High Tech Credit Cards and Fraud

Smartcard2 - Channel R The New York Times ran an article over the weekend about how even though “smart” credit cards are more advanced, there is almost no reason to expect them to be adopted here in the USA. That is an interesting story, which I will get to in a moment, but the article revealed an astonishing statistic that is worth the distraction.

Fraud losses for the credit card companies are currently running at just six cents per $100 charged. That is 0.06%. Put that into the context of the average fee paid by the merchant to the card company, around 1.8%. Or the 1% to 2% that we all expect to get back from our cards in the form of rewards.

0.06%, or as we finance types would call it, 6 basis points, is a very small number. In the context of a retail store it is the moral equivalent of zero. For most merchants it is an order of magnitude smaller than “shrinkage” i.e. theft of inventory.

I always assumed that the losses due to fraud were small. Visa and MasterCard have made it clear with their actions that they are not much concerned with it. Despite the buzz around ID theft, the card companies have been quietly reducing security to make card use easier and cheaper. In most places the customer now swipes it himself, meaning that the clerk no longer even sees the card. And merchants are no longer required to get signatures for smaller transactions.

The card companies also reduced the customer’s liability in cases of fraud and theft down to zero.

Obvious and relatively cheap, if not free, anti-fraud measures have not been implemented by the card companies. They could have required photos of cardholders on the cards, as a few banks once did. (Do any of them still do?) Or they could have required a PIN to use the card, which is, let’s face it, much more reliable than a signature. Or they could have simply allowed merchants to require customers to show ID.

Card companies have done none of these things and are unlikely ever to do them. Why would they? At 0.06%, the potential reward for any anti-fraud measure is tiny and unlikely to justify the cost. Indeed, I am wondering why they bother to do what little they do now. Why ever require a signature? I can charge thousands of dollars at Amazon without a signature. Why not Home Depot too? I am betting this will happen sooner or later. Probably sooner.

Europeans do not sign when they use a credit card. They punch in a PIN. Which brings me back to the topic of so-called smart cards. In Europe, credit cards have fancy looking chip in them which allows a portable device to validate a PIN on the spot, without accessing a central database.

That seems more advanced and even the Times article refers to the USA as being “far behind” Europe in this respect. But the only practical advantage of a chip is that it is harder for a criminal to forge one than it is for him to make his own magnetic strip. That is not much of a benefit, and it could not possibly justify the cost of upgrading the 13 million magnetic stripe readers in America.

Indeed, the Times leaves me wondering why smart cards were ever implemented in Europe. The story about high telecommunications costs in Europe in the 1980s, thus necessitating PIN validation on the spot, sounds plausible and clever, but it does not really work. There is plenty of space on a magnetic stripe to include an encoded PIN.

More likely, a confluence of two things inspired the adoption of what now looks like a pointless complication. First, I imagine that European card issuers saw putting chips in cards as a first step to something bigger. Once millions of chip readers were installed, future generations of even smarter cards would be able to do really great things. Those things never materialized.

The other reason is the more obvious one. Chips in cards are cool, and were particularly so in the 1980s. I think there was momentum behind smart cards in Europe because it seemed high-tech. And if it was something the Americans had not adopted yet, so much the better. As an executive with Target said when they introduced (an ill-fated) smart card in 2001, “What is most important to us is to keep our brand hip and hot and innovative.”

[Photo – Channel R]

categories Uncategorized | | datetime October 19, 2010 1:12 pm

185 Comments

  • By Neil, October 19, 2010 @ 1:49 pm

    Quick question about the source of the .06% stat: is this how much money the transaction network loses to fraud, or the amount of total credit card fraud?

    Knowing the the network has mitigated their liability substantially (passing off most fraud costs to retailers and banks, plus the unreported fraud by the many people who don’t verify their statements), the former number is basically meaningless, and it’s lowness might be more an example of the network’s monopoly power to impose bad contracts on their customers (the banks and retailers) rather than saying anything about the incidence of fraud.

