Debit fraud: "under radar"threat?

Even though banks aren't the cause, they are often the downstream recipients of problems with debit card fraud, notes Doug Johnson, senior policy analyst, Economic Policy and Research at ABA.

To summarize, lax security and data protection policies at retailers and the resulting issues

At a recent ABA policy meeting, Johnson presented slides on fallout from last year's T.J. Maxx and Polo Ralph Lauren sensitive data breaches. The more recent, highly publicized arrests of Cuban nationals in Florida who had 200,000 card numbers in their possession, along with anecdotal information from the Secret Service suggests new problems with an otherwise proven payment product.

"With European fraudsters in possession of legitimate card numbers, a well structured black market, and Florida--based fraudsters having sophisticated card manufacturing capability--these cards come complete with slick looking holograms-you've got a channel out there for the creation of 'white cards'," says Johnson. "These are cards with legitimate numbers minted by criminals." In other words, what you've got is a recipe for a fraud spike, and the data are beginning to reflect this. Most counterfeit cards are used in a non PIN environment; driving up the incidence of signature card fraud. (See charts, below.)

Johnson notes also that the payment innovation that, in effect separates the account from the debit card, of the sort that Capital One recently introduced, has security implications. It is these new products, in addition to the aforementioned breaches, that prompted ABA Chairman Earl McVicker to create ABA's payment system working group earlier this year.

But ABA has another concern, which is the compliance burden implied by recommendations listed in the recently issued Bush Administration ID Theft Taskforce Report, which called for a new National Identity Theft Law Enforcement Center. In Johnson's view, this would be a "FinCEN" approach that could backfire, increasing paperwork and reducing the agility and resources needed to keep an eye on daily bank operations.

Others in the industry share this view.

Roger Beverage, president and CEO of the Oklahoma Bankers Association, points out banks are already spending so much time with BSA/Anti Money Laundering rules that fraud detection isn't getting the focus it deserves. A greater compliance burden isn't the answer, he says.

"Our bankers are concerned," says Max Cook, president of the Missouri Bankers Association. "Debit card fraud is on the rise, and at a series of state meetings I attended, bankers voiced their concern; some form of controls will have to be placed on retailers. For starters, more clerks should look at IDs."

[GRAPHIC OMITTED]

Source of POS signature fraud losses

                      2002   2003   2004   2005   2006  1q2007

E-commerce             25%    25%    22%    22%    24%    27%
Counterfit card        20%    23%    34%    35%    35%    37%
Lost and stolen card   48%    43%    34%    34%    33%    30%

Source: ABA DDA Fraud Loss Reporting First Quarter 2007 Summary

Note: Table made from bar graph.