Credit card fraud is a serious issue around the world, with millions of people falling prey to different scams every year. And it is only getting worse as payment channels grow.
But credit card companies, along with the authorities and a growing number of security firms, are constantly searching for ways to improve card security. So just as there are now more ways to pay than ever before, there are also more and more ways to stay safe when you choose to use your card.
Here, we take a look at some of the cutting edge security options designed specifically with credit cards in mind. While some may be too far out there to be implemented just, others could give us a definite insight into how fraudsters will be stopped in the near future.
On This Page
Card-not-present (CNP) transactions, refer to any purchases or other charges that are made without a physical credit card (i.e. online, over the phone). The majority of card fraud happens through CNP transactions, with the Australian Payments Clearing Association (APCA) reporting that it made up 72% of all card fraud incidents in 2013.
“Card-not-present fraud occurs when valid card details are stolen and then used to make fraudulent payments over the internet, telephone or by mail order,” APCA explains.
While things like fraud monitoring and additional verification steps during the transaction process have been implemented to help reduce the risk of card-not-present fraud, it continues to be a major issue that is still on the rise.
But one innovative way to help keep your money safe is to actually limit how much can be spent when making CNP transactions. The Commonwealth Bank last year introduced a mobile app feature known as “Lock, Block and Limit” that gives you more control over how much can be spent on certain types of transactions.
With this app, for example, you can set a daily limit on your credit card so that there is less chance of you going over your budget and less chance of criminals stealing all of your money. Even better, though, CommBank says you can block suspicious transactions, such as online international payments.
“A credit card is perfect for online shopping, but when you’re not using it you can make sure that no one else is making payments on international websites,” CommBank says.
“When you find that thing you have to have, just unlock it again.”
The same process applies for in-store international payments – which you can lock while you’re in Australia and unlock when you go overseas – and if you lose your credit card. While no other banks currently offer this feature, it is a great way to give you more control over how, when and where your credit card is used so that fraud is less of an issue.
It kind of sounds like something from a science fiction movie, but there are now credit cards that authorise payments with a touch of your finger. MasterCard and Zwipe launched the first of these “biometric” credit cards in October 2014: a contactless card that has a fingerprint sensor, which “activates” the card before transactions can be made.
MasterCard says the Zwipe MasterCard Payment Card is the first of its kind to combine “the security of biometric authentication with the speed and convenience of contactless payment”.
Cardholder fingerprint data is stored directly on the card, with the activation process replacing PIN authentication so that cardholders can make contactless payments of any amount without needing to do anything but press the small touchpad first.
The major benefit to this technology is that it means you, and only you, would be able to use your credit card for in-person transactions. For starters, that would limit fraud risks such as letterbox theft, which Australian police have said is increasing because thieves can then make smaller, contactless charges on a stolen card without needing a PIN or anything else.
But this kind of card could also act as a block for CNP fraud. If you had to use your fingerprint before any transaction, that would also mean you would be the only one able to use card details for online purchases and other types of charges.
The downside is that it would stop you sharing a credit card with your partner, so sharing errands could become a bit less convenient.
Imagine having a credit card that is impossible to hack. While it might sound like an impossible task to create such a card, researchers in the Netherlands say that quantum physics could provide the answer.
In a study published in the journal Optica in December 2014, research from teams at the University of Twente and Eindhoven University of Technology outline a method that makes it “impossible to hack cards or imitate their properties, even if those with malicious intent have all the necessary information at their disposal, such as the complete structure of the card.”
The system uses a layer of paint, or “nanoparticle strip” that would be zapped by a laser to authenticate it and create a unique, unhackable pattern by harnessing light properties in the quantum state, which allows photons (light particles) to be in several places at once. As the University of Twente explains it:
“A card is equipped with a paper-thin layer of dry white paint which contains millions of nanoparticles. If you send a light particle into the paint it will, like in a pinball machine, ‘bounce’ between the nanoparticles until it escapes.
“If a bank sends a complicated pattern of light dots that’s unique for each transaction (a ‘question’) into the paint, you will subsequently be able to detect a new unique pattern of escaping light particles (the ‘answer’) at the surface. The bank will only approve of the card if this pattern of dots is correct.”