    My primary appreciation of smart-cards, though, which have finally been adopted in Canada: now I can use them in automated machines in Europe. (Even after PIN adoption, manned machines still had swipe capability, but not most train and subway vending machines, parking lots, and anything else automated) Given my penchant to spend my vacations in Europe, this was a big thing for me.

  • By tm, October 19, 2010 @ 2:38 pm

    In that article we’re basically told that chip and PIN is more secure than our old fashioned magnetic stripes. By an industry spokesman. Very balanced reporting.

    It may come as a shock to all of us, especially NY Times journalists, that in the view of actual security people, these smart cards (e.g. “chip and PIN”) are not actually any more secure than ye olde magnetic stripe cards:
    http://www.schneier.com/blog/archives/2009/03/more_european_c.html
    http://www.schneier.com/blog/archives/2010/02/man-in-the-midd_1.html
    http://www.schneier.com/blog/archives/2008/03/chip_and_pin_vu.html

    So, if I were a bank, I would be in no hurry to force merchants to adopt something that provides me no benefit for a problem I could care less about. (But then again, why do banks make merchants go through PCI, which is frankly more onerous than replacing POS terminals and provides about as much benefit as smart cards?)

  • By Kosmo @ The Soap Boxers, October 19, 2010 @ 2:47 pm

    It’s in the best interests of the credit card issuers to keep that rate at .06%. Be too lax on security, and that number could multiply.

    We use our cards a lot (paying off every month and getting cash back), and have never had a fraudulent charge make it to out bill. We’ve been contacted twice by issuers about fraudulents charges. HSBC just started denying charges one day on our typical (i.e. NOT unusual activity) trip to the local mall. Not actually fraudulent activity … Chase did actually catch some attempted fraud (something on another continent – I forget the specifics, but it was about $1000)

  • By Frankie, October 19, 2010 @ 3:50 pm

    There is plenty of space on a magnetic stripe to include an encoded PIN.

    That would never work.

    With a strip, the terminal would have to read the PIN, then compare it to the PIN that was entered by the customer. It would be very easy to crack that code.

    With a chip – the terminal sends the chip the PIN and the chip confirms that the number is correct. The chip never has to transmit the valid PIN – it just confirms that the code it received is correct.

  • By Hibryd, October 19, 2010 @ 6:41 pm

    Woah woah woah, “Fraud losses for the credit card companies” and “Fraud losses for the merchants” are two entirely different things. Merchants are out the money and the merchandise, credit card companies are only out their lost transaction fees.

    Large merchants have stopped collecting signatures on small purchases just because 1) it’s time consuming, and 2) small purchases are unlikely to be disputed. I mean, if you steal someone’s credit card, are you going to waltz over to Starbucks for a latte, or are you going to buy a few thousand dollars of electronics online before the card is shut down? I believe Target is no longer collecting signatures on small-to-medium purchases made with “trusted” cards, meaning cards that have been swiped there before without incident.

  • By Hibryd, October 19, 2010 @ 6:50 pm

    By the way, I’ve both had my credit card information stolen AND been at the receiving end of a lot of obvious fraud at two companies I worked for.

    When I was at the receiving end, my employers didn’t lose too much money due to fraud just because most of the fraudulent purchases were so damn DUMB. Let see, they want 50 of our most expensive item and didn’t specify a size or color? Well, let’s ship that order out right now, then!

    By contrast, the people who stole and/or used my credit card information were much more clever. They even got it shipped to the same general area where my billing address was located. Too bad I couldn’t prosecute, the merchant couldn’t prosecute, and the credit card company didn’t care, so whoever stole my info got away with it.

    (By the way, calling up the issuing bank to let them know a customer’s card has been stolen? Total pain in the ass. 5-15 minutes waiting on hold, first with Visa/MasterCard and then with the issuing bank. They should just have a 1-800 number where merchants can report suspicious activity and then Visa or Mastercard does the actual follow-up.)

  • By Patrick, October 19, 2010 @ 10:46 pm

    No need to go to Europe: “chip” cards are quickly becoming ubiquitous in Canada.

    Oh, and the chip doesn’t just store your PIN. A very small amount of digging on Wikipedia goes a long way.

