Welcome to Finextra. We use cookies to help us to deliver our services. We'll assume you're ok with this, but you may change your preferences at our Cookie Centre.
Please read our Privacy Policy.

Accept
Channels
Blog article
See all stories »

Channels

Payments

Group

Information Security
External | what does this mean?
This content is provided by an external author without editing by Finextra. It expresses the views and opinions of the author.

Canada shows how EMV migration can impact fraud

The voices calling for the U.S. to migrate to EMV have been growing louder over the past few months with Walmart, T-Mobile and even the Federal Reserve calling for or discussing the move.  Meanwhile, just across the border, the United States’ close northern cousins in Canada have already taken the decision to make the move and are well underway in their migration to EMV.

Despite the fact that Canada is still in the early stages of migration, the country has already experienced some reduction in payment fraud levels. The Criminal Intelligence Service in Canada has just released a report which shows that in 2009, combined losses due to payment card fraud decreased from $512.2 million in 2008 to $500.7 million. A small fall, but a halt in the previously increasing figures never the less.

This reduction in fraud relates solely to credit card payments however. Losses due to debit card fraud spiked in 2009, increasing by 36% from $104.5 million in 2008 to $142.3 million. This discrepancy could be due to the fact that EMV has not yet been rolled out on debit cards to the same extent. Interac, the Canadian national debit card scheme has been slower to roll out EMV than the credit card schemes.

The transition to EMV chip cards in Canada will continue for at least a couple more years, so we should expect further declines in fraud such as skimming and counterfeiting activity at point-of-sale terminals and ATMs, particularly on debit cards as the standard is further adopted.

However, as we all know, criminals do not go away entirely but rather redirect their activity to a softer target. It is likely that, as the CISC suggests, there will be a “displacement of payment card fraud using Canadian card data to locations that have not implemented chip and pin, such as the U.S.”

Of course, EMV adoption is not the only measure needed to protect cardholders. Cardholder data still needs protection in the network and in storage to avoid its capture and use in fraudulent card not present transactions. As Canada continues its focus on payment fraud prevention the ever popular and growing online channel also needs focus. They should also look to roll out two-factor authentication for online transactions (as a number of UK banks have done) to ensure maximum security of payments regardless of channel.

6778

Channels

Payments

Group

Information Security
External | what does this mean?
This content is provided by an external author without editing by Finextra. It expresses the views and opinions of the author.
Report abuse

Comments: (1)

Lachlan Gunn
Lachlan Gunn - BenAlpin Ltd - Perth 11 September, 2010, 18:13Be the first to give this comment the thumbs up 0 likes

The European experience also highlights the CISC point about ‘displacement’, as well as an eventual decline in losses.   The latest European ATM Crime Report published by the European ATM Security Team (EAST) shows that ATM related skimming incidents peaked in 2008 when 90% of ATMs in Europe were reported as EMV compliant.  The first (albeit marginal) year on year drop in reported incidents was recorded in 2009. 

European ATM related skimming losses also peaked in 2008, with a total of €484 million reported, before dropping 36% to €310 million in 2009.   

In 2009 73% of these losses were international, that is fraud committed outside national borders by criminals using stolen domestic card details, and 27% were domestic.   

It will be interesting to see what the 2010 figures for Europe show when published.  94% (366,707) of Europe’s ATMs were reported EMV compliant by end 2009.  A breakdown by country is freely available from the EAST website.

Of course EMV adoption is not fully effective as long as magnetic stripes remain on EMV cards, and cloned counterfeits can be used globally at non-EMV payment terminals, and for other types of payment transaction.  That point has already been discussed in a related blog on this website……………

Report abuse
Join the discussion
Blog group founder

Member since

0

Location

0

More from member

This post is from a series of posts in the group:

Information Security

The risks from Cyber cime - Hacking - Loss of Data Privacy - Identity Theft and other topical threats - can be greatly reduced by implementation of robust IT Security controls ...

See all
Community
See all blogs »
Information Security 

Online Payment Processing: How it Works and Best Practices for Security

Jamel Derdour

Jamel Derdour

Information Security 

5 Ways to Protect Your Financial Institution from Account Takeover Fraud

Cheryl Chiodi

Cheryl Chiodi

Information Security 

Preparing for DORA

Aare Reintam

Aare Reintam

Information Security 

Strengthening Cybersecurity Defenses: The Significance of Vendor Cyber Monitoring

Michael Berman

Michael Berman

Now hiring

See more