User login

How Future Technology Can Help Battle Fraud

This article was written by Lou Grilli and provided by FIS

Imagine a day when data breaches yield no usable card numbers.

    Lou Grilli

While many authors are making their predictions for 2017, predictions for battling payment fraud need to take a much broader view. Imagine a safer world of payments where credit and debit card fraud is mitigated through technologies. The mag stripe is gone forever, and mobile payments as well as terminal-free check-outs rely on tokens instead of an actual 16 digit Primary Account Number (PAN). And for those who still insist on holding a piece of plastic in their wallet, cards will have smart security measures – a biometric scan device on the card to prevent lost/stolen usage; geolocation capability built into the card to assist in POS authorization; and a dynamic PAN and CVV displayed on a screen on the card for use in ecommerce purchases to prevent fraudulent online use.

After the Target breach in 2014, just the first in a string of well publicized intrusions on large retailers’ payment systems, credit unions and banks had to reissue the many debit and credit cards whose numbers were compromised in the breach. The Wall Street Journal reported that the cost of reissuing just from the Target breach was estimated at $200 million.

Today, issuers monitor reports for potential fraud, and look at suspicious card activity. If a threshold is met – such as fraud collectively over $15,000 or more than 100 disputes reported in a 15-day period, then the issuer goes into action, preparing marketing material, proactively alerting cardholders, and making several costly decisions – to reissue and how many to reissue, and to block card usage at a particular merchant to prevent further fraud.

Now imagine a scenario that would cost hundreds of pennies, not hundreds of millions of dollars – the cost to push out new tokens to mobile devices and smart cards that were potentially breached. The decision tree becomes infinitely simpler – is there a chance of fraud? If yes, reissue new tokens. If no, reissue new tokens anyway. Since data breaches will yield potentially no usable card numbers, fraudsters will not spend energy breaking into payment systems, eliminating that form of fraud.

There are still many other forms of fraud, such as account takeover fraud, and stolen personal identity, which are much harder to prevent and potentially much more devastating at the individual level. But there are technologies to help prevent widespread breaches that have experienced several times these past few years that, once behind us, will allow us to focus greater efforts on other forms of fraud. 

About Lou Grilli

Lou Grilli is the director of Payments Strategy at CSCU. He is responsible for providing leadership to the organization for emerging payments and industry trends, as well as managing the product portfolio.