  • By Nick, October 20, 2010 @ 9:10 am

    When I was a pimply-faced teenager working a cash register I always thought that the folks coming through with their photos on their credit cards were pimpin’ it hard. I thought that was pretty high-roller stuff.

  • By Chad, October 20, 2010 @ 3:19 pm

    Just a thought, but another reason banks may be less inclined to take any action to decrease the amount of fraud could be that they are making tons of profit from credit monitoring programs that are sold based on the public fear factor regarding fraud. Decrease the fraud . . . decrease the fear . . . decrease the credit monitoring service profits. If your numbers are correct, I would say the banks are making out like bandits in the end once you offset any losses due to fraud with the profit from the monitoring programs. No wonder I get calls at least every other month from a certain bank trying to get me to buy into their monitoring program!

  • By Matt, October 21, 2010 @ 3:17 pm

    I usually agree with most of what you say, but I am having issues with this post. I bet it is mainly because of my current circumstance.

    I found out today I had my credit card information stolen. I am on vacation with my wife and I am relying on the card to get me through the vacation. Yes, I have a debit card with plenty of cash linked to it and I am able to use that, but I wanted to mainly use the credit card because I would be guaranteed against theft.

    Your low basis point is a decent measure based off of direct costs to the credit card company, but you are not discussing the cost to the consumer. My card information was stolen and the card closing has caused an impact much greater than 0.06% to me. It has seriously impacted my trip and my plans.

    Some of the measures you mentioned, such as checking for an ID, could have potentially stopped the thieves from stealing my information in the first place. The calculation does not include the direct impact I face.

  • By tm, October 22, 2010 @ 12:39 pm

    There is plenty of space on a magnetic stripe to include an encoded PIN.
    Security-wise this is basically the equivalent of hiding the front door key under the doormat. If you actually encrypt the PIN with something good, then how do you decrypt it so you can actually use the card?

    Some of the measures you mentioned, such as checking for an ID, could have potentially stopped the thieves from stealing my information in the first place.
    Those measures would not have stopped them from stealing your card information in the first place. There many ways your credit card could fall into their hands:
    * They could just steal it or copy down the info with the card in hand
    * Skimming the card (that is, using a fake card reader that’s installed on top of the real one, e.g.: http://krebsonsecurity.com/all-about-skimmers/ )
    * Hacking your browser
    * Hacking a merchant

    An ID check would make it slightly more difficult to use a forged card at a physical point of sale, but you’re asking a retail clerk to do a security job. It’s like asking the TSA to protect aviation. Also, that doesn’t stop someone at an online merchant, as long as they have the other relevant information (e.g. billing address, telephone #).

    …I wanted to mainly use the credit card because I would be guaranteed against theft.
    The “guarantee” means you’re not liable for fraudulent charges. It doesn’t mean that the process for reporting fraud is going to be good or that you won’t be inconvenienced. To put it another way, you have auto insurance to pay for losses in the event of theft, but you’re still going to be pretty damn inconvenienced if your car gets stolen.

  • By Corey, October 23, 2010 @ 12:39 am

    The New York Times ran another article today, Credit Cards Soon to Get a Makeover:
    http://www.nytimes.com/2010/10/22/your-money/credit-and-debit-cards/22cards.html

  • By coach shoe outlet, December 4, 2010 @ 3:36 am

    Sounding Out thanks is simply my little way of saying bravo for a fantastic resource. Take On my sweetest wishes for your incoming post.

  • By creditcards, November 10, 2011 @ 8:11 pm

    Hi, just wanted to mention, I liked this post. It was practical. Keep on posting!

  • By www.littlebarry.com, April 23, 2013 @ 2:27 am

    People sometimes tend to think, “if only I were a celebrity, everything would be better”.
    Women who are planning the wedding of their dreams can find plenty of fantastic information in Bride’s magazine.
    Every now and then, new stars emerge and disappear in the blink of an eye and every smallest detail about the same becomes important celebrity news.

