Credit card fraud hits new high despite chip and PIN

R.A. Hettinga rah at
Tue Mar 8 15:53:32 PST 2005


The Times of London

 March 08, 2005

 Credit card fraud hits new high despite chip and PIN
By Helen Nugent

CREDIT and debit card fraud has soared to a record #500 million despite the
introduction of new chip-and-PIN technology, it emerged today.

 Banks, credit card companies and shop owners hoped that the new technology
would reduce fraud because a four-digit personal identification number is
harder to reproduce than a signature. But far from deterring fraudsters,
the new measures have encouraged criminals to steal more cards.

 Figures from Apacs (the Association for Payment Clearing Services) show
that losses to thieves rose by 20 per cent last year, equivalent to #10 for
every adult in Britain.

 An average of 100,000 credit and debit cards were posted to consumers
every day last year. Many were intercepted by criminals, resulting in a 62
per cent rise - to #73 million - in "mail non-receipt" fraud.

 The sheer volume of cards sent out every day provided rich pickings for
fraudsters who operate by getting their hands on plastic before it is
received by the genuine customers.

 The banking industry says that it is working with Royal Mail to monitor
card losses, identify fraud hot spots and take preventive action such as
asking cardholders to collect new cards from their branch. But customers
seem reluctant to pick up new cards in person.

 Card analysts claim that fraudsters doubled their efforts last year in the
belief that chip and PIN would eventually act as an effective deterrent.

 Malcolm Bushell, managing director of Ingenico, Northern Europe, the
world's biggest developer and supplier of chip-and-PIN technology, said:
"The banks knew that 2004 would be a difficult year because fraudsters
would want to fill their boots while they still could."

 But retailers and banks seem powerless to clamp down on credit card fraud.
The theft of card details, which are then used to buy products over the
phone, via mail order or over the internet - known as "card-not-present
fraud" - continues to top the table of losses, soaring by 24 per cent to
#150 million last year.

 Consumers duped by counterfeiters who illegally clone or skim cards lost
nearly #130 million last year, a rise of 17 per cent. Fraud at cash
machines, a favourite resort of thieves, grew at an alarming rate, up by 81
per cent to nearly #75 million Chip and PIN claims to be a sophisticated
anti-fraud measure, yet there is no deadline for its implementation. Cards
without the new technology are still being issued and of 141 million credit
and debit cards in circulation, one in three are still the old
signature-only type.

 Furthermore, 15 per cent of retailers have yet to install tills that
accept PINs, even though retailers without chip and PIN in-store have been
liable for fraudulent transactions since January 1 this year.

 The British Retail Consortium said: "This time next year, we should be in
more of a position to see the impact that chip and PIN has had on card
fraud." Many shops that have up-to-date tills still do not insist that
customers use PINs to authorise transactions.

 "Fraudsters can disable the chip, for instance by smacking it with a
hammer, and pay for goods using a signature," Mr Bushell said. "There is a
case for saying that a signature should not be accepted."

 Apacs estimates that, without chip and PIN, losses would reach #800
million by the end of this year. But it accepts that the battle against
fraudsters is still to be won. Sandra Quinn, its director of corporate
communications, said: "The more of us use a PIN, the harder a criminal's
life becomes. But clearly they will keep targeting cards. Many people have
made predictions on where the fraudsters will attack next, but we have long
foreseen that we need to keep cards secure in all environments."

 Card identity fraud rose by 22 per cent during 2004, according to Apacs.
Credit reference agencies say that this alternative type of fraud is likely
to grow even more if chip and PIN does prove successful.

R. A. Hettinga <mailto: rah at>
The Internet Bearer Underwriting Corporation <>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

More information about the cypherpunks-legacy mailing list