Consumer Reports Warns America’s Credit Cards “Surprisingly Vulnerable” to Fraud

In the Consumer Reports June 2011 issue, the article “House of Cards” gives some disquieting information about the outdated security technology employed by American credit card issuers. Three pieces of almost shocking information are:

  • Information necessary to complete a transaction stored on American-issued credit cards is virtually unprotected.
  • Technology for higher level credit card security exists and is used extensively throughout Europe and Canada
  • In general, US credit card issuers have no plans to switch to the enhanced technology in the immediate foreseeable future.

It is surprising and perhaps even shocking that our country, which is a world leader in so many areas, is classed with unindustrialized nations in Africa when it comes to levels of security associated with debit and credit cards.

By 2012, one would be hard-pressed to successfully use a credit card issued in America at a bank in Europe, and they will not be accepted in China by 2015. That is, unless the technology employed on American-issued credit cards changes.

While most of Europe and Canada have embraced EMV (Europay MasterCard® Visa®) technology with its embedded chip that both stores data and transmits data with encryption, American credit cards still feature the magnetic strip that stores all the information necessary to make a transaction without any encryption. While information on a magnetic strip is easy for a criminal to access using a skimmer, the encrypted EMV data is also protected by a unique identifier that can change with every purchase. In addition to the embedded encryption of EMV cards, another level of protection is a required PIN for both credit or debit card use.

If the magnetic strip information is not encrypted, what protection do most American-issued credit cards have?

  • Required PIN access numbers
  • Limited or Zero liability for credit card fraud
  • Rigorous monitoring activity by credit card issuers

Although many American cards require a PIN to complete transactions, the ease with which the magnetic strip information can be stolen makes them an attractive target for thieves. According to the Consumer Reports article, in 2010, 32% of American credit card users reported credit card fraud within the 5 previous years. Much of the fraud is through a process called “skimming” where skimming equipment is installed over or in a terminal such as a gas pump or an ATM. In addition to a skimmer, thieves often also install pinhole video cameras or keypad overlays to capture PIN numbers. Once the information is accessed, it can be used to create a counterfeit card or sold, usually over the internet, to other criminals.

Most American credit card issuers do protect the consumer with limited or zero liability on credit card fraud, but the process of investigation of possible fraud often takes several weeks during which the consumer is on his or her own to cover any financial obligations regardless of what has been stolen out of the account.

Although the magnetic strip is unencrypted, the American credit card issuers assure that they protect consumers by employing sophisticated systems to monitor for fraudulent activity. Chase® card states they have 1,000 personnel responsible to detect fraud. VISA touts their real time fraudulent detection system.

If the technology exists to prevent or greatly deter incidents of credit card fraud, why isn’t the American banking industry rushing to incorporate it? Essentially, the loses incurred due to credit card fraud haven’t hurt enough. According to the “House of Cards” article, merchants cover over 43% of debit card losses and over 50% of credit card losses due to fraud. In addition, merchants have to pay credit card issuers an interchange fee for every completed transaction. Sometimes these fees can be quite high, which is why some businesses don’t accept certain credit cards. Supposedly the reason for assessing the transaction fees is to help defer fraud costs.

Of course, merchants aren’t going to absorb either the fees or the losses. Those costs are passed onto the consumer. The bottom line is that credit card fraud doesn’t affect the banking industry’s bottom line enough – yet.

The cost to switch over to the EMV technology is rather staggering. Consumer Reports estimated that the banking industry expense would be approximately 2.85 billion plus an additional 310 million to install needed technology at ATM terminals. It was also estimated that nationwide merchants would spend 2.64 billion to update their payment transaction technology.

Already, large corporations in America, such as WalMart®, are installing contact and contactless readers while others, such as McDonald’s® and Sears®, are lobbying the banking industry to make the change.

Change is coming. It is inevitable. It is only a matter of time. But the American credit card industry has given no indication of how much time. Meanwhile, American-issued credit card holders would do well to know the physical location of each of their credit cards, monitor closely the charges reported on your monthly statements, be aware of anything suspicious at point of payment terminals, and have a list of your credit cards and each credit card issuer’s customer service numbers so you can easily call to report any suspicious activity on your card.

Share and Enjoy:
  • Print
  • email
  • Digg
  • StumbleUpon
  • del.icio.us
  • Facebook
  • Yahoo! Buzz
  • Twitter
  • Google Bookmarks
  • NewsVine
  • Propeller
  • Reddit
  • Technorati

Leave a Reply

 
© 2011 PlasticRewards.com. All Rights Reserved.