Other Links to this Post

  1. imprinted knee pads — March 10, 2023 @ 10:58 am

  2. hour hands for clocks — March 10, 2023 @ 11:41 am

  3. fireplace repair costs — March 10, 2023 @ 3:11 pm

  4. imprinted protective eyewear — March 10, 2023 @ 5:28 pm

  5. best hands for clocks — March 10, 2023 @ 6:39 pm

  6. safety kits — March 10, 2023 @ 8:43 pm

  7. gas fireplace repair — March 10, 2023 @ 9:41 pm

  8. get more info here — March 11, 2023 @ 1:44 am

  9. bathtub restoration — March 11, 2023 @ 2:56 am

  10. tote bags — March 11, 2023 @ 3:34 am

  11. clock motor suppliers — March 11, 2023 @ 3:55 pm

  12. tub resurfacing near me — March 11, 2023 @ 5:03 pm

  13. fireplace maintenance — March 11, 2023 @ 5:26 pm

  14. tradeshow signs — March 11, 2023 @ 5:35 pm

  15. branded products — March 11, 2023 @ 8:22 pm

  16. fireplace maintenance service — March 11, 2023 @ 11:59 pm

  17. bathroom refinishing — March 12, 2023 @ 12:05 am

  18. customized lanyards — March 12, 2023 @ 3:00 am

  19. Learn More — March 12, 2023 @ 6:00 am

  20. gas fireplace maintenance near me — March 12, 2023 @ 6:30 am

  21. bathroom tub refinishing — March 12, 2023 @ 7:03 am

  22. branded face masks — March 12, 2023 @ 7:37 am

  23. gas fireplace repair services near me — March 12, 2023 @ 1:00 pm

  24. best motor for clocks — March 12, 2023 @ 1:00 pm

  25. reglazing tub and tile — March 12, 2023 @ 1:51 pm

  26. corporate gifts — March 12, 2023 @ 2:38 pm

  27. custom printed face masks — March 12, 2023 @ 4:09 pm

  28. time movement hands — March 12, 2023 @ 8:02 pm

  29. bathroom reglazing near me — March 12, 2023 @ 8:54 pm

  30. logo safety glasses — March 12, 2023 @ 10:58 pm

  31. fireplace repair companies near me — March 13, 2023 @ 2:11 am

  32. clock hands repair — March 13, 2023 @ 3:11 am

  33. bathtub refinishing — March 13, 2023 @ 4:05 am

  34. safety kits — March 13, 2023 @ 4:52 am

  35. clock accessories — March 13, 2023 @ 10:20 am

  36. bathtub refinishing companies near me — March 13, 2023 @ 11:14 am

  37. large clock hands — March 13, 2023 @ 4:09 pm

  38. business gifts — March 13, 2023 @ 5:19 pm

  39. promo products suppliers — March 13, 2023 @ 5:37 pm

  40. caveman live music americana festival — March 13, 2023 @ 6:25 pm

  41. synchronized wireless time systems — March 13, 2023 @ 6:30 pm

  42. quartz clock fit-ups — March 13, 2023 @ 11:11 pm

  43. logo printed face masks — March 13, 2023 @ 11:48 pm

  44. DIY clock replacement parts — March 14, 2023 @ 12:20 am

  45. Homepage — March 14, 2023 @ 12:44 am

  46. Building management services — March 14, 2023 @ 12:58 am

  47. storage units — March 14, 2023 @ 4:04 am

  48. click Here — March 14, 2023 @ 5:38 am

  49. embroidered hats — March 14, 2023 @ 6:23 am

  50. metal clock hands — March 14, 2023 @ 6:43 am

  51. caveman live music festival weston colorado — March 14, 2023 @ 6:54 am

  52. learn more — March 14, 2023 @ 7:06 am

  53. auto storage — March 14, 2023 @ 10:10 am

  54. promo products suppliers — March 14, 2023 @ 11:42 am

  55. clock motor suppliers — March 14, 2023 @ 12:03 pm

  56. clock Inserts videos — March 14, 2023 @ 12:55 pm

  57. weston colorado music festival — March 14, 2023 @ 1:06 pm

