Card Fraud Looking beyond EMV

However, EMV is coming to the United States slowly but surely, particularly with the set dates of 2015 and 2017 when liability for fraud shifts to merchants that have not invested in the EMV technology. In the meantime, card issuers and others are working on enhancements to forestall the magnitude of the shift from card-present fraud to card-not-present fraud that occurred in Europe.

"Ultimately, long term, EMV will help mitigate the fraud landscape. However, the migration to EMV is going to take several years and according to statistics I've seen, only about 40% to 45% of merchants and issuers by the 2015 date will be EMV-enabled. So once that liability shifts, there won't be an automatic reduction in fraud. It will take several years," Postma says in a webinar produced by TMG.

Historically, she notes, the European nations saw a steep shift from card-present fraud to card-not-present fraud after EMV took hold. In response, many of those nations mandated additional validations, beyond the chip-and-PIN or chip-and-signature verifications used now, but have had limited success, she says.

In preparation for the U.S. EMV migration, credit card companies are looking at such enhancements as texting a unique password every time a transaction is initiated by a cardholder. Also, they are looking at using mobile location technology to compare with a transaction's IP address to see if they are geographically close.

Ultimately, each financial institution has to decide for itself regarding the timing of EMV migration, she says. Currently, those institutions that offer EMV now generally do so to meet the demand of their overseas-traveler customer base. Most others generally have the strategy of phasing it in to meet the liability shift dates.

During the webinar, Postma also talks about a range of fraud schemes and tactics that criminals are using now, as well as effective fraud detection and prevention strategies financial institutions can take.