CurzTech News Network
CurzTech News Network | CurzTech World News | CurzTech U.S. News | CurzTech Entertainment News | CurzTech Political News | CurzTech Conspiracy News | Yesterday's News | Offsite Archive
For Tony Fargnoli, the news that a hacker had violated the confidential credit card information of eight million North Americans, was deeply troubling.
It's not that the Montreal-based shoe retailer was worried someone might use his card to make unauthorized purchases. Instead, Mr. Fargnoli fretted that the crime would fracture consumer confidence, creating a serious setback for the fledgling e-commerce site he has been struggling to establish for the past few years.
In a competitive market, Mr. Fargnoli, the third-generation owner of The Real Tony's Shoes, says that online sales represent an important new distribution channel for his high-end merchandise.
"We've slowly built this part of our business to the point where we doubled our Web site sales last year," he says. "And it's not just about winning our customer's confidence -- we've been burned by fraud ourselves."
Mr. Fargnoli isn't alone in his concern. According to computer security consultant Brent MacLean, the "hack attack" at Data Processors International in Omaha, Neb. -- which includes 100,000 Visa and MasterCards issued to Canadians among the eight million affected -- will have a cost far in excess of the dollar value of any fraudulent transactions.
"For credit card issuers, this incident is like 9/11 was for airlines," says Mr. MacLean. "No one wanted to fly, everyone was paranoid about the risk. And who knows if confidence will ever really be fully restored."
What is particularly disturbing for the affected cardholders is that, depending on the degree of encryption, criminals with access to the personal details available from their credit cards could infiltrate every other aspect of their financial lives.
Depending on how many numbers are encoded on the card, the rest could be quite easily exposed by random numeric scanning software, Mr. MacLean explains.
Kevin Wasslen, head of risk management for Visa Canada, says that once they've been notified of the security violation, the banks that have issued the cards will carefully monitor the accounts for any evidence of fraud. However, he concedes that depending on the amount of detail stored by the merchant, cardholders could be "vulnerable" to the greater threat of wholesale identity theft.
"There are robust security programs and enforcement at the banks," says Mr. Wasslen. "But yes, you can be at risk where a third party is involved in the transaction -- you're only ever as strong as your weakest link."
In this case, Data Processors International, a small mid-western company that processes transactions for catalogue companies and other direct marketers, was that soft spot.
Despite repeated assurances that e-commerce sites are secure and that they can protect the sensitive credit card data that's transmitted by shoppers, many remain wary.
In the peak holiday buying season between the first of October and the end of December, Canadians spent $772-million on 6.5 million e-commerce transactions last year. That's a 103% gain over the same period in 2001.
Still, a recent survey conducted by Visa Canada indicated that while 15% of cardholders with access to the Internet had plans to purchase holiday gifts online, at least one-quarter of the remaining 85% considered security and fraud concerns a deterrent to e-commerce.
That represents a serious impediment to growth for a mature credit card business that's struggling to find new opportunities. In recent years, credit card marketing has become increasingly aggressive as the various issuers battle for consumer market share. The stakes are high: North American consumers charged about US$1.5-trillion on their cards in 2001-and owed about US$620-billion in high-yield balances.
Given that the average American cardholder has 6.5 cards crammed into their wallet, companies have redesigned their cards to be more eye-catching and to literally stand out from the pack. American Express introduced a translucent blue card with a hologram in the middle a couple of years ago.
Last April, Discover (the fourth-largest credit card company with a 5.3% share of the U.S. market) launched its small, kidney-shaped 2GO card, which can also be used as a key chain to prompt its easy use by those on the run.
Other companies have used Aeroplan points and other affinity incentives such as donations to an alma mater or some other charity as selling points. And still others issue annual cash dividends to cardholders, based on the amount they spent on the card over the course of a year.
While some card issuers have even started to haggle with customers over the interest rate payments charged on balances and other features, fees remain a crucial source of revenue in a stagnant interest rate environment.
According to an industry publication, Credit Card Management, the fees paid by consumers jumped 10% in 2001 to US$13.6-billion. Grace periods have been reduced by almost 10 days over the past decade. And late payment fees in particular have soared to US$7.3-billion from US$1.7-billion in 1996. In part, those increased charges reflect the climbing cost of security features and systems.
Against a backdrop of intense competition, burgeoning global markets and e-commerce, credit card security has become a critical selling point to consumers. The use of increasingly sophisticated technology to reduce fraud is also an important way for the industry to contain its costs.
The Nilson Report, compiled by a California-based credit card research firm, calculates that even though US$750-million was lost to fraud in 2001, in the past 10 years the loss for every $100 charged, has tumbled from 18¢ to 7¢. In Canada, Visa has cut its losses from fraud by half over the past two years.
One of the most effective new tools in combating fraud and protecting consumers is neural network technology. A neural network is a software program that simulates the action of the human brain and flags any irregularities in spending patterns or behaviour.
If, for example, you've never travelled to Asia and you suddenly incur credit charges there, the neural network alerts the card issuer that you've broken your routine and they will contact you to confirm the purchases.
Similarly, a flag is also waved if you suddenly buy items like gasoline, electronics or jewellery that are historically associated with fraud because they are easily consumed or resold.
Lewis Mandell, a business professor at the University of Buffalo and the author of a book on the history of credit cards, says there are several other things that can trigger an alert: People who've recently asked for replacement cards, those who have a record of losing or misplacing their cards, and charges that originate from offshore locations known for past frauds, such as Russia, Nigeria and Indonesia.
To help contain fraud, especially where cards are used in e-commerce or so-called "card not present" transactions, Visa Canada recently launched a new verification system intended to reassure buyers and sellers alike.
This new technology, called Verified by Visa, refines the process of establishing a cardholder's identity during an online payment transaction. Purchase information doesn't travel directly to the merchant, but instead is routed directly through the bank and cleared by a special password or PIN number.
While consumers are supposed to be reassured by knowing their bank is authenticating the identity of the e-merchant they're dealing with, the new technology is at least as important to the vendors.
For one, Mr. Fargnoli says that his attempts to expand his business online have been hampered by security issues. Specifically, it is difficult to ascertain if a credit card number given over the Internet is legitimate.
[an error occurred while processing this directive]