RIVERWOODS, Ill.-Fraud losses on U.S. credit and debit cards, after years of decline, now appear to be on the rise again. And one key culprit, according to experts, is this country's slow adoption of technology that will improve security.
Discover Financial Services disclosed in its annual report that its fraud losses in fiscal 2012 totaled $93 million-or 70% higher than they were two years earlier, even after adjusting for rising transaction volumes.
While industry-wide data is scarce, there are signs that other card issuers are seeing similar trends. Capital One Financial (COF), for example, reported a 20% increase in volume-adjusted fraud losses, between 2010 and 2011. It has yet to release fraud data for 2012.
"I am hearing this story across the board from all major issuers," Julie Conroy, a research director at Aite Group who advises financial institutions on how to combat fraud, told American Banker, an affiliate of Credit Union Journal. "And unfortunately, most issuers I speak to expect this to get worse before it gets better."
By historical standards, U.S. fraud losses remain low, industry sources emphasized. And the loss rates are still small enough that stock analysts generally shrug them off. Even so, the recent trend suggests that criminals have at least temporarily gained the upper hand in the cat-and-mouse game they play with U.S. card issuers.
Criminals Look to the U.S.
One major reason for the rising losses here, according to experts, is that it has become harder to commit fraud in countries that have switched over to EMV cards. Those new cards rely on computer-chip technology that makes counterfeiting difficult. So criminals around the world are looking more often to the United States, where magnetic stripe cards remain more vulnerable to breaches.
"We're the weakest link around the world," said Sanjay Sakhrani, a card industry analyst at Keefe, Bruyette & Woods.
Doug Clare, VP-fraud solutions at Fair Isaac Corp., agrees. "The fraud comes here. And so this is the place fraudsters focus their efforts, because it's easier," he says.
EMV stands for Europay, MasterCard and Visa, the networks that set the global standard for security chips embedded in payment cards.
The major U.S. card brands have all announced that they will require most U.S. merchants to use terminals that can handle EMV cards by October 2015. Those cards are more secure than their predecessors. But the United States lags far behind the rest of the world in making the switch.
The rising U.S. fraud losses could help galvanize industry support for making the switch to EMV cards, which also are expected to encourage the adoption of mobile payments. "Fraud wasn't the initial driver, but it certainly is part of the business case now," Conroy told American Banker.
She noted that fraudsters often hold onto stolen credit card data for some amount of time before using it to make illegal purchases, so the October 2015 switchover date also serves as a deadline for the criminals. "The bad guys are very motivated to use all this counterfeit card data that they have before it becomes much harder to use," she says.
Discover declined to comment for this story. In a document filed with the SEC, the company stated, "The risk of fraud continues to increase for the financial services industry in general."
