While we naturally tend to focus on all of the innovative things that have happened in payments over the years – brought to us by upstanding companies and institutions – there’s also a dark side to innovation that sometimes is the elephant in the room.
I’m talking about the innovations that fraudsters continually cook up to make money by attacking the payments systems and schemes. Over the years, we’ve seen a continuous evolution in their approaches – almost a Darwinian evolution. Indeed, for the major card companies, they must keep inventing new approaches to dealing with fraudulent activities – as the evolution continues.
What are some examples of the dark side at work? The theft of payment card credentials, of course, comes immediately to mind. A wide ranging inventory of techniques have been developed to try to capture payment card data at various points in its life cycle of usage – and then abuse it. Because these card credentials aren’t secrets – indeed the credentials (card numbers, mag stripe data, etc.) have to be revealed to merchants for a transaction to be consummated – there are opportunities to intercept and capture them.
In the online world, techniques abound for the capture of computer keystroke information – enabling the take over of online bank accounts once the consumer’s username and password have been captured. Tricks designed to try to fake the consumer into entering their logon information through phishing attacks are yet another example.
I could go on. The list is long and constantly evolving. A steady competition continues between those developing and exploiting new techniques to perpetrate fraud and those who must ensure that it never gets out of hand.
At today’s levels in the card systems, fraud is a relatively minor “cost of doing business”. But it’s a on-going battle to keep it that way. Darwin’s at work – on both sides of the line.
