The Australian Payments Clearing Association (APCA) releases
card fraud statistics every six months for the preceding 12m period.
For the first time in many years, Australian card fraud has grown in all categories. The ratio of Card Not Present fraud to all fraud remained steady at just under three quarters. An up-turn in skimming and counterfeiting is surprising given the strong penetration
of chip-and-PIN cards in Australia, although most ATMs here still use the stripe and remain vulnerable to carding. It will be interesting to watch card present stats in the next 6-12 months.
Still, CNP fraud remains the preferred modus operanum of organised crime;
the cost of CNP fraud grew by 61% from 2010 to 2011.
"Innovation" is a topical notion in Australian payments systems circles, but for the most part innovation is confined to back end systemic improvements to interbank settlements. Regulators take a light touch on the user side. The market is fostering innovative
payments applications in mobile devices, but so far, security still proves to be too hard. APCA's only position on security is to wait and see what happens when 3D Secure comes to Australia. Given that nothing has stood in its way, and CNP fraud is doubling
every two years, the very absence of 3D Secure here should be worrying to the regulators.
3D Secure is awkward and off-putting to users, expensive to implement, slow to process, and above all, incredibly costly thanks to high abandonment rates. In contrast, we could solve CNP fraud online in exactly the same way as we solved carding, simply using
asymmetric cryptography to render stolen account details non-replayable.
After all, CNP fraud is just online carding.