For Credit Card issuers, the heavy hand of the Senate Banking and Finance Committee continues to shadow lending practices. While they have focused on identity theft and fraudulent practices, the topic has gained more scrutiny given the many news stories that have shown up in the past few months.
In early March, the Committee held hearings and heard from consumer groups who are demanding that Congress take action and curb abusive lending practices. Senator Carl Levin of Michigan as well as others on the committee including Senator Christopher Dodd of Connecticut are resolute on taking action from conclusions of the GAO’s October report that revealed practices of poor disclosure and lending practices that hurt consumers.
The topic is becoming notable in many different venues.
Even movie makers are drawing attention to credit card users in a new film called “Maxed Out” that exposes some habits for card issues in the same way that the film “Supersize Me” did for the fast food industry. Maxed Out follows two college students who run up credit card debt so great that they consider suicide.
For someone who’s in the transactions end of this industry, the hearings give many hints of the pulse of this committee. The card industry is in the scope of our new Senate and House leaders. It is difficult to be sure how far that scrutiny will go, but rest assured, they seem committed to the safety of the consumer and insure that disclosure of as well as fair charges and identity theft are at the top of their list in regulating the card industry.
What should be coming next is a full court press to address the conflagration of fraud and crime being committed with the point-of- sale equipment.
According to Associated Press reports, the Federal Trade Commission (FTC) received 250,000 complaints about identity theft for 2006, which is way out in front among all the category of fraud that it tracks. Credit card fraud accounted for the highest percentage of complaints related to identity theft fraud. Our own Federal Trade Commission estimates that reported fraud losses from identity theft are reaching the $1 billion mark and many in the industry believe that the actual number is even greater.
But thieves are getting pretty good at developing ways to steal credit card data. The FBI and U.S. Postal Inspection services are warning all about “skimming”. It’s been around for years—as a reminder, here’s how it works:
Let’s say you go to a restaurant and sit down for a meal. At the end of the meal, you ask for the check and give the waiter your credit card. Whoever has your card may swipe it through the restaurant’s machine and also through their own portable swipe machine that “skims” your data and information and shazam – they‘ve got your credit identity.
The restaurant chain Ruby Tuesday’s is upgrading their credit card system to combat this. The same holds true for The Cheesecake Factory restaurant chain that also saw incidents of skimming that managed to get federal law enforcement officials involved and dubbed their efforts “Operation French Fry”.
In Costa Mesa, California thieves similarly planted PIN-capturing devices at a gasoline station late in the night. The data captured was later used in Las Vegas to withdraw some $100,000 in cash from ATMs.
It was also late at night that thieves planted skimming devices at a Stop & Shop in Rhode Island and Massachusetts and managed to steal over $56 million dollars by capturing data from these devices. Stop & Shop reacted by transmitting the data to an offsite firm to process the transaction. It curtailed its in-store processing and storing of that data in the store.
In Colorado, reports revealed another practice that somewhat resembles Internet phishing. A cardholder gets a call from a so- called security officer of a card issuer, and gives a badge number after stating that they are investigating some erroneous purchases that the cardholder assures them that they did not purchase.
This security officer asks for the last four digits of their card and the security code on the back “to receive credit”. The disturbed cardholder is enthusiastic to hand it over and the violation has occurred.
We’ve all gotten emails using a similarscheme where an officical looking email sends you to an official looking website where you are asked to enter your data.
These and other indicators are causing many in the transaction industry and in Washington too, to feel that oversight isn’t nearly enough at this point.
When the industry garners this attention, technology often responds to it. While it’s difficult for technology to affect the poor spending habits of consumers, they are continually developing ways to inhibit the invasion from identity thieves.
Technology firms continue to react to theft through transactions by designing technology to combat it. As the theft becomes innovative, so does the technology. For example, Innovative Card Technologies, recently introduced technology that would enable a distinct number to be generated that positively identifies a person, every time their card is used. This would be done through a sophisticated computer chip embedded in the card that generates a unique identity tag. Shifty hackers and identity thieves would have a hard time cracking such technology. But as has been the case before certainly someone will build a way to “break” the code.
Beyond the technology is the fact that fraud rings operate behind the guise of a corporation and their identity is not easy to identify. One thing that Senators are asking the National Association of Governors to support is legislation that would not allow company officers to remain anonymous. This was sparked because many firms suspected of originating fraudulent practices – not just in the electronic transactions industry, but also with many different practices – to be able to be identified. Their argument being that the corporate entity does have limited liability and should be viewed as one person, however when it comes to fraud, it’s necessary for individual names to be identified for intelligence purposes in controlling white collar crime.
“Lawmakers need to draft legislation on data security issues to further the efforts to combat credit card fraud,” says Donny Askin, CEO of OrderMotion, a company who provides eCommerce services and recently attained PCI Compliance. “ Sound legislation, combined with strict self-regulation by the industry itself, together will go a long way toward ensuring the security of consumer data.
The PCI standard is but one example of the industry’s effort to enact strict guidelines. Ultimately if organizations don’t get certified, they will lose business. That in itself will make a big difference.”
“DC regulators are demanding banks, credit card companies and other financial services companies to take a greater responsibility in protecting consumers identity and sensitive information,” adds Kelly Owen of EncryptaKey.
So the tide in Washington nowadays is beginning with usurious practices that include high penalties, exorbitant interchange fees and other points of inadequate disclosure that have gotten the Committee both up in arms and resolute about controlling. But also on their list is that of identity theft.
Right now, it appears that more consumers are victims of identity theft that seem to be occurring at the point-of-sale, and lawmakers will likely be tightening the screws on these practices and welcoming technology that can help end the smarter thieves who seem to be exploiting magnetic stripe technology. Such technology has been around for over 30 years, long before the age of the leisure hacker thieves, who figure out a way to commandeer the technology for their own gain.
Askin adds “There has been a lot of talk on Capitol Hill about credit card data security breaches, and it no doubt has helped serve as an impetus for important security initiatives, such as the PCI standard. We are confident that through initiatives such as the PCI standard, the security of consumers’ private information will continue to improve and the high-profile data breaches will become fewer and far between.” I guess we’ll all wait and see how it all shakes out on the Hill.
|
