip on credit cards and is recognised as being more secure.

  • Two-factor authentication: Many Australian banks use text messages or tokens that generate a unique, time-limited code to help verify the legitimacy of transactions.

  • Monitoring of customer habits: Australian banks typically have a complex set of algorithms that monitor the spending habits and transactions of their customers. They frequently have the ability to identify a suspicious (often fraudulent) transaction and block it.

Overall, Australian financial institutions are investing time and technology into the prevention of fraud. However, recent allegations that the Commonwealth Bank of Australia breached anti-money laundering laws suggest that the big banks are not immune from the problem.

image The Commonwealth Bank is facing allegations it breached anti-money laundering laws. AAP Image/Dan Peled

Data breaches and malware

Credit card fraud is going where the action is.

According to the research company Neilsen, “nearly all online Australians have used the internet to do some form of purchasing activity”. This means that Australians are increasingly sharing their credit card details with companies around the world.

Large-scale data breaches are a common occurrence. Many organisations have been compromised in some way, including Australian companies like Kmart and David Jones. A variety of personal information can be exposed, and this often includes customers’ credit card details.

Batches of stolen credit card details can be sold on the dark web to other motivated offenders. In one UK example, such details were being sold for as little as £1 per card.

Offenders are also using different types of malware, or computer viruses, to obtain the personal information of unsuspecting victims. In many cases, this includes bank account and credit card details through successful phishing attempts (or spam emails).

Read more: Everyone falls for fake emails: lessons from cybersecurity summer school

The liability fight

Banks will generally refund customers for any fraudulent losses incurred on their credit cards. However, customer must take “due care with their confidential data”.

There is also an onus on the customer to check their credit card statements and notify their bank of any suspicious activity.

But this may not always be the case. In 2016, the former Metropolitan Police Commissioner in the UK made headlines for suggesting that customers should not be refunded by banks if they failed to protect themselves from fraud.

Instead, he argued that customers were being “rewarded for bad behaviour” rather than being encouraged to adopt cyber-safety practices, such as antivirus software and strong passwords.

These statements were met with anger by many advocacy groups who equated them with victim blaming. It was further exacerbated by a leaked proposal by the City of London Police to shift the responsibility of fraud losses from banks to the individual.

While this recommendation was never adopted, the tension may continue to grow when it comes to fraud liability.

Looking for answers

Pointing the finger of blame at any one party is not a constructive solution. Banks alone cannot combat online credit card fraud. Neither can their customers.

There are simple steps to reduce the likelihood of online fraud: having up-to-date antivirus software and strong passwords is an important step. There are sites such as haveibeenpwned that demonstrate how vulnerable and exposed our passwords can be.

Still, it’s difficult to protect against social engineering techniques used by offenders to manipulate victims into handing over their personal details. Not to mention, the risks posed by third-party data breaches, which are beyond the control of individuals.

The introduction of mandatory data breach reporting legislation in Australia in 2017 may have a positive impact. By requiring organisations to let their customers know when their personal information has been compromised, individuals can be proactive about cancelling cards, changing passwords and taking out credit reports to check for fraudulent activity.

Businesses also need to recognise the importance of protecting their customer information. It is critical to overcome the mentality that cybersecurity is simply a technology problem or an IT issue. It should be firmly on the corporate management agenda.

Fraud is inevitable, regardless of the technology being used. Collaborative efforts between banks, businesses, government and individual consumers must improve.

No one group alone can effectively end online credit card fraud. Nor should they be expected to.

Authors: Cassandra Cross, Senior Lecturer in Criminology, Queensland University of Technology

Read more http://theconversation.com/banks-cant-fight-online-credit-card-fraud-alone-and-neither-can-you-82088

Writers Wanted

Top Reasons Why Your Business Needs SEO

arrow_forward

Tips and tricks to choose style and makeup for different skin types

arrow_forward

The Conversation
INTERWEBS DIGITAL AGENCY

Politics

Prime Minister Interview with Ben Fordham, 2GB

BEN FORDHAM: Scott Morrison, good morning to you.    PRIME MINISTER: Good morning, Ben. How are you?    FORDHAM: Good. How many days have you got to go?   PRIME MINISTER: I've got another we...

Scott Morrison - avatar Scott Morrison

Prime Minister Interview with Kieran Gilbert, Sky News

KIERAN GILBERT: Kieran Gilbert here with you and the Prime Minister joins me. Prime Minister, thanks so much for your time.  PRIME MINISTER: G'day Kieran.  GILBERT: An assumption a vaccine is ...

Daily Bulletin - avatar Daily Bulletin

Did BLM Really Change the US Police Work?

The Black Lives Matter (BLM) movement has proven that the power of the state rests in the hands of the people it governs. Following the death of 46-year-old black American George Floyd in a case of ...

a Guest Writer - avatar a Guest Writer

Business News

Top Reasons Why Your Business Needs SEO

SEO is crucial for the ranking of a website. You may think that SEO offers greater searchability while it can do more than this. The most cost-effective tool for the survival of smalls businesse...

News Co - avatar News Co

Nisbets’ Collab with The Lobby is Showing the Sexy Side of Hospitality Supply

Hospitality supply services might not immediately make you think ‘sexy’. But when a barkeep in a moodily lit bar holds up the perfectly formed juniper gin balloon or catches the light in the edg...

The Atticism - avatar The Atticism

Buy Instagram Followers And Likes Now

Do you like to buy followers on Instagram? Just give a simple Google search on the internet, and there will be an abounding of seeking outcomes full of businesses offering such services. But, th...

News Co - avatar News Co



News Co Media Group

Content & Technology Connecting Global Audiences

More Information - Less Opinion