Payment card survey - where does your country sit on the fraud list?

Filed Under: Featured, Security threats

Cards and globe, courtesy of Shutterstock. Composite. A survey looking at our experiences of payment card fraud, and our reactions to the threat of fraud, has found that 27% of respondents reported being victims of fraud on either debit, credit or prepaid cards in the last five years.

14% have suffered multiple incidents of fraud.

The survey was conducted by research firm Aite Group, commissioned by payments system provider ACI Worldwide.

6,159 people were questioned in 20 countries around the world, on a range of topics including incidents of fraud, risky behaviours which may put people at greater fraud risk, the issuing of replacement payment cards in response to data breaches, and satisfaction with banks' security processes and handling of fraud incidents.

The countries with the highest incidence of fraud were the United Arab Emirates, China, India and the USA, with over 40% of people reporting being hit at least once in the last five years.

The lowest were Sweden, the Netherlands, Germany, New Zealand and Poland, all with less than 20% of those polled reporting experiences of fraud. Sweden's figure is just 10%.

The numbers have not changed greatly since a previous version of the same survey in 2012, with the overall average static at 27%. The USA dropped from second most risky to fourth with a single percentage point decline, from 42% to 41%, thanks to rather larger increases for others.

Previously suffering from the highest rate of fraud at 44% in 2012, Mexico has fallen to fifth place and 33%, the largest change picked up by this part of the survey.

As the report points out, the high figures for the US are likely to be connected to delays adopting modern payment card technology.

In Mexico, the move to Chip and PIN technology has moved a little faster. Visa has already implemented a shift in liability, with the blame for fraud moving from banks and card issuers to merchants who fail to implement modern card readers in April 2011, and to ATM operators in October 2012.

Although some card providers have yet to follow suit, this could explain the clear drop in reported fraud incidents there.

Of course, these figures will be heavily influenced by regional and cultural differences in how cards are used - in nations which use cash more than cards, fraud is likely to be lower.

It will also be affected by variations in the ways individuals act, and the survey looks a little at this side of things with its measures of "risky behaviours".

The respondents were asked if they had indulged in any of the following potentially dangerous lapses in the last five years:

Left their smartphones unlocked when not using them

33% of Mexicans had done this, and figures were high for most Asia-Pacific nations covered, but numbers for Europe and North America were in the 10-15% range. Only 9% of those in Poland had left their phones unsecured.

A lock screen on a smart phone is a significant hurdle to thieves or fraudsters, although implementation problems remain rather common.

For those who shudder at the idea of entering a PIN (preferably a nice long and complex one) every time they use their phone, other options such as fingerprint recognition are becoming more widely available, but still provide less than perfect security.

Responded to calls or emails asking for bank details

Very few people admitted to having committed this blunder, with less than 10% in most regions. Respondents in China, Indonesia and Singapore were rather more likely to though, and in India 22% had put themselves at risk of phishing.

No bank, shop or other service provider should be calling you or emailing you asking for sensitive details such as account numbers. If you need to give someone your details, make sure you call them, having checked for the correct number on a reputable site, or fill in the info on a secure web page you're sure belongs to the person you mean it to be.

Carried out banking or shopping online without security software installed, or on a public machine

Here the US, Canada and the Netherlands showed the most caution, with 7%, 5% and 4% respectively. Worst were India, Indonesia, China and Poland, all with 24% or more being very incautious about using secure systems for sensitive transactions.

Avoid shopping or banking on public or shared machines wherever possible. Use only trusted machines, running quality security software which is properly configured and kept updated. Ensure other software, particularly browsers and core operating system components, is kept fully patched too.

Thrown sensitive documents in the trash

It seems like a lot of people do this all over the world, although again the US and Canada did well with only around 12-13%. Elsewhere, numbers tended to be in the high teens in Europe, the high 20s in South America, and pushed into the 30s in the Asia-Pacific nations.

Burn or shred any document which includes information you wouldn't want the whole world to see. In most places, the trash is ultimately fully accessible to anyone willing to rummage through it.

Wrote down their PIN and carried it on them or with their card

This is particularly risky, as losing a wallet can give unfettered access to your accounts, but again it seemed rather common. 20% of Italians and 25% of Indians admitted to doing this. Again the Dutch scored very low with just 2%, New Zealand only 4%, France 5% and the US, Canada and Australia all 6%.

Never write down a PIN. If you really can't remember four numbers, and your bank won't let you change the PIN to something you can remember, record it as a secure note using suitable software on a mobile device. Of course, then you'll need to remember the lock code for the phone and the password for the secure note app, so this option is really only for those juggling large numbers of PINs - for most of us, memorising the number is much simpler.

The good news is that we seem to be getting slowly better, with numbers on the decline for all these trends.

For all our advances in technology, payment cards are likely to be our primary means of transferring funds for some time to come. It looks like we still need to learn to be a lot more careful with them.

Image of globe and cards cards courtesy of Shutterstock.

, , , ,

You might like

2 Responses to Payment card survey - where does your country sit on the fraud list?

  1. Steve · 115 days ago

    I worked for a city where I was the Fleet Manager. I managed our fueling station where every car, truck, etc., had its own gas-card (much like a credit card) Each individual employee had a unique 5-digit pin assigned by me. It took the card and the pin to get fuel. The police were the worst offenders by writing the pin on the back of the gas card. :-)

  2. David Pottage · 114 days ago

    I would say that writing down a PIN is OK, so long as it is not obvious that it is a PIN.

    For example, if you keep an address book, and only you know that you don't really have an aunt Jane, and that the last 4 digits of her phone number are actually the PIN number of your bank card.

    On the other hand, if you write the 4 digits actually on the card with a magic marker, then you deserve to get your account emptied. You should probably just save the mugger the trouble of visiting an ATM, and keep the $2000 in your wallet instead of your bank.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

John Hawes is Chief of Operations at Virus Bulletin, running independent anti-malware testing there since 2006. With over a decade of experience testing security products, John was elected to the board of directors of the Anti-Malware Testing Standards Organisation (AMTSO) in 2011.