Basically, with a bit of white paint and a laser card reader, we could all have unhackable credit cards on hand.
Another kind of in-person and mobile payment technology that’s been considered by credit card companies involves scanning your veins to authenticate transactions.
Like fingerprints and irises, vein patterns in our hands are completely unique, and could offer credit card companies a more secure authentication method as a result. According to US company Biyo (which has invested in the technology and now sells it to vendors), vein scanning offers a fast, secure and convenient solution to fraud and could be the future of payment authorisation.
“With identity theft costing merchants, banks, and consumers millions of dollars every year, our goal is to eliminate fraud and revolutionize the payment industry by getting rid of all the barriers that makes payment complicated,” it says, before explaining the set up of its technology system.
“Biyo works by allowing you to link your credit cards to your palm at the point of sale at any location with a Biyo POS terminal. We use palm vein scanning to create a unique and secret password that gives only you access to your payment information.”
Biyo users can register their cards and details online, then use a mobile app to manage payment options and view past transactions. But Biyo says that its goal is to be as inclusive and convenient as possible, so for consumers “all you need is yourself.”
But whether or not this payment option will be taken up by many merchants remains to be seen.
With data breaches becoming a bigger issue for credit card users all around the world, it is clear the technology currently in use has a lot of flaws. But security firm Intel has developed a solution in the form of its Data Protection Technology (DPT) for Transactions, which aims to keep personal data and information safe regardless of any hacking incidents or other data breaches.
In the Tech Brief for DPT for Transactions, Intel says that the credit card and payments industries face serious problems from hackers “exploiting security gaps, and stealing staggering amounts of transaction and personal information.”
“Intel Data Protection Technology for Transactions closes this gap by creating a transaction path that directly routes data from the payment terminal to the bank’s servers encrypting sensitive personal information that bypasses the POS platform, its system memory and the POS operating system.”
This technology also protects customer information that is transferred to data centres for analytics (i.e. the information recorded for loyalty programs), which are becoming just as much of a hacking target as POS terminals.
What’s more is that, unlike some of the other technology explored in this article, this hardware-software bundle is adaptable to multiple payment systems. That means it is accessible for merchants and credit card companies all around the world without too much hassle changing things over.
Many banks have moved on from ‘secret questions’ and user controlled passwords – although HSBC’s logon process still asks for a different set of numbers from the customer’s access code on each logon, as well as a memorable word, rather than a predictable (or easy to find out) secret question such as mother’s maiden name. Whether you’re a credit card only customer or do all your banking with the same bank, the chances are if you’re not already using OTP for at least some online banking transactions, you soon won’t have a choice.
OTP is basically a way of creating a new, unique password for each transaction, which also expires and cannot be repeated (or the transaction is blocked).
Credit card security is already changing at a rapid pace as credit card issuers and companies strive to keep up with the latest threats. But one of the biggest messages the industry broadcasts is that cardholders can also help keep their accounts protected.
At the moment, that means regularly checking your transaction history for suspicious charges, covering the keypad when you enter a PIN and making sure online passwords are secure and hard to hack. But some of the options explored here could give us even more control over our card security.
The ability to lock and block transactions, for example, is a great way to reduce the risk of fraud or (in a worst case scenario) at least limit how much money can be stolen. Similarly, the idea of “activating” a card with your fingerprint before it can be used takes security to a more personal level.
Other technological developments, like the quantum light paint strip or vein scanning system, may or may not make it into the mainstream. But when it comes to encryption technology, any and all advancements are likely to leadto major industry changes. After all, with so many people now using credit cards across all platforms, data encryption really is becoming more important.
But whatever security concerns you have about your credit card, all of these technological developments suggest that there are a lot of people dedicated to figuring them out so that your cards stay safe at all times.
Pauline is a personal finance expert at CreditCard.com.au, with 8 years in money, budgeting and property reporting under her belt. Pauline is passionate about seeing Aussies win by making their money – and their credit cards – work smarter, harder and bigger.
Something you need to know about this card? Ask our credit card expert a question.Ask a question