September 30, 2014 - Original Blog by Carol Alexander, Sr. Director, Product Marketing, Authentication & Payment Security aleca01
Fraudsters have stolen the long-held belief by many consumers that their credit and debit card data is safe. But all is not lost and here's why.
Forrest Parry’s invention of the magnetic stripe used in credit cards has led many consumers for decades to believe that their data was safe.
But the fraudsters have proven how naïve that notion is.
Published security breaches such as Target, Neiman Marcus and Home Depot have made us acutely aware of how vulnerable our information is.
How the industry is responding
Breaches of all kinds – insider, outsider, online and point of sale – have made us take action and implement security technologies that will help mitigate this in the future. Privileged user identity software, encryption and other technologies help us lock down the data where it resides by granting access to only authorized users, with an audit trail of who did what and when.
When it comes to payment security and fraud today, you have two main attack vectors to protect – Point of Sale (POS) and eCommerce transactions – with new systems such as Apple Pay coming online each day.
And a lot more of us are shopping online these days too. Since the dot.com boom, eCommerce sales have skyrocketed to an astounding $1.25 trillion in 2013, according to eMarketer forecast for B2C eCommerce Sales, 2012-2017.
The impact of ‘chip and pin’
In Europe and Asia, chip and pin cards have been used for some time. They have shown to be effective against card cloning because the chip is encrypted and the POS terminals interact with the chip on the card instead of reading the mag stripe. So even if the bad buys get the information from a breach, the card can’t be cloned.
And, given the aforementioned highly publicized breaches, the US merchants and card issuers, who were holdouts for using “chip and pin” debit and credit cards, are now migrating to this technology. Mandates are in place to migrate to chip and pin cards and new point-of-sale terminals by October of 2015.
Fighting eCommerce fraud
With eMarketer forecast estimating B2C eCommerce sales to grow to $2.35 trillion by 2017, fraudsters will be targeting this lucrative channel. In countries where chip and pin are already implemented, history has shown that once you lock down card present fraud, the fraud migrates to card-not-present (CNP) or eCommerce transactions, so this is not theoretical.
The best strategy is to plan for CNP fraud in advance. This is where CA Risk Analytics and its new advanced behavioral models for 3-D Secure authentication will help.
This will enable zero-touch authentication, making the checkout experience easy for consumers and helping banks drive more accurate fraud detection.
In turn, this will provide a great solution for reducing fraud losses, improving customer experience, and increasing revenue for both the merchants and card issuers – definitely a win-win situation for the industry and the consumers.
So, all is not lost, is it?
Original Blog URL: https://blogs.ca.com/2014/09/30/loss-credit-debit-card-innocence/