Over the past week, articles reported the latest data on UK Banking Fraud Losses (for example UK banking fraud losses at their lowest for a decade, 09.03.2011, Finextra). It is encouraging to see how the financial services industry has been successfully
investing in fraud prevention for online transactions. I would however like to consider the wider implications of transaction security in the banking arena.
The Dedicated Cheque and Plastic Crime Unit is keen to remind the industry that fraudsters are still active and we cannot afford to be complacent. It is a powerful message coming from the anti-fraud agency funded by financial services. It is my belief that
a holistic approach of all transaction channels is key so we fully appreciate the extent of fraud in UK banking. It is important to remember that phone banking fraud has gone up in 2010. Equally the decrease in card fraud losses needs to be put in perspective
as a key risk management tool is to decline card transactions. This can be seen as an effective way to tackle risks of fraud but it is also a costly one. It is costly to the bank in terms of administration costs, it is costly to the merchants in terms of loss
of revenues, and above all it is detrimental to the customer experience. Customers who have their card declined when trying to make a purchase are understandably dissatisfied and would welcome a more efficient way to manage risks from their banks. Those false-positives,
as they are known in the industry, can be contained to much lower levels (our own pilots have demonstrated that false-positives can be reduced from 90% to less than 10%). Our technology is telecommunications based and incurs no cost to the cardholder.
This brings me to my final observation. 2011 is seeing the commercial arrival of NFC within the mobile/smart phone which, when combined with the embodiment of the payment card within the mobile phone will mark a significant acceleration in the trends towards
electronic payments using the mobile/smart phone. How secure are those forms of payments is almost anyone's guess at the moment. Existing telecommunication-based technologies can be readily applied in this new scenario, which will contribute to keeping UK
Banking fraud losses low. Such technology is ideal in a converged single device scenario. The risk of compromise of any device will always require an additional “check” to authenticate the validity of the transaction. Having said that the market is still in
its infancy, this being confirmed by the decision of Apple (Finextra, 14.03.2011) not to introduce NFC in its new IPhone. In fact Apple has told mobile operators it was concerned by the lack of a clear standard across the industry.
Since in the case of a transaction originating from a mobile/smart phone, the mobile/smart phone must be present, i.e. the payment method cannot be separated from the device, therefore validation that uses USSD/Voice/Data channels will return a confirmation
if the SIM card is indeed in proximity to the point of origination of the transaction.