Fraud Awareness Month Canada – Return of the Lost and Stolen (and Authenticating Wearables in Canada)
A couple years ago, I penned a blog post to commend the Canadians on what made their culture so resilient to fraud that it developed the lowest fraud rates in the Northern Hemisphere. It got a bit of circulation and created significant positive feedback. This time, I would like to bring awareness back to Canada about a potential threat as it relates to the increasingly popular Tap payment channel.
As smartphones and wearable devices continue their exponential growth in Canada and globally – it’s expected to be worth $34 billion by 2020 - Canadians will need to be wary of this convenient card-based (or alternative NFC wearable device) service.
Tap payment allows Canadians to casually pay for smaller transactions using their devices without attempting a more involved and, yes, ultimately more secure Chip and PIN transaction. However, a fraud type we had almost exhausted in recent years, known as Lost and Stolen, could become a threat. Lost and Stolen had been considered so marginalized as a fraud type by a menacing brother fraud type: Counterfeit. The fraud on counterfeited cards, which is exposed at merchants through skimming events, became the most significant threat experienced by most consumers and was the prevailing problem that Canada had largely pushed beyond the border. As wearable payment devices and friction free (sans PIN) authentication options continue to proliferate, Lost and Stolen will be an increasing typology affecting issuers.
Perhaps it’s Canada’s own success at bringing debit card fraud to such a low rate that has resulted in consumers’ over-weighted sense of security, convenience and a habituation with their primary consumer payment device, the humble EMV Chip and its PIN companion. However, the initial path that brought Canada here was the dedication to deploying EMV’s cryptographic technology with significant enforcement, which mandated a PIN with the transaction. Relaxing the effective authentication controls for the Tap product means that below a threshold amount, typically less than $200, does not require a PIN, and the card or wearable NFC device itself is enough to authorize a transaction at a merchant’s point of sale. The residual here is that it’s not the amount, it’s the frequency, and residual Counterfeit cases are now a mere fraction of the counts of Lost and Stolen.
Cards and wearable payment technologies are frequently and casually left accessible to those who seek to abuse them. Payment devices must be guarded just as much as a wallet that contains debit and credit cards. When consumers leave payment devices in unlocked parked cars, or on open desks at work, without sufficient physical security, it creates an opening for opportunistic fraudsters, where simple car prowlers in the neighborhood can become an entry level fraudster.
Again, there is a ceiling on the amounts that reduce risk, but the inconvenience of having one’s card lost, filing a fraud case, or replacing the card, can be a stressful event and reduce confidence in electronic payments. Further, in the larger picture, the behavior we are seeking to reduce and bring awareness to is easy to remedy: focus consumer behavior to continue to treat plastic cards and NFC devices like the payment products they are. Create programs to bring awareness to secure them, or increase authentication requirements to two factors in every transaction, perhaps significantly lowering the amount threshold for PIN requirements that aligns with the PSD2 thresholds across the pond (50 Euro/transaction).
Part of Canada’s notable achievement in reducing card fraud and creating a culture of awareness was an altruistic commitment to protecting its citizens and financial ecosystem, which is truly admirable. This year, for fraud awareness month, I want to implore all stakeholders in Canadian payments to take steps to continue to eradicate all fraud types in the great white north.
I’ll be presenting on this topic and many more like it at the 2018 ACI Exchange Conference in Denver…hope to see you in May!
Related Blog Posts
The Race to Real-Time Payments in Europe
Instant payments have quickly morphed into the new norm, and as individual European nations forge a real-time, digital-first payments environment, they raise the bar for all financial institutions conducting business in the Eurozone. It’s no longer a question of “what’s the business case?” but a matter of how instant payments players can take advantage of the opportunities now being created.
Local Perspectives: Real-Time Realities Across Asia-Pacific in 2019
Money20/20 Asia returns to Singapore this week, attracting payments professionals from around the vast APAC region – and beyond. The real-time and open imperative is one of the reasons why all eyes are on Asia-Pacific when it comes to payments, so I caught up with ACI payments experts representing three of the key countries within the region, to take the pulse of real-time schemes that are in varying stages of maturity.
Instant and Open Payments for Consumer Purchases – Lessons Learned From India and Beyond
Did you know that 65% of merchants want to accept instant payments? That’s because they know the customer experience (CX) benefits will drive growth for their business, and they recognize that this payment type will save their business money.
What it Means for a Bank to be Real-Time Ready – It’s More Than Just Payments
Banks are quickly learning that real-time enablement of the business is more than just a technological upgrade – there is a wider challenge of transforming services and customer experience. Although the banking world faces this challenge with some trepidation, there are success stories from other industries that have overcome legacy technologies and transformed frustrating and opaque customer experiences.
Putting Malaysia on the Path to Payments Innovation
The public launch of the DuitNow instant credit transfer service, in December 2018, provides just a taste of what lies ahead as Malaysia’s Real-time Retail Payments Platform (RPP) is progressively rolled out. Fueled by Bank Negara’s (BNM) increasing support for e-payment platform development, there has been a steady increase in mobile wallet and digital payment usage, setting the stage for 2019 to be a year of transformation for the payments industry in Malaysia.
The Potential of 'Request to Pay' to Revolutionize Payments
How often have you been in a situation where you realize in the middle of the month that you’re late paying an important bill? And then hit with a wave of dread as you check your bank account with trepidation to see if you can pay? Many of us are lucky to not be in that situation regularly, but most of us have been there at some point, and likely know others who are regularly confronted by this situation.
Monetizing Real Time and Open Payments A Global View from Leading Banks
Payments experts from Bank of Montreal, Lloyds Bank and Rabobank lead a discussion on #NewPayments use cases.
During Sibos 2018, I was lucky enough to moderate a panel of payments experts from around the globe, including banking leaders representing three key phases of the real-time evolution; early adoption, go-live and ‘wave 2.’ Here, I’d like to share insights from these experts, outlining the challenges and rewards for banks in the new real-time and open payments ecosystem.
All I Want For Christmas (Or Any Holiday) Is… Instant Payments Gratification
Mark, some of us are fast approaching the end of the holiday shopping season, some of us are fast approaching that time of year when we consume too much egg nog, and some of us are fast approaching too many viewings of Die Hard or It’s a Wonderful Life or Love Actually or Christmas in Connecticut (I’ve disclosed too much about myself). To segue slightly more than slightly, I was at Target over the weekend, braving the holiday shopping crowds, to buy toilet paper, paper towels and tissues… and I took advantage of the 5% off that I get from using my Red Card. I surveyed the throngs of other consumers in the nearby checkout lines and not once did I see another store card. During this, the biggest shopping season of the year, why wouldn’t consumers use loyalty/rewards cards when making purchases?
Instant Payments in Italy – And Beyond: Lessons from Il Salone dei Pagamenti
ACI was invited back to Il Salone dei Pagamenti – Italy’s premier payments event organized by the Italian Banking Association (ABI) – to participate in a panel, “SEPA Inst – the Future.” As expected, the session was packed with stats and advice for a more efficient roll out of instant payments – in Italy and beyond.
Request for Pay – What Does It Mean For Financial Institutions?
What do banks – one with $60B+ in assets, one a mid-size regional bank, and one, a small innovative credit union – have in common with payment networks and the ‘Big 4’ consulting firms? They were all part of the first ACI #PaymentsForBreakfast event in North America! The theme was real-time payments, but the focus was more specifically on Request for Pay.