Last month, I invited everyone to participate in a survey about card fraud detection. It asked a simple question: “Who’s better at card fraud detection? You or your bank?”
The results are in and, well, it looks like it’s more or less a tie: cardholders initially detected card fraud slightly more often than their issuers. But when a second instance of fraud was experienced by those same cardholders, it was the issuer that was the first to notice the bogus transaction.
Let’s take a deeper look:
In the case of the initial fraud, 73% of such frauds occurred on credit cards, with the remaining 27% on debit cards. Household members detected the fraud 54% of the time; the card issuer detected it 46% of the time. When the fraud was detected by a household member, online statements or online transaction monitoring was most often (67%) the way the the fraud was identified, with mobile alerts being the second most common method at 17%. Surprisingly, only a very small fraction of transactions were detected through a declined transaction.
When fraud was detected by the card issuer, phone calls (73%) and emails (43%) were the predominant channels used by the issuer to notify the cardholder. That adds up to over 100% because issuers generally reach out to cardholders via multiple channels. I know that was the case when my card number was hijacked!
When asked where they believed their card data was compromised, “no clue” (40%) was the most frequent response, but 19% believed they lost the card data in a retail environment, 16% think they lost it at a restaurant and 12% think their card details were compromised online. Less than 4% of respondents actually lost or had their physical card stolen.
28% of respondents that reported a card fraud reported a subsequent during the following twelve months. Again, it was mainly credit cards that were lost (87%). I guess carrying five credit cards versus one debit card (as does the typical consumer) makes it harder to keep track of those credit cards!
In the case of the second frauds, the card issuer was most often the first detector. Mobile alerts played a more important role in alerting household members that fraud had occured (60%), but phone calls and emails were still the main way issuers contacted their cardholders when they thought something was fishy.
We asked about a third instance of fraud, but the number of respondents reporting a third fraud was insignificant.
Our last survey questions asked: “Did your card compromise cause you any hassles with subscription or card-on-file services? Has your experience changed your use of cards?”
The answers were “kinda” and “no”:
“Yes”, 48% of you replied, losing your card credentials was a hassle. I know that it was for me; I had to update my Netflix, Amazon and PayPal accounts with new card info. I was surprised that 52% of respondents said “no.” How does that work?
Finally, 65% of you said that losing your card info hadn’t changed the way you use cards. Only 8% said they had shifted from using a debit card to using a credit card, and another 8% said they had simply stopped shopping where they thought they’d lost their card credentials.
What’s the key takeaway?
I’m surprised that issuers, with all their investments in fraud detection technology, don’t “win” the fraud detection and reporting race more often. Maybe that’s due to the fact that our survey was completed by payments professionals, who monitor their payments more closely than most. And I guess you could suggest that by providing some online statementing and alert services – like the Amex Passbook app that informs me when my card is authorized – those “wins” should be credited to issuers. But even with those tools, I’m still performing the role of fraud detector…and I’m not on Amex’s payroll!
This survey was inspired by an inquiry from one of our PaymentsViews readers. If you have a survey idea (related to payments!) let me know, and maybe we’ll find a way to field it. In the meantime, please participate in the Bitcoin survey we have running now!
This PaymentsViews post was written by Glenbrook’s Jay DeWitt.
