New industry tools fight credit card fraud
Card issuers, companies take steps to safeguard consumer data
By Jodi Helmer | Published: September 19, 2014
As cyberattacks continue to compromise credit and debit card data, card issuers and retailers are looking for ways to protect consumer data. Even private companies are exploring possible fraud protection solutions.
Here are a few of the latest innovations.
What card companies are doing:
Capital One: To alert cardholders to potentially fraudulent transactions, Capital One introduced Second Look, a free program that emails alerts flagging recurring, renewing or duplicate charges.
The initiative "goes beyond traditional fraud detection," according to Amy Lenander, vice president of rewards programs at Capital One.
Lenander acknowledges that some of the charges flagged by Second Look might not be fraudulent but could alert cardholders to charges that require an action on their part, including fees levied at the end of a free trial period or subscriptions set to auto-renew.
After Capital One rolled out the pilot program in May, "Customers were three times more likely to notice and ask questions about duplicate charges," says Lenander.
Second Look is currently available to a limited number of cardholders but Capital One expects it to be rolled out to all cardholders in coming months.
MasterCard: MasterCard is launching two new programs to protect cardholders from fraud.
Identity Theft Resolution helps customers cancel stolen cards, alerts reporting agencies to card theft and searches for stolen personal data appearing online. It became available on all U.S.-issued credit, debit, prepaid and small business cards in July 2014.
MasterCard is also expanding its Zero-Liability Policy to enhance fraud protection. The current policy protects cardholders for transactions that require a customer signature; starting in October, MasterCard will also offer protection on all ATM and PIN-based transactions.
Citing data breaches at national retailers and the transition from cards with magnetic stripes to EMV technology, Beth Kitchener, vice president of U.S. communications for MasterCard, says, "It seems like a good time to offer our cardholders a little extra protection."
What third-party companies are doing:
AT&T: The wireless carrier announced plans to test a service allowing credit card companies to access network data and compare a cardholder's physical location to the location of transactions made abroad.
"The fraud API [application programming interface] sends a push notification to the bank or credit card issuer," explains Chris Aron, lead product marketing manager for AT&T. "By the time you get through immigration and use your card at Starbucks, the payment processor is expecting an international charge."
Aron believes that using wireless technology to provide an additional data point to determine whether international credit card charges are legitimate will help reduce global fraud. The program is part of the carrier's Location Information Services portfolio.
When the program rolls out this fall, wireless subscribers will need to opt in to participate.
CardKill: A new software program is designed to stop credit card fraud before it happens.
CardKill monitors cards for suspicious transactions, including small charges that are reversed within minutes, which are often a sign that thieves are testing a cloned card. If fraud is suspected, the software cancels the card and alerts the cardholder.
"It's a genuine solution to a real problem," says G. Mark Hardy, CEO of the startup. "We're not replacing what's out there, we're providing a service that's not being provided."
Hardy, a former Navy captain with a background in banking security, is raising venture capital to make the technology available to financial institutions. He expects beta programs for the fraud-detection software to launch in the fall.
As retailers put more protections in place, it makes it harder for good consumers to make legitimate transactions.
TrustInsight: 41st Parameter, a division of the credit bureau Experian, recognized that fraud detection programs can have a negative impact on cardholders.
"As retailers put more protections in place, it makes it harder for good consumers to make legitimate transactions," explains Surag Patel, vice president of global product management for 41st Parameter.
The company created TrustInsight, a program that conducts a real-time analysis of transactions to produce a "Trust Score" that determines whether a transaction is likely to be genuine and should be approved. In June, FICO announced it would integrate TrustInsight into its network.
The program aims to reduce false declines by one-third.
"There are lots of sophisticated fraud detection programs being deployed; there has to be someone protecting the consumer experience," says Patel.
What retailers are doing:
Wal-Mart: The Arkansas-based big box store made headlines when it started asking customers paying with credit cards to enter their three-digit security codes into the payment terminal.
According to spokeswoman Dianna Gee, Wal-Mart made the decision in agreement with multiple card issuers to request the three-digit code for transactions over a certain (undisclosed) threshold. Their rationale: Fraudsters using fake cards have valid account numbers but not the security codes.
The practice was implemented storewide in 2014.
"People are used to providing their three-digit code with online shopping so it's not a big shock to them," says Gee. "We've seen a reduction in fraudulent transactions."
As card issuers phase out magnetic stripes in favor of EMV-enabled "chip-and-PIN" cards, Wal-Mart will phase out the program.
Sam's Club: The warehouse club has announced that its co-branded MasterCard will feature an embedded microchip to combat fraud.
Sam's Club claims that chip-enabled cards make cardholder information more difficult to duplicate, making customer data more secure. When the EMV-enabled cards were issued in June, the warehouse club became the first major retailer to offer credit cards with microchips.
Other card issuers are expected to follow suit. Researchers at Aite Group estimate that 70 percent of credit cards and 41 percent of debit cards in the U.S. will feature the fraud-busting chips by the end of 2015.
- Abolish the password? Card issuers are working on that – Credit card issuers and banks aim to phase out passwords over the next few years with the help of biometric authentication ...
- Startups use tech to put cardholders in charge of security – With data beaches on the rise, startup companies are developing new options that help consumers minimize their exposure to a possible hack ...
- Which banks let you personalize your credit card? – If you've ever wanted to take you favorite pet with you in the in the grocery store or to a fancy restaurant, consider plastering their likeness on a credit card ...