Card fraud market is becoming commoditised

(16/04/2009)

Fortify Software believes that one in three adults in the UK will be affected by card fraud in the coming year, an increase over last year when the card fraud affected one in four.

This prediction, says Richard Kirk, the software security assurance experts' VP of EMEA, is based on the fact that criminals are experiencing considerable hardship owing to the ongoing economic credit crunch and based on reports such as the CPP, which recently noted that card fraud had affected 25 per cent of the adult population.” said Kirk. "When you analyse the card fraud figures from APACS, you can see that UK counterfeit card fraud increased by 46 per cent to 144.3 million, despite domestic UK card cloning dropping by 32 per cent," he added.

According to Kirk, what is driving UK card fraud ever upwards is fraudsters shipping card data abroad to areas such as North America, where only a signature is required at retail stores, and committing high volumes of fraud on UK cards there.

Further, Fortify's VP says that, whilst card fraud identikits - which typically include a card number, start/expiry dates, three digit CVVs plus other relevant data extracted from the magnetic strip of the payment card - were selling for around $15.00 each 18 months ago, that figure had fallen to around $2.00 by last October.

"And, as card identikits are shared between cybercriminals, this form of card data is increasingly being sold by the thousand, meaning that kit prices are dropping to just a dollar a pop, when sold in volume," Kirk explained. And he says, there is every suggestion that this trade will continue to increase, meaning that as many as one in three account holders could be affected by card fraud during 2009.

"Just as the average person in the street is having to tighten their belt, so is the average card criminal. They are having to increase their sales volumes by reducing the cost of each card indentikit, and so compete with the growing number of people in possession of this data," he explained.

And, he says, criminals are continuing to ramp up their business to sell files by the thousand, simply because they can obtain data so freely from staff in retail outlets and through other means.

Kirk went on to say that, when you factor in major card data breaches such as the Heartland Payment System fraud in January in which as many as 100 million card account details were heisted, you can begin to understand why the cost of each card indentikit is falling so rapidly.

According to Fortify, the card fraud market is reaching the stage where the Poundland retail philosophy of `everything for a pound' seen on the High Street now applies to the world of card fraud. "We are reaching the stage where the card fraud market is becoming commoditised, and the card indentikit price being dictated by what is effectively a glut in the market," he said.

Related topics:

Print version | Email to a friend | Related articles

Data breaches: Trends, costs and best practices gives you all the latest information on securing personal and corporate data, key recommendations for immediate action to improve data security, and how to respond to data breaches.

Other Security news and resources