UK banks and card companies work on a basic model of acceptable risk when it comes to bank account fraud. That was the reason for the introduction of chip and PIN, a scheme that cost UK retailers. A decade ago, when this scheme was introduced, card fraud was anticipated to double within five years as the use of a magnetic stripe payment with a signature was massively insecure.
The impact of chip and PIN was significant and best illustrated by the fact that the rate of fraud today is less than it was ten years ago, even with the rise of the mobile, social internet.
Fraud losses on UK cards totalled £450.4 million in 2013 compared with £411 million in 2003. The 2013 figure is deceptive, as it represents a 16 per cent rise on the 2012 total of £388.3 million, a lower figure than a decade before. That seems pretty incredible when the number of cards issued has increased dramatically from 42 million cardholders in 2013 to 47 million now, as has spending. Card spending today is more than £530 billion annually. In other words, with all the concerns about identity theft, card fraud, online scams and more, we are kept pretty safe by our financial system.
You have probably noticed that alongside chip and PIN and secure keys for online services, you have other checks and balances on your account that is changing over time. A good example is that you no longer need to enter a Verified by Visa or MasterCard SecureCode when making an online purchase if you are using your usual computer at home. That is because the card firms recognise it is your normal internet location and device that is making the purchase, so they assume you are secure with this.
With all the concerns about identity theft, card fraud, online scams and more, we are kept pretty safe by our financial system
Nevertheless, we are starting to see some changes, especially when passwords are being regularly compromised. It was only a few months ago that everyone was told to change their passwords when the Heartbleed bug was discovered. Similarly, large and trusted websites and web services, such as eBay and Adobe, have had password files stolen in the last year, causing many of us to start using multiple, instantly forgettable passwords.
That has to change and it is. If you use the latest iPhone or Samsung Galaxy smartphone, both will take fingerprints for authentication of transactions. If you are a Barclays Bank customer, you can authorise actions securely just using your voice on the phone, as they have rolled out voice biometric authentication this year.
These and other developments will continue as banks are always trying to be one step ahead of the criminals when it comes to fraud and, based upon the last ten years of statistics, they’re not doing a bad job of it. It is a shame that most customers are not, as almost half use the same password for all their logins, especially among younger demographics, with the most common passwords being princess, password and 123456. Therefore, if you are one of the people with these passwords, do everyone a favour and start protecting yourself online a little bit too.