Apacs hails drop in online banking fraud

Losses fall by a third to just £22.6 million, according to the latest figures

Online banking fraud dropped last year, despite the number of phishing attacks during the period nearly doubling, according to the latest figures from UK payments association Apacs released today.

The total level of fraud in the UK rose 25 per cent between 2006 and 2007, Apacs reported, £427m to £535.2m. Nevertheless, online banking losses plummeted by a third to just £22.6m.

Apacs also noted that the number of phishing incidents rose from 14,156 in 2006 to 25,796 during that period.

The drop in fraud could be explained by greater customer vigilance and improved back-end fraud detection measures from the banks, enabling them to spot suspicious transfers, according to Apacs.

Apacs also argued that "the incidence of computer hackers stealing and using cardholder data from retailer websites remains low".

"The reality is that most internet card fraud involves a criminal obtaining genuine card details in the real world that are then used to shop online."

An Apacs spokesman said the 3-D Secure payment authentication initiatives by Visa and Mastercard are helping to stem the tide of online fraud. Take-up of the scheme is gathering pace, he said: "In the beginning take up was a bit chicken and egg, but now it's grown from ten million to 18 million cardholders, so they're getting the message, and so are the retailers."

Simon Stokes, chief executive of secure payment systems provider CyberSource, agreed that Visa and Mastercard schemes can help retailers safeguard their operations.

"The Apacs report suggests that most internet fraud occurs when people have had cards stolen in the physical world and that they are then used online," he added. "This undoubtedly does happen; however, as fraudsters become more sophisticated in their approach they are likely to use a combination of methods to capture customer data. This includes using card generators as well as breaching the security of a website rather than just physically stealing the card details."

David Porter of fraud prevention consultancy Detica said that too much protection could encourage consumers to be more reckless in their online shopping and banking habits.

"We need less technical detail [from Apacs] about the how fraudsters ply their scams and more memorable, commonsense instruction on what consumers should do to stop getting duped," he added.