Kathryn Kandra
How many credit cards do you own right now? One? Three? Twelve? Credit cards are indisputably a major payment tool, both in the US and worldwide. In the US, around 82% of adults owned a credit card in 2022, according to the Federal Reserve. Additionally, credit cards were used for around 31% of transactions, making them America’s most-used payment tool. Globally, card transactions surpassed $35 trillion in volume in 2022.
A 2024 Forbes survey asked cardholders the top reasons they chose to pay by credit card. 33% of respondents replied that they chose to use a credit card because “a credit card is safer to carry around than cash.” This begs the question: are credit cards really as safe as they seem? What safeguards are in place to protect consumers from fraudulent activities?
Let’s take a look at the current state of credit card fraud protection and find out why updated strategies are necessary today.
What is Credit Card Fraud?
Credit card fraud – defined as the unauthorized use of one’s credit card information for accessing money or purchasing goods and services – is a serious crime and a form of identity theft. In 2024, payment card fraud is estimated to cause $13.75 billion in losses for consumers, merchants, and credit card issuers.
Furthermore, a whopping 73% of US card payment fraud is card-not-present (CNP) fraud. Card-not-present (CNP) credit card fraud occurs when stolen credit card information is used to make a transaction from a distance. CNP credit card fraud includes fraudulent online, telephone, and mail-order transactions, while card-present (CP) credit card fraud occurs when a stolen or fraudulent credit card is physically presented to a merchant.
Types of Credit Card Fraud
In order to commit credit card fraud, scammers typically need your name, card number, card expiration date, and -- most importantly -- your card’s security code (CVV/CVC). Scammers can access this information in a myriad of ways. Here are a few of the most common fraud schemes to be on the lookout for:
In-Person Theft. A thief can physically steal your wallet or credit card or simply steal your card’s information by copying it down. A stolen credit card or stolen credit card information can be used right away for credit card fraud.
Phishing. Phishing is a type of scam wherein a scammer sends you emails, text messages, or direct messages pretending to be a legitimate company, bank, or some other reputable institution. These messages ask for personal data or contain links that, when clicked, send your sensitive information directly to the scammer or install data-collecting programs on your computer.
Credit Card Skimming. Credit card skimmers and shimmers are small electronic devices that attach to card readers. They read and store the information of the credit cards that the card readers service. This allows scammers to steal the stored credit card information for fraud.
Hacking. With stolen card details fetching as much as $15 or more, payment card information holds significant value on the dark web. This is why fraudsters often hack retailers, credit card companies, and other businesses to expose the credit card information of their clients. Hackers can sometimes steal your credit card information from trusted websites’ forms in a specialized type of cyber-attack called “formjacking.”
WiFi Scams. Public WiFi hotspots can allow fraudsters to intercept connections and collect your private data. These are sometimes known as a “man-in-the-middle” attacks.
Scam phone calls and websites. Often, scammers create fake websites or make fraudulent phone calls that are designed to trick you into giving out your credit card information. These scammers mostly pose as trusted figures, such as online marketplaces, banks, law enforcement, charities, or the government.
Friendly fraud. Friendly fraud happens when friends or family members use your credit card without permission.
RFID collection. Radio-frequency identification (RFID) is becoming more common in modern credit cards that feature contactless payment. With the help of a compatible device, thieves can use RFID to steal your credit card information from a short distance.
What You Can Do to Protect Yourself from Credit Card Fraud
There are many actions that you can take to protect yourself from credit card fraud.
Before credit card fraud happens
You can take the following preventative actions to minimize your risk of credit card fraud.
Never share your card number and PIN
Make the switch to an EMV “chip” credit card. Credit cards with chips and PINs are more secure than cards without
Cover the keypad and screen when entering your credit card’s PIN in public
Review your credit card statements often and carefully
Don’t give out any personal information over the phone or online, unless you are sure that you know who you are sending it to
If you must give your credit card information over the phone, make sure you aren’t overheard and ask the seller to repeat your order details back to you before confirming your purchase
Use a VPN and avoid sensitive websites like your online banking account when you must connect to public WiFi
Never click on links from unexpected emails or unknown email addresses
Never download anything from an unknown source
Check if credit card terminals have been outfitted with skimmers or shimmers by trying to dislodge the plastic casing; skimmers and shimmers usually come off easily
Use unique and strong passwords for all your accounts, both online and offline
Destroy any documents that disclose your credit card’s information before disposal
Don’t keep your credit card information “on file” on websites
Consider purchasing private insurance to protect your assets if your credit card does get defrauded
Monitoring for credit card fraud
Always be on the lookout for potential fraudulent activity. If you notice:
Unexpected credit card or bank statement activity
New credit cards under your name or credit inquiries that you did not initiate
Fraud alerts from your bank, credit card company, or credit monitoring service
Communications regarding credit card transactions that you don’t remember making
Packages you didn’t order being delivered to your home
Lower-than-expected balances in your available accounts
…your credit card information may have been stolen!
After credit card fraud has already happened
If you notice any of the warning signs described above, you should take immediate action.
Freeze your credit card and bank accounts
Notify your bank and/or credit card company
Request a replacement credit card
Review all of your financial statements to identify the loss
Reset your account passwords and two-factor authentication
File a report with the Federal Trade Commission or corresponding government agency
Report the credit card fraud theft to law enforcement
In the US, the Fair Credit Billing Act (FCBA) limits cardholders’ maximum liability to $50 in cases of credit card fraud. However, while you may not be liable for the money lost due to credit card fraud, your credit score may suffer. Additionally, credit card fraud can lead to other forms of fraud or identity theft.
