Credit card fraud has long been one of the most controversial problems of the credit card industry. The nature of the crime is doubly troubling as credit card fraud, more often than not, involve the theft of information of a personal nature which can be hard to secure again once it has been compromised.
Some types of credit card fraud can also be difficult to detect and, since consumers only see the summary of their purchases when their bill comes, finding out that they've been a victim always comes after the fact. This makes credit card fraud much more difficult to track and the perpetrator much more difficult to apprehend.
CQR Consulting is a firm specializing in information security. Their security specialist, Steve Darrall, recently released a statement saying that the total cost of fraud in 2008 has risen by at least 51% compared to the figures from 2007. These figures were taken primarily from credit card fraud involving counterfeiting cards and card skimming.
The information security firm has also noted that CPN or card-not-present credit card fraud along with card counterfeiting and skimming is the most common type of credit card fraud that is threatening cardholders today. Card-not-present credit card fraud is when the illegal transaction occurs without the cardholder or the card itself present during the transaction is done. This is most common in credit card transactions involving telephone or mail orders. Internet or online transactions are also commonly used for card-not-present credit card fraud.
Financial institutions are not standing still and, currently there is a strong push in the financial industry to increase their information security and reduce their risks for fraudulent credit card transactions. Financial institutions are also encouraging their respective merchants offering card payment services to improve their defenses against credit card fraud. This usually involves making necessary information storage equipment more secure and minimizing as much as possible the amount of personal data about the credit cardholder that the merchant will have access to.
According to Darral, there are two initiative that the financial industry is pursuing in order to improve the security of both cardholder and card transaction information. One is the PCI-DSS or Payment Card Industry Data Security Standard. This is developed primarily by the major credit card companies and it will be applied to all organizations that process, store or transmit data pertaining to cardholder payments regardless of the size or the transaction numbers. The other is the Payment Application Data Security Standard. This will be applied to software applications which are made to store, process or transmit data pertaining to card payment.