New Card Fraud Weapons Emerge

Combatting credit card fraud is something like slaying the mythical Hydra-cut off one of its heads, and more grow in its place. But banks that dare to rest from the fight for even a minute risk huge losses. Credit grantors lose about 1. 5 billion each year to credit card fraud, according to some estimates. And the problem is growing. Members of Visa U. S. A. lost 125 million in 1992, representing. 027% of the worldwide card transaction volume. MasterCard reports total fraud involving its cards at 460 million in 1992, a 23% increase over 1991. If there's a positive side to the problem, it's that the growth rate, is slowing, according to MasterCaro's calculations. Fraud due to lost credit cards rose 29% in 1992, compared to 60% in 1991 and 49% in 1990. The growth in counterfeit cards was up 33% last year, compared to a growth rate of 75% in 1991 and 167% in 1990. Finally, fraud from cards that were issued by a bank but were never received by the cardholders was up 38% in 1992 compared to a growth rate of 49% in 1991 and 138% in 1990. Additionally, concerted efforts are under way by banks, the card associations, credit bureaus, independent organizations, and technology vendors to further reduce the problem of credit card fraud. Citibank, New York, for example, last year began a campaign to issue bank cards with photographs of the cardholder imprinted on the back of the card. In June, Citicorp chairman John Reed announced at a computer conference in Boston his organization's plan to develop a computer system for use at merchant locations. The system will display an image of the owner of the card, which the merchant's sales clerk would have to verify as being the same person as the purchaser. Reed forecasted availability of the system within a decade. Verify ownership Visa and MasterCard have launched programs geared to verifying card ownership at the point the cards are used. While such programs won't eliminate fraud, they do make it harder to replicate information stored on cards' magnetic stripes. In April, Visa launched its Card Verification Value (CVV) program, which the association claimed prevented 3. 4 million in fraudulent transactions in April and May alone. Visa card issuers encode the CW--an encrypted numeric value--in the card's magnetic stripe. When the cardholder makes a purchase, the pointof-sale (POS) terminal reads the CVV code and transmits it to the issuing bank, where the code is verified. is a short-term solution, notes Rosalind Fisher, a Visa executive vice-president, because it prevents the traditional kinds of counterfeiting methods we're seeing today. These include creating a counterfeit magnetic stripe using information obrained from a discarded sales slip or from observing a cardholder using an ATM to obtain a cash advance. MasterCard's Enhanced Card Security package consists of the following elements: First, the account number is indent printed on a tamper-evident signature panel on the back of the card. Second, the card carries two Card Validation Codes (CVCs) --one on the magnetic stripe and one on the signature panel following the account number. Finally, the card has an embossed security character alerting sales clerks to check for the security features. MasterCard also is investing in fraud prevention programs. The Mastercard Member Protection Program is one example. This is a set of riskmanagement tools designed to help members reduce annual fraud losses. The tools help members compare their risk-management performance to their peers, help issuers identify cardholder fraud, and monitor merchants that exceed established authorization thresholds. Neither MasterCard's nor Visa's security packages address skimming, where the entire contents of the magnetic stripe, including the encrypted code, are copied onto another plastic card. To protect against skimming-- used by ATM fraud perpetrators in Connecticut last spring--it's necessary to ensure that the physical piece of stripe on the card is the one that was on the card when it was first issued. …