Card giants fight net fraud

The advent of chip and PIN technology - which will allow credit card users to enter a personal identification number (PIN) into point of sale systems instead of signing slips - may actually encourage more fraudsters to move online.

According to credit card firm Visa, chip and PIN technology will make credit cards harder to counterfeit, or use if they are lost or stolen. As a result, more fraudsters may try to operate via the phone or online - carrying out card-not-present (CNP) fraud. At a recent roundtable event, Visa said 30 percent of card frauds currently involve CNP situations - where the buyer is not present to physically sign off the transaction. It predicted the proportion would rise to nearly half by the end of 2007.

To tackle the growing problem, Visa and its rival credit card provider MasterCard have developed new types of online payments systems, designed to reduce the opportunity for CNP fraud.

MasterCard is starting to roll out its SecureCode system this autumn. Under the system, online shoppers will need to enter their usual address and card data, along with a secure PIN when making a purchase via the internet.

The PIN is then used to verify user identification and validate the transaction with the card provider in real time.

Visa is pushing its own secure online payments system, Verified by Visa. It operates in a similar way to SecureCode, with a PIN required along with contact and card details. Visa estimates that this system will save retailers £55m a year and will reduce e-commerce cardholder disputes by 80 percent.

But the success of these systems will depend on their uptake among retailers, banks and consumers. Paul Lucraft, general manager for Business Services at MasterCard Northern Europe, said the focus at present is on persuading the big retailers and banks to implement the SecureCode system. Lucraft predicted that uptake would start to take off around the Christmas season this year and would carry on into early next year.

According to Visa, 4,000 UK retailers have signed up to Verified by Visa so far, including Expedia.co.uk, Dabs.com and Opodo. HSBC and Lloyds TSB are among the issuing banks taking part.

Despite this support and the fact that the new card systems were originally unveiled about 18 months' ago, secure online payment systems are still far from common on UK web sites. However, both card companies said they would make a big push over the next year or so.

Once in place, such systems could offer benefits to all parties in online transactions. "Merchants face lower risks; cardholders are given a greater degree of certainty; and the solution is delivered cost-effectively," said Lucraft.

Retailers were initially concerned that they would have to implement and maintain two separate infrastructures to support the two rival credit cards. However, the two systems are compatible, according to Lucraft. "Retailers were very keen to have a common solution," he said. "SecureCode is compatible with what Visa offers."

Hugo Bottelier, head of payment services at Visa, agreed with Lucraft that the systems are compatible, adding that both are based on 3D-Secure authentication technology. The schemes could also reduce the costs of charge-backs for retailers, when fraud does take place, he added. "As long as you can show you've attempted to participate in Verified by Visa as a retailer, you won't be liable for charge-backs," he said. "The retailer is protected even if the customer is not signed up."

James Roper of the Interactive Media in Retail Group said that the new schemes could make consumers more confident of the security of online trade. "The future of e-commerce is in third-party referencing to prove that transactions are absolutely secure," Roper added. "As long as there's any perception that a consumer might lose money, they won't want the hassle."