A report carried out by Europol has found that domestic card related fraud has been gradually falling since 2008 thanks to the widespread adoption of Chip and PIN. The adoption of EMV technology is also a reason for the decline of fraud, but it still pulls in around EUR1.5bn a year for criminal gangs, says Europol.
727 million payment cards alone were issued in 2011.The figures come from a report published to coincide with the opening of a new European cybercrime centre under Europol’s jurisdiction, which will be the EU’s focal point in fighting online crime carried out by organised gangs.
Progress in the fight against fraud is being undermined by a sharp increase in the level of illegal transactions overseas as crooks target cash machines and payment terminals in EMV-less places such as the Dominican Republic, Colombia, Russia, Brazil, Mexico, and, crucially, the US.
Consequently, in 2011, almost all fraudulent face-to-face transactions with EU cards took place overseas. The problem of illegal transactions in the US has been reported to Europol by all 27 EU member states.
The ultimate answer to this problem would be the implementation of the EMV standard on a global level, including making US merchants compliant, says Europol, adding that “specific discussions on that are currently ongoing, however it is difficult to predict if, and when, the final stage of compliance might be reached”.
In the meantime, the report backs ‘geoblocking’ – deactivating the mag-stripe and making cards chip-only. Having become the first country to introduce this, Belgium has seen skimming losses fall to nearly zero, says Europol.
The organisation admits though that geoblocking has its drawbacks, with users required to get their cards activated every time they visit a non-EMV compliant country.
Meanwhile, card-not-present fraud is on an upward trend, accounting for around EUR900 million of the EUR1.5 billion. Credit card information and bank account credentials are some of the most actively traded ‘goods’ on the Internet’s underground economy and this stolen data is used to create cloned cards which are used to make online purchases with EU suppliers, says Europol.
Most of the credit card numbers misused in the EU come from data breaches in the US and while investments by EU industry in the 3D secure protocol have helped, not all transactions are protected with it on an EU or worldwide level. To help it tackle the increasingly global nature of fraud, Europol is asking for new rules to enable it to work with non-EU police forces and a special mandate to dismantle criminal rings around the world. Common European legal systems for the security of online retail payments, as well as the mandatory reporting of financial data breaches, should also be considered, it recommends.
Whitepapers
Related reading
Central banks best suited to issue digital currencies
By Aaran Fronda A recent report by the Official Monetary and Financial Institutions Forum (OMFIF) said that central banks rather than private ... read more
Instant payments: innovations inbound for corporates
In 2020, instant payments look set to continue their current trajectory to become the biggest trend in payments. While these schemes already offer numerous benefits to corporates, leveraging innovations such as APIs and request to pay will go some way to unlocking their full potential, argues Michael Knetsch
Obstacles exist for banks to meet ECB’s instant payments goal
The cost of joining instant payment platforms will be one of many hurdles banks and payment services providers must overcome to meet ... read more
Banks must be aware of “biases” in data used to train ML models
Financial institutions need to be conscious of biases in the historical data that is being used to train machine learning (ML) models, ... read more