Replicas of the latest systems designed to protect your credit cards online are being used by fraudsters to mimic the credit card issuers own security systems and to steal card holders personal information.
The best credit card security verification systems of ‘MasterCard SecureCode’ and ‘Verified by Visa’ manage the enhanced ‘2nd layer’ security of some 70 million credit card holders, according to statistics from the UK Card Association.
Unfortunately the fraudsters are setting up websites that look similar to the extra security procedures being offered by the banks, and are luring unwary credit card holders into divulging their personal details.
If you shop online regularly you will have seen that banks and credit card companies are continually recommending customers to follow through on the extra security steps that ‘MasterCard SecureCode’ and ‘Verified by Visa’ offer.
But internet security experts at Cambridge University say these systems encourage people to enter confidential information into pages that they cannot be sure are real.
Although the information and the way it’s visually presented on these security pages could be replicated by an amateur web programmer in a few minutes, banks and retailers are increasingly requesting their customers to sign up for one or other of the schemes. There’s little difference between the Visa and MasterCard versions, or to compare credit cards security systems over; they both work on the same software and principals.
Steven Murdoch of Cambridge University said
“Criminals are impersonating ‘Verified by Visa’ and ‘Mastercard SecureCode’ websites and collecting confidential customer data, for example their password, their ATM PIN or their card number.”
Mr Murdoch says after the launch of this extra layer of security, the number of fraudulent security sites has increased dramatically. Although the foundations of credit card law in the UK mean that the customer doesn’t pay for any fraudulent transactions, consumers need to be constantly aware of their card issuers ‘Terms and Conditions’ if they want to rely on this protection. Mr Murdoch says if customers are victims of fraud, they could end up being liable for it.
He went on to say
“One concern we have is this might follow the same situation as Chip and PIN. The technology first gets introduced, the Terms and Conditions get changed and customers are held liable for fraud even though there’s no way for them to effectively prevent it.”
Mark Bowerman from the the UK Cards Association which aims to represent the stakeholders in the credit card industry said
“We’ve never claimed that those systems are 100% secure. However, if someone is a victim of fraud having signed up to those systems, then unless their bank has hard and fast evidence that they’ve acted negligently, then their bank or credit card issuer should be making an immediate refund to them.”
The credit card industry would say that incidences of this kind of fraud are rare and that overall, these systems contribute to the gradual decrease in credit card fraud. Fraud on debit and credit cards fell by more than a quarter in 2009 to £440.3m. However, fraud from online banking rose by 14% in the same period to £59.7m.
Ultimately one of the best ways of protecting yourself against this kind of credit card fraud is to be sure that the online retailer you’re buying from is reputable.