'Card Not Present' Is Very Present In Fraud
RIVERWOODS, Ill.-"Card Not Present," or CNP fraud continues to vex credit unions, notes one observer, who called it one of the most worrisome fraud trends of the day.
Kevin O'Donnell, VP of Credit Insurance at Discover Financial Services, explained that CNP fraud-in which a credit or debit card is utilized without actually swiping the card, such as online or over the phone-poses a significant threat for all financial institutions, as fraudsters purchase items like online gift cards, computers, stereo equipment or other easily re-sellable items. While the scale of credit unions may differ from that of other institutions, "we think there are similar vulnerabilities," he said.
In addition to regularly reviewing existing fraud policies and procedures and monitoring account activity, O'Donnell recommended performing "velocity checks" on transactions. For example, he said, if a member buys gas in Chicago in the morning and then buys something online from Germany late that night, that should spark a red flag.
O'Donnell also repeated an emphasis on adhering to PCI compliance standards for merchants and card issuers (see Credit Union Journal, July 25, 2011). He noted the importance of not storing sensitive data, so that in the event that there is a breach, that data can't be compromised.
"It seems fundamental, but whenever there isn't ongoing diligence is generally when fraudsters pick up on a weakness and capitalize on it," said O'Donnell. "The speed of that today is much faster than it would have been a few years ago, so the potential loss tends to grow over time."