NCJ Number
186574
Date Published
January 2001
Length
10 pages
Annotation
This discussion of current and future methods for controlling credit-card fraud in the retail sector covers current fraud and control techniques, the imminent shift in card technology from magnetic stripe to smartcards, and the implications of this for future fraud control and for the likely emergence of electronic cash; the paper also outlines fraud-control techniques for electronic cash in an environment where economic factors may make it too costly to account centrally for each transaction.
Abstract
There is a global trend toward cards becoming a predominant means of retail payment, including online retail activity. The use of cards as a means of paying for goods and services offers opportunities for fraud. Such fraud may be committed by using replicated cards from skimmed data, by using stolen cards, and by using newly generated cards that have the characteristics of genuine cards; in the latter case, algorithms are available on Internet sites that describe the numbering characteristics of genuine cards. Fraudulent card use occurs across all retail channels, including face-to-face purchases, phone transactions, and the Internet. Three general fraud control measures for cards are used: tighter procedures, more secure communications for online transactions, and a move from magnetic stripe to chip-based cards. The tightening of procedures includes signature checking, remote verification of the card to check its limit or whether it is stolen, and the use of firewalls around databases that contain customer card details. Work is progressing in the area of secure communications; the goal is to get the right balance of convenience, cost, and security. The use of smartcards involves replacing or supplementing the magnetic stripe on a card with a computer chip embedded in the card. The author discusses the development of smartcards, electronic cash, fraud control and risk management for e-cash, fraud control and risk management, prevention, detection, and incident response and countermeasures.