How Future Technology Can Help Battle Fraud

How Future Technology Can Help Battle Fraud
Posted: Jan 18, 2017
Comments: 2
Author: Lou Grilli

Imagine a day when data breaches yield no usable card numbers.

While many authors are making their predictions for 2017, predictions for battling payment fraud need to take a much broader view. Imagine a safer world of payments where credit and debit card fraud is mitigated through technologies. The mag stripe is gone forever, and mobile payments as well as terminal-free check-outs rely on tokens instead of an actual 16 digit Primary Account Number (PAN). And for those who still insist on holding a piece of plastic in their wallet, cards will have smart security measures – a biometric scan device on the card to prevent lost/stolen usage; geolocation capability built into the card to assist in POS authorization; and a dynamic PAN and CVV displayed on a screen on the card for use in ecommerce purchases to prevent fraudulent online use.

After the Target breach in 2014, just the first in a string of well publicized intrusions on large retailers’ payment systems, credit unions and banks had to reissue the many debit and credit cards whose numbers were compromised in the breach. The Wall Street Journal reported that the cost of reissuing just from the Target breach was estimated at $200 million. Today, issuers monitor reports for potential fraud, and look at suspicious card activity. If a threshold is met – such as fraud collectively over $15,000 or more than 100 disputes reported in a 15 day period, then the issuer goes into action, preparing marketing material, proactively alerting cardholders, and making several costly decisions – to reissue and how many to reissue, and to block card usage at a particular merchant to prevent further fraud. Now imagine a scenario that would cost hundreds of pennies, not hundreds of millions of dollars – the cost to push out new tokens to mobile devices and smart cards that were potentially breached. The decision tree becomes infinitely simpler – is there a chance of fraud? If yes, reissue new tokens. If no, reissue new tokens anyway. Since data breaches will yield potentially no usable card numbers, fraudsters will not spend energy breaking into payment systems, eliminating that form of fraud.

There are still many other forms of fraud, such as account takeover fraud, and stolen personal identity, which are much harder to prevent and potentially much more devastating at the individual level. But there are technologies to help prevent widespread breaches that have experienced several times these past few years that, once behind us, will allow us to focus greater efforts on other forms of fraud.

Rate this article:
No rating
Lou Grilli

Lou GrilliLou Grilli

Lou is the AVP of Product Development & Thought Leadership at Trellance. In this role, he is responsible for managing the organization’s product portfolio, as well as providing leadership on industry trends related to data analytics and payments.

Other posts by Lou Grilli

Full biography , Contact author

2 comments on article "How Future Technology Can Help Battle Fraud"

BRIAN PETERSON, 6/21/2017 6:52 PM

Lou, your logic to combat security breaches is a little flawed. Tokens are themselves useless to steal because they cannot be used to make a counterfeit card nor make online purchases. Tokens can only be used with the device they are "linked" to. So there is no reason to push new tokens to cardholders.

The actual real card number is what we want to protect from the world. Technically if a cardholder only made token-based purchases, there would no chance of fraud if the tokens were stolen.

The logic that fraudsters have no incentive to break into systems if the payment data is useless is correct. If a stolen database contained only token data, the fraudsters will not yield useable data.

So the future is tokenizing as much as possible. That strategy will significantly reduce fraud.

Thanks for reading.

Lou Grilli, 6/22/2017 4:52 PM


Thank you for taking the time to comment. And I agree completely with your premise that: "... if a cardholder only made token-based purchases, there would no chance of fraud if the tokens were stolen."

As far as my other concepts for combating fraud, such as biometric scanners on cards, and dynamic CVVs, these are just some predictions intended to be thought-provoking, and may indeed be flawed. Only time will tell.

Appreciate your insight - please keep it coming!

Please login or register to post comments.


Featured Stories