1 / 20

Implementing the SEPA Cards Framework SCF: Towards greater security for card payments

1- Card fraud prevention: need for a cooperative approach. 3. Card fraud in SEPA: some facts. Approximately 10 million fraudulent transactions per year in the SEPA area affecting 500,000 merchants and representing roughly

michiko
Download Presentation

Implementing the SEPA Cards Framework SCF: Towards greater security for card payments

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


    1. 1

    2. 1- Card fraud prevention: need for a cooperative approach

    3. 3 Card fraud in SEPA: some facts Approximately 10 million fraudulent transactions per year in the SEPA area affecting 500,000 merchants and representing roughly € 1 billion losses for the banking industry Scale, extent and level ? Pan-European issue Card fraud damages image of banking industry and acceptance of electronic payment instruments Fraud prevention: within the cooperative space, and a societal obligation for all stakeholders

    4. 4 EPC approach to fraud prevention “An essential, if not paramount, ingredient needed to build the SEPA is the degree of Trust and Confidence perceived by all the parties involved in a card transaction. (…) There should be a concerted effort to attain a uniform level of equipment in the different zones of SEPA, so that any cardholder who wishes to pay with a card is provided with the same facility, and the same level of security, in each of the different Member States.” Source: EPC Cards WG Findings & Recommendations, Jan. 2003

    5. 5 EPC Cards WG Recommendation Nr. 1, January 2003 “The banking industry should reinforce actions to prevent and combat fraud through active co-operation between banks, card schemes, retailers, the Eurosystem, the European Commission, law enforcement authorities, governments, and other stakeholders. Minimum security standards (including EMV chip) and a common approach for tackling fraud will be defined, and their implementation monitored. ”

    6. 6 EPC Card Fraud Prevention TF Task Force of EPC Cards WG Created in March 2003 Participation of ECB, EC, and card schemes EPC Forum on “Fighting Card Fraud across Europe”, Paris, 8-9 October 2003 Industry “Battle Plan” to combat card fraud EPC Resolution on “Fighting and preventing card fraud across Europe” (approved in Dec. 2003) Participation in EU Fraud Prevention Experts Group

    7. 7 Fighting and preventing card fraud across Europe: actions completed European antifraud database opportunity and feasibility study Consolidated security standards and procedures: European antifraud toolkit EMV implementation snapshot Inventory of standardisation initiatives Strengthen EPC involvement in the EU Fraud Prevention Experts Group Best practices’ section on EC website

    8. 8 Types of Fraud 2 very different phases: Attack (Data Capture) Theft of card Compromise of card details & PIN etc. Usage (Misuse) Use of stolen card Use of manufactured counterfeit etc. Need to react / prevent at every level Prevent – Identify – React – Limit consequences – etc.

    9. 2- EMV roll-out: migration status in SEPA EPC figures as of end September 2006 (Q3 2006)

    10. 10 EMV roll-out: status in EU-25 As of end September 2006: 50.0% of payments cards (debit & credit) 47.1% of POS terminals 56.6% of ATMs … had already been converted to EMV Source: EPC quarterly “EMV Implementation Snapshots”

    11. 11

    12. 12 EMV Migration in EU25: Cards % in EU25

    13. 13 EMV Migration in EU25: POS % in EU25

    14. 14 EMV Migration in EU25: % of EMV ATMs in EU25

    15. 15 EMV accompanying measures Implementation monitoring by EPC Card Fraud Prevention Task Force: Overview of EMV “liability shift” rule implementation (deadline 01-01-2008): not only for cross-border transactions, but also for national transactions! Overview of EMV transactions and magstripe fallback rates at POS/ATMs: comparison with EMV implementation snapshot; identification of possible issues Overview of EMV “acceptance holes”: best practices to convince petrol and vending sectors to migrate; overview of terminal types present in SEPA

    16. 3- Latest EPC initiatives in the area of card fraud prevention

    17. 17 Card fraud prevention: 3 new axis of work (1/3) Issue: problems at POS & ATMs with magstripe fallback on EMV transactions ? Proposal: shift the liability of fraud losses in case of EMV magstripe fallback from the issuer to the acquirer as from 1st January 2008 for ATM transactions. Consider a similar measure on POS transactions at a date to be defined.

    18. 18 Card fraud prevention: 3 new axis of work (2/3) Issue: fast increasing CNP fraud ? Proposal: card schemes to mandate as from 1st Jan. 08: - acquirers to acquire and transmit CVX2 values for e-commerce transactions - issuers to decline any authorization request made with a false CVX2 and any authorization request not carrying a CVX2 value for those transactions. ? Proposal: card schemes to analyse a similar rule for MOTO transactions. ? Proposal: card schemes to incentivise 3DSecure implementation by protecting acquirers from liability when the merchant is 3DSecure enabled, as from 1st January 2009.

    19. 19 Card fraud prevention: 3 new axis of work (3/3) Issue: lack of aggregated statistics on card fraud in SEPA; difficulty to monitor trends ? Proposal: collection of aggregated statistics on card fraud in SEPA through card schemes and using the intermediary of the ECB as a trusted third party; fraud categories = those currently commonly used by international schemes (Lost & Stolen; Card Not Received; Counterfeit; Card Not Present; and “others”).

    20. 20

More Related