By now, card fraud was supposed to be a thing of the past, what with the introduction of EMV (Europay, Mastercard and Visa), tokenization, advanced fraud detection, and other technologies. But for various reasons, progress has been slow.
While these technologies are at some level in use, there are caveats. For example, EMV in the U.S. hasn’t take hold yet. Processors argue with financial institutions (who are paying thousands of dollars to prevent fraud) that it’s a better deal than paying half of that for the fraud. Merchants, on the other hand, have the same problem justifying EMV terminals when there are so few cards out there.
Tokenization has its set of problems, too. Apple Pay is considered the safest and most advanced financial payment option to date. Early adopters have had to face a fraud rate as high as 6%—a magnitude higher than RODC (regular old dumb cards). Apple was, of course, quick to identify the problem: “Issuers. I mean, our partners.”
Fraud detection is the primary defense for most institutions. Terms like “neural networks” and “card user analytics” boast a terrific detection rate and an even better ratio for torquing off a good member. My personal case in point:
Living near Seattle, we normally don’t think of Canada as being a foreign country. Different, perhaps, like when you order something that sounds exotically French called poutine only to find it’s simply gravy over french fries (KFC, take note!). But when my card wouldn’t work as we waited for the last ferry boat back to the U.S., it struck me how far away I was.
“It happens all of the time,” said the ferry clerk after taking the cash I had gotten from hastily selling my plasma at a clinic nearby.
“Really?” I asked.
“Yeah," the clerk replied. "People forget to tell their card issuer and then they’re stuck here.”
Despite daily conversations with the card issuer (truth: not my credit union, O Bee), the next week proved to be an episode in the theater of the absurd. At times the system would allow me to use an ATM; other times not.
A charge for $100? Forget about it. One for $1,000? Approved! An Internet purchase of foreign electronics? Sure, go ahead. Gas while my truck was begging for it? No way!
The credit union tried valiantly to outsmart the network, with no luck. One of the notes said, to paraphrase, “Resistance is futile. Prepare to be assimilated.” At least the credit union stood by its story: It wanted to keep my personal funds “safe.”
I’m not trying to disparage the credit union. In fact, almost all of us suffer from increasing levels of fraud—which, in the absence of other mitigation, leads us to demand more vigilant (and often over-vigilant) detection results. While the cost of fraud monitoring is visibly detailed on your processor’s monthly invoice, these additional costs aren’t:
Finding balance is a difficult task. Be too soft, and fraud charges will shoot through the roof. Be too strict, and your next crisis will be on Facebook when a member vents to both you and the world.
The best way to find a balance is to compare your fraud rate (fraud per dollars charged) to others using the same model. If your rate is higher, you may be too soft. Too low, and you could be stranding your membership high and dry—or in my case, in a foreign country.