This page contains a Flash digital edition of a book.
Your say
Best letter of the month
Stopping Online Fraud themselves. But changing consumer purchase. When a customer makes an
I was interested in the recent figures behaviour by asking them, for online payment, an automated call is
from the Association of Payment example, to only shop on secure sites made to the customer’s nominated
Clearing Services (APACS) showing when these are not even clearly phone. The call will authenticate
that some £290.5m of ‘card not marked or go through their bank that the person making the purchase
present fraud’ is taking place on the statements with a fine toothcomb is the card-holder and you can
internet. APACS says this equates to after fraud has potentially occurred, validate the transaction live. Only
a shocking 25% rise in the won’t go far in solving the growing then can the purchase go through.
fraudulent use of UK credit and problem of online fraud. This cost-effective approach is one
debit cards in 2007. In my view, the only way of that retailers and banks should be
I am not the only one to perceive stopping this type of fraud is to looking to adopt while the
how little is being done to fight prevent a fraudulent transaction government leaves the growing
cyber-crime and how consumers end from being processed at the time of issue of rising levels of online fraud
up paying the price. What is order. Interactive voice technology on the back burner.
surprising is that it is the potential can help with this by calling a
victims of fraud that are being consumer at the time of order to Guy Cooper
advised to take steps to protect confirm that it is them making the CEO, Qire
Outsourcing PCI compliance parties Payment Service Providers volumes, knowledge of PCI
is more cost effective (PSP), merchants can not only be compliance and internal security
You may have read in media the compliant in one fell swoop but also protocols. This is excluding the
unfortunate news of Cotton Traders not need to hold information or regulation 6.6 which was activated
suffering an attack by hackers on its data for a hacker to get into. in July.
website and the loss of customer Outsourcing is an alternative and Given the challenging
credit card details. This situation one that retailers large and small requirements and potential liability,
does not only effect their customers should consider if only to stay on the more and more online retailers
,but it also affects the confidence of right side of the law. Why have the choose to outsource their payment
the industry. Yet again, it highlights added headaches of being processing to a PSP or payment
the issue of whether merchants compliant, when there are third gateway. PSPs who operate
should process their online payments party companies that can manage it merchant’s online check-out pages,
in-house or to outsource them. for you? act as a payment gateway handling
For a company the holding of There are strict penalties and PCI compliance requirements at their
customer transactional data is a consequences if a merchant does not end regardless of size. Therefore for
complex and expensive proposition. comply with PCI DSS, or fraudulently consumers, the presence of a PSP on
Not only do they have to be hack- self certificates and is then the merchant site should indicate a
proof, they need to meet strict data subsequently hacked. For example in safer shop, knowing that there is a
privacy and PCI DSS compliance 2006,Visa began fining repeat much higher probability that the
requirements. These are huge, huge offenders $5,000 to $25,000 per transaction security is subject to
undertakings and is the same for any month for failing to comply. regular card scheme audits.
size of company –- the standards are It’s difficult to estimate what it
identical. If you are an SME, the cost costs online retailers to become PCI Dan Starr
of in-house compliance could be compliant in-house. Many factors Executive Vice President Merchant
prohibitive. But by outsourcing the influence this expense, including Services Division
payment process to specialised third current security systems, processing NETELLER PLC
It’s good to talk like to share information with the collect the intelligence from all our
On the 14th August 2008, the 3rd police, but there has always been a retailers and pass this information to
Man hosted it first annual CNP fraud lack of resource to support this. the police where appropriate.
conference. The attendance proved One of the user group attendees The next CNP User Group Event
to me that this kind of event is long commented on their success with will be hosted at Foxhills Golf Centre
overdue in our industry as it the police “The challenge is using in Surrey again next August. The
attracted 100 guests including and packaging the information date will be confirmed shortly. If
police, retailers, banks and gaming needed to convict the criminals. If you are interested in registering
companies to discuss an agenda that Retailers provided the police with your attendance for this event or
included data validation and sharing pre-packaged information, they would like further information on
LETTERS
initiatives, the role of the police in would be able to use this and act the 3rd Man’s services, please email
preventing CNP fraud and returns accordingly”. usergroup@the3rdman.co.uk or call
fraud. We have developed an extensive 01276 856444.
The main issue that came out of network of police contacts over the Paul Simms
this event was that retailers would years and developed a facility to CEO, The 3rd Man
ISSUE 2 SEPTEMBER 2008 • 35
Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44
Produced with Yudu - www.yudu.com. Publish online for free with YUDU Freedom - www.yudufreedom.com.