Viewpoint
Credit card incidents and control systems

https://doi.org/10.1016/j.ijinfomgt.2012.03.003Get rights and content

Abstract

Credit and debit cards have spread and skyrocketed all around the world to become the most popular means of payments in many countries. Despite their enormous popularity, cards are not free of risk. Technology development and e-commerce have exponentially increased internal credit card incidents. This paper identifies and quantifies the different types of credit card fraud and puts into question the effectiveness of the role assigned to cardholders in its detection.

Highlights

Technology development and e-commerce have exponentially increased internal credit card incidents. ► This paper offers an overview of the main types of credit card fraud. ► The effectiveness of the role assigned to cardholders in alarm systems is put into question.

Introduction

Technological developments have changed the way we view money, especially with relation to its use as a method of payment. It has evolved from being considered a physical active (gold, coins or notes) to the idea of money being a figure in an account. This change in framework, that has modified the way monetary policy is designed on a large scale, has influenced the behaviour of small businesses. In the last thirty years, the use of credit/debit cards has spread and skyrocketed all around the globe, gradually becoming the most popular and most efficient means of payments in many countries.

As examples, there were almost 800 million cards in circulation in 2010 in Japan alone, the total amount of card payments (excluding e-money cards) made in the Eurozone surpassed one trillion of euros in 2010, the total US revolving debt (98 percent of which is made up of credit card debt) reached $812.1 billion in January 2012, and the average number of cards per inhabitant in UK was about 2.33 in 2010 (Banco de España, 2011, Euromonitor International, 2012, European Central Bank, 2012, Federal Reserve, 2012). In fact, according to the American Bankers Association, “it is estimated that there are 10,000 payment card transactions made every second around the world” (Schulz & Woosley, 2009).

In spite of their enormous popularity, plastic cards are not free of risk. Credit card issuers as much as card owners are aware of the possible problems that can arise from an incident involving a card. For instance, the May-2009 Unisys Security index pointed out credit and debit card fraud as the first concern of Americans, superseding fears of terrorism. Further, according to a report by VISA in 2010, worldwide card fraud accounts for around 0.055% of the sum of all credit card payments and likewise, according to issuers and police, security measure costs (including investment in technological developments, security and the fight against fraud) are equivalent to 0.06% of the value of all card transactions. Since 1958, when the first widely accepted plastic charge card was issued by American Express, issuers have been virtually running a race without end in the fight against fraud.

If, traditionally, early detection of a card incident was important because of its extensive use as means of payment in high street shops, the rapid expansion of e-commerce and online banking has made it essential (see, e.g., Bang, Lee, Bae, & Ahn, in press). Both the issuer and the cardholder are interested in an early alert and prevention of incorrect use of the card to avoid the unintended economic consequences that could result (Chung & Suh, 2009).

The range of the profile of the incidents is wide, from external incidents, such as robbery, theft or mislaying a card, to internal incidents, such as duplication, cloning or piracy of passwords, via phishing or skimming. With the development of technology and e-commerce and the growing use of the Internet, the increase of internal incidents has been exponential.

Section snippets

Cards and fraud

Stolen or lost cards, which account for around 12% of all incidents, are the traditional methods leading to fraudulent use of a card. This practice, however, is declining due to the effectiveness of the basic countermeasures. In face-to-face transactions, the identification of the cardholder by way of their signature and the use of Chip and PIN cards are procedures that are showing as quite effective. Furthermore, the cardholder can actively cooperate from the start against this type of fraud

The role of the cardholder in an alarm system

Excluding the latest new fraud system where the card issuers are obliged to develop new procedures capable of tackling this new threat, it is apparent that the majority of the countermeasures that could be most effective in the fight against fraud rest with the cardholder. The question that we should therefore ask ourselves is up to what point the provider can confide in the cardholders when creating a credit card control system.

As is well-known, a control system is defined as the set of

Acknowledgments

The authors wish to thank Marie Hodkinson for translating into English the text of the paper and Dr Philip Hills, IJIM editor, for suggesting this viewpoint.

Jose M. Pavía, MSc in Maths and PhD in Economics and Business Science, is Quantitative Methods Professor in the Economics School of the University of Valencia, Spain. His research areas of interest include risk analysis, spatial statistics, human behaviour, forecasting issues, and time series analysis. He has published more than forty papers in journals like Journal of the American Statistical Association, International Journal of Forecasting, Environment and Planning A, European Urban and

References (19)

There are more references available in the full text version of this article.

Cited by (16)

  • Learned lessons in credit card fraud detection from a practitioner perspective

    2014, Expert Systems with Applications
    Citation Excerpt :

    Automatic systems are essential since it is not always possible or easy for a human analyst to detect fraudulent patterns in transaction datasets, often characterized by a large number of samples, many dimensions and online updates. Also, the cardholder is not reliable in reporting the theft, loss or fraudulent use of a card (Pavía, Veres-Ferrer, & Foix-Escura, 2012). Since the number of fraudulent transactions is much smaller than the legitimate ones, the data distribution is unbalanced, i.e. skewed towards non-fraudulent observations.

  • An intelligent payment card fraud detection system

    2024, Annals of Operations Research

  • The unit-Gompertz distribution revisited: properties and characterizations

    2024, Rendiconti del Circolo Matematico di Palermo

  • An augmented AI-based hybrid fraud detection framework for invoicing platforms

    2024, Applied Intelligence

  • Comparative Evaluation of Fraud Detection in Online Payments Using CNN-BiGRU-A Approach

    2023, International Conference on Self Sustainable Artificial Intelligence Systems, ICSSAS 2023 - Proceedings

  • Investigation of Card Skimming Cases: An Indian Perspective

    2023, Journal of Applied Security Research
View all citing articles on Scopus

Jose M. Pavía, MSc in Maths and PhD in Economics and Business Science, is Quantitative Methods Professor in the Economics School of the University of Valencia, Spain. His research areas of interest include risk analysis, spatial statistics, human behaviour, forecasting issues, and time series analysis. He has published more than forty papers in journals like Journal of the American Statistical Association, International Journal of Forecasting, Environment and Planning A, European Urban and Regional Studies, Journal of Service Science and Management, or Investigación y Marketing.

Ernesto J. Veres-Ferrer is on leave statistician of the Spanish Statistical National Office. He was Deputy Director of the Valencia Institute of Statistics and has taught at the Universidad Autonóma de Madrid, Universidad de Zaragoza and Universidad Nacional de Educación a Distancia (UNED). Currently, he is Senior Lecturer (with tenure) at the University of Valencia, Spain. His research is focused on Bayesian approach and on applying statistical methodology to different fields, such as the analysis of corporate accounting information, demographic issues and studies on water quality.

Gabriel Foix-Escura, graduate in Economics and MSc in Quantitative Finance, works currently in the Department of Global Risk at Banco de Valencia, Spain, where he is in charge of executing Basel II capital requirement directives. Previous works include consultancy in valuation of all kind of financial derivatives. His areas of expertise focus on internal risk management, rating and scoring models, credit risk management and operational risk management.

View full text
Copyright © 2012 Elsevier Ltd. All rights reserved.