UK payments body Apacs is liaising with banks, card schemes, retailers and systems vendors on the introduction of an authentication system for use in both online and telephone shopping, as the latest fraud figures show rising levels of CNP (card not present) crime.
The proposed system would work via a cardholder inserting their chip and PIN card into a hand-held card reader, and entering their PIN. On validating the PIN entered, the reader generates a unique, one-time only passcode, which is relayed to the retailer for authentication with the cardholders bank.
Bank-owned Apacs says it will aim to conduct a co-ordinated trial sometime in 2007.
The introduction of Chip and PIN payment at the retailer point-of-sale has helped cut losses from credit card fraud in the six months to June by five per cent, says Apacs, from £219.5m to £209.3m.
Internet, phone and mail order fraud now accounts for 46% of all losses, although growth in the first six month slowed to just five per cent, compared to a 29% increase between 2004 and 2005.
Losses from online banking recorded the biggest year-on-year increase, growing 55% to £22.5 million. The rising crime figures coincided with a 1471% surge in reported phishing incidents to over 5000 cases, from 312 in the same period a year ago.
The stats also show an increase in counterfeit card faud losses, with criminals targetting cash machines and tills that had not been upgraded to chip and PIN. Apacs says these losses are expected to decline in the UK in the second half of the year as all UK cash machines and the vast majority of tills are now upgraded.
Overseas markets are expected to account for a bigger proportion of card crime, as criminals target countries that have not yet upgraded to the more secure technology. To help tackle this, the European banking industry has set itself the target of completing its chip card rollout by 2010.