  58. wireless clocks transmitter — March 14, 2023 @ 1:18 pm

  59. car storage missoula — March 14, 2023 @ 4:28 pm

  60. small clock inserts — March 14, 2023 @ 6:47 pm

  61. luggage tags — March 14, 2023 @ 7:37 pm

  62. clock synchronization wirelessly — March 14, 2023 @ 7:53 pm

  63. camper storage — March 14, 2023 @ 11:27 pm

  64. custom lanyards — March 15, 2023 @ 12:29 am

  65. monument lake resort caveman music festival — March 15, 2023 @ 2:53 am

  66. time synchronazation clocks — March 15, 2023 @ 3:04 am

  67. business gifts — March 15, 2023 @ 3:06 am

  68. camper storage — March 15, 2023 @ 6:31 am

  69. metal clock hands — March 15, 2023 @ 9:38 am

  70. colorado music festival — March 15, 2023 @ 9:58 am

  71. time movement hands — March 15, 2023 @ 10:03 am

  72. Best digital clocks — March 15, 2023 @ 10:10 am

  73. imprinted promotional gifts — March 15, 2023 @ 10:28 am

  74. custom logo design — March 15, 2023 @ 1:22 pm

  75. storage units — March 15, 2023 @ 1:23 pm

  76. colorado live music festival — March 15, 2023 @ 5:08 pm

  77. replacement parts for clocks — March 15, 2023 @ 5:13 pm

  78. quartz clock fit-ups — March 15, 2023 @ 5:20 pm

  79. logo t shirts — March 15, 2023 @ 5:52 pm

  80. custom logo design — March 15, 2023 @ 7:48 pm

  81. storage rental — March 15, 2023 @ 8:18 pm

  82. weston colorado americana festival — March 16, 2023 @ 12:17 am

  83. replacement parts for clocks — March 16, 2023 @ 12:22 am

  84. FCC wireless license — March 16, 2023 @ 12:29 am

  85. clock inserts suppliers — March 16, 2023 @ 1:02 am

  86. imprinted promotional gifts — March 16, 2023 @ 1:18 am

  87. promotional products — March 16, 2023 @ 2:16 am

  88. large clock hands — March 16, 2023 @ 7:34 am

  89. synchronized wireless clocks — March 16, 2023 @ 7:39 am

  90. custom logo design — March 16, 2023 @ 8:41 am

  91. self storage near me — March 16, 2023 @ 10:03 am

  92. click Here — March 16, 2023 @ 2:44 pm

  93. outdoor clocks for schools — March 16, 2023 @ 2:50 pm

  94. luggage tags — March 16, 2023 @ 4:13 pm

  95. clock mechanisms — March 16, 2023 @ 4:14 pm

  96. clock inserts suppliers — March 16, 2023 @ 10:05 pm

  97. elapsed time clock for operating rooms — March 16, 2023 @ 10:16 pm

  98. badge reel holder — March 16, 2023 @ 11:41 pm

  99. clock building videos — March 16, 2023 @ 11:47 pm

  100. missoula car storage — March 17, 2023 @ 12:02 am

  101. learn more — March 17, 2023 @ 5:30 am

  102. plastic dial hand — March 17, 2023 @ 5:35 am

  103. caveman americana festival — March 17, 2023 @ 5:39 am

  104. logo safety glasses — March 17, 2023 @ 9:57 am

  105. labor day weekend music festival — March 17, 2023 @ 12:56 pm

  106. Clock kits and dials — March 17, 2023 @ 1:18 pm

  107. covered rv storage near me — March 17, 2023 @ 1:54 pm

  108. mechanism for clocks — March 17, 2023 @ 2:43 pm

  109. colorado music festivals — March 17, 2023 @ 8:12 pm

  110. accessories for clocks — March 17, 2023 @ 8:47 pm

  111. clock repair videos — March 17, 2023 @ 10:09 pm

  112. branded products — March 17, 2023 @ 10:40 pm

  113. americana music festival 2023 — March 18, 2023 @ 3:24 am

  114. read more — March 18, 2023 @ 3:32 am

  115. storage places near me — March 18, 2023 @ 3:43 am

