Banks seek new fraud solutions

Banking body reviews technology options to combat rising cost of card-not-present fraud

Banking industry body Apacs is examining new technology options to combat the growing threat of card-not-present fraud.

Instances of card-not-present fraud increased 21 per cent last year, costing banks £183m, and Apacs says the figure will be higher this year.

‘Card-not-present fraud is the fastest rising type of fraud,’ said as Apacs spokeswoman. ‘We would be daft not to consider solutions, and there are a few under review at the moment.’

Apacs declined to give exact details of the systems it is examining, but confirmed it is looking at a personal authentication system called Gridsure that creates one-time dynamic PINs or passwords every time it is used.

Users will simply need to remember ‘a shared secret’ which will be easier to recall than a four-digit PIN, according to creators Stephen Howes and Jonathan Craymer, who have recently signed a two-year deal with PricewaterhouseCoopers to market the system.

‘We have not rejected the idea, but there are a couple of other ideas around,’ said the Apacs spokeswoman.

‘For card-not-present fraud the route we are more than likely to go down is a variation on what Barclays has done.’

Barclays said earlier this month that it is to issue stand-alone card readers to all online banking customers over the course of next year to tighten security (Computing, 3 August).

Richard Weber, director of Cambridge University’s statistical laboratory, tested the Gridsure system and believes it could ultimately replace chip-and-PIN.

‘The systems in existence already [that generate one-time PIN] mean carrying around a list of numbers, having numbers sent to your mobile phone or carrying some kind of electronic device, he said. ‘This system purely works on the fact that you have remembered something and it is absolutely viable that it can replace chip-and-PIN.’

Michael Alculumbre, managing director of Protx, the largest independent payment service provider in the UK which handles more than £200m worth of transactions every month, is also considering Gridsure.

‘We’re in the early stages of talking to them but we’re very interested in adopting the system,’ he said.

Apacs was the driving force behind the February chip-and-PIN deadline which shifted fraud liability to merchants not using the technology. It released figures this week saying the technology has reduced counterfeit fraud by a quarter.

What do you think? Email us at [email protected]