Why These Measures Don’t Always Work
While consumers can take action to protect themselves from credit card fraud, it often isn’t enough. The individual actions that you can take to minimize your risk of credit card fraud can be time-consuming and confusing. The average cardholder may not have the time or resources necessary to fully protect themselves. Additionally, over-burdened systems like government and law enforcement may not always work efficiently or to your favor when and if your card gets compromised. Quite simply, it’s just too easy for fraud to occur if each and every consumer has to remember a complex set of precautions just to use their credit card.
Of course, there are fraud protections enacted by card issuers and banks that can help mitigate the problem for individuals. Let’s take a look at the technological safeguards against fraud that exist today for most consumers.
Existing Credit Card Fraud Protection
What kinds of tools can we rely on protect us from credit card fraud? Because credit card fraud is such a prevalent issue, many solutions exist. Some of the most well-known are:
Card Security Code. The card security code (known as “CVV2”, “CVC”, “CVC2”, and “CID”, among other names) is a 3 or 4-digit code that’s printed on credit cards. Created in the 1990s as a response to burgeoning online credit card fraud, the card security code is generated by credit card issuers with the help of a specialized algorithm. According to PCI-DSS rules and requirements, your credit card’s security code can never be stored in any terminal, software, or system; it is meant to verify that you have the card in your physical possession. That’s why most online stores require you enter your card’s security codes to verify purchases.
The EMV chip. EMV stands for Europay, Visa and Mastercard: the three companies that led the development of EMV technology in the 1990s. The EMV chip is an electronic credit card chip that is embedded into cards to protect them against fraud. These chips encrypt the card’s payment information in a way that is impossible to replicate or fake, and then communicate the encrypted information to card readers to make a transaction. EMV chips have been extremely successful in mitigating card-present credit card fraud. In 2021, 66% of payment cards issued were EMV cards, and more than 86% of worldwide card-present transactions were made possible by EMV.
Fraud Monitoring/Detection. Banks and credit card companies use machine learning and specialized fraud teams to detect and prevent fraud. These systems try to guess when fraud will occur by analyzing activity patterns and “scoring” the risk factor of each transaction.
Data Privacy Regulations. Lawmakers have recently taken action to prevent credit card fraud through establishing data privacy rules. In the US, these acts include: the Electronic Signatures in Global and National Commerce Act (ESIGN), the establishment of the Consumer Financial Protection Bureau (CFPB), and the Privacy Act. Similar measures in Europe include the establishment of eIDAS (Electronic Identification, Authentication and Trust Services). The Financial Action Task Force (FATF) is an international organization that supervises similar regulations at a global scale.
The Limitations of Existing Credit Card Fraud Protection
While the innovations described above are helpful in mitigating credit card fraud, the unfortunate truth is that no single solution has been successful in stopping credit card fraud for good. Perhaps the most compelling proof of existing solutions’ failure to curtail credit card fraud is the simple fact that fraud rates are currently soaring with no end in sight: The Federal Bureau of Investigation’s Internet Crime Complaint Center’s 2023 Internet Crime Report reported “a nearly 10% increase in complaints received” by the Internet Crime Complaint Center, which represented “a 22% increase in losses suffered, compared to 2022.”
Additionally, the face of credit card fraud is changing. Market research suggests that CNP fraud increases in correlation with ecommerce growth. As e-commerce continues to boom – total e-commerce sales are projected to exceed $6.5 billion in 2024 – CNP fraud will likely follow suit, and credit card fraud solutions will need to keep up. Additionally, as AI and machine learning advances, credit card fraud solutions will need to contend with more powerful and numerous cyber-attacks on credit card data.
As the landscape of credit card fraud shifts, cardholders need a solution that protects them against all types of credit card fraud. Any new credit card fraud solutions must be more effective, offer comprehensive 360-degree protection, and be “future-proof” in the age of AI and credit card cyber-fraud.
EVC: The New Standard in Credit Card Fraud Protection
EVC (Ellipse Verification Code) technology is the new standard in credit card fraud prevention. The natural evolution of the EMV chip, EVC technology is integrated into credit cards as a battery-free EMV chip that features an e-paper screen. This screen displays a 3 or 4-digit security code, replacing the printed security code on the back of most credit cards.
When an EVC credit card is tapped or dipped during an in-person transaction, or triggered with an integrated app, the screen changes to display a brand-new credit card security code. This refreshed security code can be used for any subsequent online or distance transaction. The changing security code (known as a “dynamic security code”) prevents credit card fraudsters to obtain an EVC card’s full information. Even if an EVC card’s full information is stolen, the cardholder can change their card’s security code anew with the tap of a smartphone app, leaving the fraudster back at square one.
Like EMV credit cards, EVC credit cards are effective at stopping credit card fraud before it occurs. However, while EMV technology addresses card-present fraud, EVC works against the growing problem of card-not-present fraud. This makes EVC the perfect payment tool for an increasingly digital, e-commerce-based economy. Essentially, EVC puts credit card fraud protection in the hands of the cardholder, equipping them to optimize their credit card for any type of transaction and against any type of credit card fraud.
Final Thoughts on Credit Card Fraud
Credit cards are and will be a major payment tool for consumers for the foreseeable future – and credit card fraud is an increasingly critical problem as fraud techniques continue to advance. There is an increasing number of ways a scammer can obtain credit card information to commit credit card fraud.
And while individual consumers can take some action against fraud, and many safeguards exist to protect cardholders from fraud, it often isn’t enough. With increasing fraud volume and a changing payments landscape, no fraud solution has been successful in stopping credit card fraud for good.
We here at Ellipse believe that cardholders need a comprehensive, future-proof, and extremely easy to use solution that protects them against all types of credit card fraud. EVC (Ellipse Verification Code) technology aims to make fraud a thing of the past while operating on the world’s current EMV rails.
Find out more about EVC and the future of credit card fraud protection by contacting us today: info@ellipse.la.
Comments