Chip and Pin: Making Fraudsters' Lives Difficult in the UK
13th December 2010In the UK, recent years have seen high levels of credit card fraud. Despite the claimed security credit cards provide, criminals have been - and still are - accessing the credit card accounts of others by stealing their bank details. This being a major problem, financial companies have been doing all they can to reduce the risk of credit card fraud.
In 2004, Chip and PIN technology was introduced across the United Kingdom. Chip and PIN credit and debit cards aim to reduce fraud by placing a semi-conducting chip in the card, which is then accessed by card readers in store. The cardholder is then required to enter a unique four-digit code when making purchases. If the pin code matches the one stored in the chip, the transaction will go through successfully. This helps to make sure it is indeed the cardholder using the card, and not a criminal.
This year, there has been around a 20% reduction in the total amount lost through credit card fraud. The first half of 2010 saw losses fall to around £186 million over six months - although this figure sounds staggering, it is in fact the lowest loss over two quarters for a decade. These reductions have been credited to improvements in the Chip and PIN system, as well as other new technologies such as contactless credit cards.
Since the introduction of Chip and PIN, there is no doubt there has been a drop in fraud levels. The technology stopped many fraudsters taking credit card details, and caught many others who were then sentenced as criminals.
However, there is still a lot of room for improvement. Criminals are masters of moving with the times, and have inevitably found ways to get around the barriers of chip and pin. Researchers have recently found that by attaching a small circuit board containing a computer chip and a transmitter to the chip in the credit card, fraudsters can avoid needed to use the four digit pin code of the card. The circuit board and chip can communicate with a computer (concealed in, say, a backpack) which will then allow the transaction to go through without a code. The user simply needs to key a random four digit number into the pad. Scientists are now saying the Chip and PIN security software must be rewritten in order to make it fully secure.
But despite the flaws of Chip and PIN, there is no doubt it has made credit cards much more secure than they were before. These days, most stores use Chip and PIN to allow customers to make purchases by card. Since 2005, stores themselves have been held responsible for any losses due to fraud: it is seen as their job to make use of the new technology.
Although Chip and PIN is a great help to prevent fraud on the high street, it is not so helpful online. The increased difficulties of hacking cards with chip and pin technologies have led criminals to change their ways, and target online transactions instead. The recent introduction of security systems such as 'Verified by Visa' has helped reduce online losses by fraud to £25 million in the first six months of 2010 - a drop from the £39 million lost between January and June 2009. This is the first time online fraud has dropped since 2007, according to the UK Cards Association and Financial Fraud Action UK.
It remains to be seen how long these technologies will be effective for. The truth is, every new technology developed to add security has a limited time period: fraudsters will always find a way to get around the obstacles put in place. It is of great importance for financial institutions and the government to continuously place high priority on introducing new security methods.