Criminals target signature-based debit cards for fraud attempts far more than any other payment method, according to new findings from the Federal Reserve Bank of Minneapolis.
The Minneapolis Fed’s survey last summer, which garnered responses from 283 banks and credit unions across the country, found that more than 90% of respondents ranked signature-debit cards among the top three payment types attracting fraud attempts at their institution in 2016, regardless of whether any loss actually occurred. Specifically, 68% of respondents ranked signature debit cards first when asked about fraud attempts. Some 18% ranked the cards second for attempts, and 5% ranked them third.
Checks took second place, with 66% of respondents saying checks were in their top three payment types for fraud attempts. Respective first through third rankings for checks were 14%, 21%, and 31%. PIN-based debit cards came in third with rankings of 11%, 32%, and 19%.
Credit cards placed fourth with a total of 30%, broken down to 4% for the highest number of attempts, 15% second, and 11% third. But the Fed researchers cautioned that since only 43% of the respondents offered credit cards, the results do not imply that those cards experience fewer fraud attempts than other payment types. Among those respondents that offered debit and credit cards, issuers ranked credit cards second behind signature-based debit cards among all payment types for fraud attempts.
Among those institutions that experienced fraud losses in 2016, 96% sustained losses on signature-debit cards, 81% on PIN-debit, 77% on credit cards, and 74% on checks. Far behind were automated clearing house debits at 23%; wire transfers, 13%; ACH credits, 8%, and prepaid cards, 7%.
Asked how losses had changed in 2016 compared to 2015, 63% said losses had increased on signature-debit cards. Fifty-percent of respondents also reported increases in PIN-debit losses. Some 41% of respondents that offered credit cards said losses had increased. And 28% of institutions said check losses grew in 2016.
Regarding fraud mitigation for debit cards, approximately three out of 10 large institutions—those with $1 billion or more in assets—use 3-D Secure or its equivalent for online payments, according to the survey report. “However, none of them rate this method as very effective, and two-thirds of those institutions rated it somewhat ineffective,” the report says.
Around for more than a decade, 3-D Secure is unpopular with U.S. merchants because it can take online shoppers away from their sites for authentication, reducing sales. An updated version, 3-D Secure 2.0, is set for rollout next year, and its proponents hope it will solve many of the problems that led to the technology’s low adoption.
The findings come from the Minneapolis Fed’s “2017 Financial Institution Payments Fraud Mitigation Survey.”