Credit Card Fraud: When zero doesn’t equal zero

What Everyone Should Know about Credit Card Fraud: Online and Offline

By Jef Henninger

Credit card fraud has worried people since the beginning of e-commerce. However, it seems that less people are worried about online fraud following the 2001 holiday shopping season which recorded some websites with large sales increases. One of those websites, Amazon.com, has finally shown a profit. These increases may be due to new policies by credit companies that eliminate the cost the consumer pays for fraudulent purchases. However, you will still be paying for credit card fraud, in one way or another.

Online

Online credit card vulnerability
is something everyone talks about. Along with this concern comes media hype. Websites that are hacked into usually makes the news. Although this might scare people into believing that shopping online is dangerous, it also keeps companies on their toes. After a well-publicized hack, many companies recheck their security to make sure it won’t happen to them. Some hacks are done by a group who just want to show vulnerabilities in website security. The credit card numbers obtained aren’t used and the credit card companies cancel the accounts and contact the cardholders. Even when credit card fraud occurs, customers aren’t affected as much as they were in the past.
‘Zero Liability’
has become a very popular term over the past two years. Many credit card companies and financial institutions offer some form of zero liability for online and offline purchases. Visa’s old policy (like many others) required that you report fraudulent activity within two business days of discovery and held you responsible for up to $50 of the charges. With the new policy, you pay nothing for unauthorized charges and the two-day notification limit is gone.

Although the customers are starting to accept the zero liability programs, the Internet will probably always be thought of as a place where credit card fraud runs rampant. This is due in part because many fraudulent transactions occur on the Internet and when the customer sees that their credit card was used on the Internet, they assume that’s where the information was acquired. Chances are, that’s not the case. The Internet is perfect for credit card thieves because of the various things you can buy that do not require a shipping address. Many websites offer software that you can download, movies you can watch, games you can play, and other services that all require a credit card number, but can be enjoyed without the hassle of shipping. In the early days of online fraud, thieves would have items sent to abandoned houses where they would wait for shipping companies like UPS to drop off the item. However, UPS and the police have been onto this scam for some time and it doesn’t happen as much as it use too. Probably the most famous victim of fraudulent transactions on the Internet was the company flooz.com. Flooz sold credits that worked like a gift certificate for many different websites. According to the New York Times, thieves from around the world purchased flooz currency with stolen credit card numbers. A large amount of fraudulent activity combined with other economic factors forced them to go out of business. But where are they getting the credit card information?

Offline

Offline credit card vulnerability
is a big secret that no one likes to talk about. Your credit card information is much more likely to get stolen offline then it is online. When you are at a restaurant you give your credit card to the waitress who walks off for about five minutes. At this point she can either write down all of your information or swipe it in a computer such as a palm pilot with a card swipe attached to it. In retail stores there are return slips, layaway cards, register journal tape, and receipts that have your name, credit card information and sometimes more information such as a drivers license number. All of this is available to just about anyone who works in the store since they are often stored in open boxes in various storage rooms. After a while, they are thrown out without being shredded which gives anyone willing to pick through the garbage, a wealth of credit card numbers that are often still valid. Employees can be tempted to steal your credit card number and use it in the same store they work at because they have the ability to manually type in the credit card number at just about every register. Offline credit card fraud is becoming a very large problem that is committed by both customers and employees.
Impact

With zero liability policies protecting customers online and offline, does it really matter that your credit card can be stolen? Some people may say no. These zero liability polices can lead people to be less secure with their credit card use, which in turn may lead to more credit card fraud. Although the $50 fee is gone, you are still paying. If the credit company ate the loss, it may not affect you. However, the company that sold the items to the thief is the one who usually eats the loss as a result of charge backs from the fraudulent transactions. The result is the same as if they just gave the products away for free. This creates shrink for the company, which results in job loss and higher prices. In the end, it all comes back to affecting the customer.

Prosecutors and Police

I can tell you from personal experience that many credit card fraud cases can be very hard to prosecute. There are many issues that make this crime difficult to prove. Police may be reluctant to press charges when asked by the retailer since it wasn’t there credit card that got stolen. The charge back will take time to arrive at the store, and is not guaranteed to even happen so it may take time for them to become the victim. Some credit card companies aren’t willing to cooperate when it comes to handing over customer information. A person can steal credit card numbers from five people, but since only one person could be contacted, they will only be charged with the crime against that person. Even if all of the victims are contacted, there isn’t much incentive for them to go through with the prosecution. With zero liability, the most harm suffered is a few minutes on the phone and the time it takes to fill out a few papers. Many people aren’t willing to take time off from work to talk to detectives and appear in court. In the end, the thief may either go free or be subject to a lesser charge. The rewards of credit card fraud combined with the slim chances of actually being caught and the possibility of lesser penalties make this a very attractive crime, which some people take up as a full time job.

Protect Yourself

Credit card fraud will likely continue to grow in the future as identity theft and other related crimes increase. However, there are several things you can do to protect yourself. When shopping online, only use your card on secure webpages. To spot a secure webpage, make sure the lock icon in your browser is locked. Secure webpages may also begin with ‘https’ instead of ‘http’. Also, stick to well-known companies that have a U.S. phone number and address. Don’t be fooled by emails that claim there was a billing error and that you are required to go to a website and enter your billing information to prevent your account from being closed. This is very popular on America Online. Fake websites are setup that appear to be actual AOL websites asking you to type in your information because of a computer error that wiped it from the system. When in doubt, call up the company that is asking you for the information. When shopping offline, watch for double swipes or swipes in handheld computer devices. Credit card companies also have a list of other tips to protect your credit card information on their websites.

HOME

last update 1 March 2002

contact: webmaster