Blog article
See all stories »

India - playing by the rules of Fraud Club?

The first step to solving a problem is to admit you have a problem. I have been involved with card fraud systems for over 20 years and too many times when I have discussed fraud I’ve been greeted with the opening line “of course we don’t have a fraud problem here”

I was struck when seeing some fraud statistics for 2012 released by RBI for India how low they were. Indeed, VISA has also publically praised India on its low fraud statistics – has India found a solution to fraud that all the other countries have failed to find?

So I did a comparison against the Australian fraud statistic for calendar year 2012, and certain things struck me. Based on an average daily exchange rate over 2012, in US dollar terms, the reported fraud in Australia was over 27 times more than India – with Australia running at $270.8m and India at $9.9m. When you consider the amount of fraud per card, it comes out with a factor of 174 of Indian fraud over Australian fraud, this is with Australia having less than 1/6th of the card base of India.

The volume of transactions in both countries are broadly comparable with 5.6b in Australia and 6.2b in India, the value of the transactions in Australia were roughly double, at $622b vs $335b in India.

The number of frauds differ wildly, but that could be because the Indian numbers consider multiple transactions in a fraud case.

Looking at the next level, foreign banks seem to have reported significantly higher fraud rates in India with the exception of ICICI. ICICI have had far and away consistently the biggest fraud ‘problem’, yet banks with similar card bases and merchant bases have shown considerably less fraud. (It’s not clear if the figures reported are issuer or acquirer fraud)

There are obviously many cultural differences between India and Australia, so these figures may be an accurate picture. It may be explained by the fact that India is in a different stage of economic development to Australia or an excellent job in fraud prevention and education by the Indian banks. As an example, local card not present is a substantial contributor to Australia’s fraud, but it likely to be lower in India as it is not such a prevalent transaction. The significantly higher ratio of debit cards transactions in India could be a contributing factor.

The various anomalies may be explained away by environmental differences however, to me as a cynical grumpy old man, it seems improbable. A more likely explanation, I believe, is that the figures are simply under reported. This is not some fraud or conspiracy, simply a lack of corporate culture, often lack of standards to what constitutes fraud, and a lack of willingness to admit and share information about fraud.

The problem seems to extend further than just the official statistics – a recent report from the Mumbai police said that, in one of the world’s most populous cities, there were only 47 reports of credit card fraud reported between 2010-2012.

I may seem to be unfairly singling out India, they are not unique in this - they just happened to cross my radar as I was doing some research. If you compare freely available fraud statistics in the UK and Australia versus the US as an example, I cannot help feeling the move to EMV would have more political pressure if the general public knew the true extent of fraud in the US.

Successful fraud strategies depend on honesty, agreement there is an issue and an open exchange of information – something I feel both Australia and the UK lead on (although there is still room for improvement). For other countries ranging from the US to India, it feels like there is still a long way to go.

To paraphrase Brad Pitt in the movie Fight Club – the first rule of Fraud Club is to talk about Fraud Club, banks throughout the world need to share and contribute to fighting the fraud problem. India needs to share information about the true extent of the fraud it encounters, or else share its secret on how it has succeeded in combatted the fraud problem that has outsmarted the rest of the world.


Comments: (2)

Ketharaman Swaminathan
Ketharaman Swaminathan - GTM360 Marketing Solutions - Pune 09 July, 2013, 09:41Be the first to give this comment the thumbs up 0 likes

USA shrugged off EMV as irrelevant initially on the ground that card authorizations were happening there in realtime, unlike in Europe. 

India implemented 2FA two years ago and Mobile OTP a couple of months ago for online card transactions, which virtually eliminate CNP fraud. Recent moves by several banks in India to introduce Chip-and-PIN cards does signal their recognition that CP fraud is not as insignificant.

Not sure about other countries but, singling out USA and India, I think the issues are more broadbased than denial / under-reporting.

David Lock
David Lock - Insider Technologies - Manchester 10 July, 2013, 05:56Be the first to give this comment the thumbs up 0 likes


Thank you for being the first to ‘step up to the plate’.
Firstly, I believe the US EMV argument is not valid, because this highlight the country with the biggest fraud problem in the world authorises 100% of its fraud!

I agree the whole comparison of the India and Australia stats are worthy of a whole Phd paper. I am the first to recognise that I have over simplified the factors.

Interestingly, the 2FA was a mandated process from the Central Bank – however, this has anecdotally (I have no firm figures available) significantly reduced the potential of a sector in the economy that has grown significantly in most other countries.

Compare that to governmental intervention in the shape of the Durbin Amendment to increase customer choice in the US – it is again interesting to see where the priorities lie in each of the markets.

I still believe that there is a huge gap in the Indian figures that is due to under or mis-reporting – but I agree there are other differences – which for the benefit of the whole world community need to be explored and understood. Fraud is a worldwide problem – with worldwide consequences.

On a slightly different note – In an ironic twist I read the Mumbai Police had their corporate card hacked!