  116. mechanism for clocks — March 18, 2023 @ 4:15 am

  117. metal water bottles — March 18, 2023 @ 4:54 am

  118. branded face masks — March 18, 2023 @ 4:56 am

  119. storage unit prices near me — March 18, 2023 @ 10:26 am

  120. caveman music — March 18, 2023 @ 10:30 am

  121. synchronized wireless clock systems — March 18, 2023 @ 10:37 am

  122. best motor for clocks — March 18, 2023 @ 11:25 am

  123. custom logo design — March 18, 2023 @ 12:02 pm

  124. clock accessories — March 18, 2023 @ 12:35 pm

  125. trailer storage — March 18, 2023 @ 5:02 pm

  126. caveman live music americana festival — March 18, 2023 @ 5:37 pm

  127. click here — March 18, 2023 @ 5:53 pm

  128. personal promotional products — March 18, 2023 @ 7:08 pm

  129. get more info here — March 18, 2023 @ 7:39 pm

  130. Bonuses — March 19, 2023 @ 12:44 am

  131. GPS Receiver — March 19, 2023 @ 1:14 am

  132. how to build your own clock — March 19, 2023 @ 1:39 am

  133. custom surgical masks — March 19, 2023 @ 2:13 am

  134. visit website here — March 19, 2023 @ 2:43 am

  135. u.s. music festivals — March 19, 2023 @ 8:05 am

  136. elapsed time clock for operating rooms — March 19, 2023 @ 8:33 am

  137. customized water bottles — March 19, 2023 @ 9:18 am

  138. clock movement — March 19, 2023 @ 9:46 am

  139. business gifts — March 19, 2023 @ 11:46 am

  140. storage units missoula mt — March 19, 2023 @ 1:09 pm

  141. clock motor suppliers — March 19, 2023 @ 3:51 pm

  142. logo face masks — March 19, 2023 @ 4:23 pm

  143. best clock movements — March 19, 2023 @ 4:48 pm

  144. missoula car storage — March 19, 2023 @ 8:15 pm

  145. mechanisms for clocks — March 19, 2023 @ 10:54 pm

  146. car storage near me — March 20, 2023 @ 3:27 am

  147. water bottles with logo — March 20, 2023 @ 6:38 am

  148. get more info here — March 20, 2023 @ 7:05 am

  149. mini storage — March 20, 2023 @ 10:52 am

  150. Clock kits and dials — March 20, 2023 @ 12:45 pm

  151. quartz clock fit-ups — March 20, 2023 @ 2:01 pm

  152. time synchronazation clocks — March 20, 2023 @ 2:08 pm

  153. personalised engraved pens — March 20, 2023 @ 5:36 pm

  154. missoula boat storage — March 20, 2023 @ 6:23 pm

  155. Clock kits and dials — March 20, 2023 @ 7:43 pm

  156. americana music festivals — March 20, 2023 @ 8:40 pm

  157. logo printed face masks — March 20, 2023 @ 9:03 pm

  158. PA systems — March 20, 2023 @ 9:34 pm

  159. get more info here — March 20, 2023 @ 11:33 pm

  160. mini storage — March 21, 2023 @ 1:46 am

  161. mechanism for clocks — March 21, 2023 @ 2:33 am

  162. monument lake resort music festival — March 21, 2023 @ 3:45 am

  163. hospital clock system — March 21, 2023 @ 4:49 am

  164. visit website here — March 21, 2023 @ 5:26 am

  165. pendulum movements — March 21, 2023 @ 9:25 am

  166. monument lake resort caveman music festival — March 21, 2023 @ 10:53 am

  167. logo printed face masks — March 21, 2023 @ 11:13 am

  168. branded products — March 21, 2023 @ 11:15 am

  169. clocks for hospitals — March 21, 2023 @ 11:54 am

  170. quartz clock fit-ups — March 21, 2023 @ 4:16 pm

RSS feed for comments on this post. TrackBack URI

Leave a comment

WordPress Themes