Strategy & Research has outlined what it describes as the
security features of a ‘dream credit card’ – a tall order indeed,
and one that few US issuers are coming anywhere near approaching.
Charles Davis reports.
An ideal credit card would put the cardholder firmly in control of
the security protections available to them and would feature
anonymous identifiers, truncated data and a host of other means to
provide protection against a number of data crimes, Javelin
Strategy & Research said in a recent study. The key is
empowering the consumer to take affirmative steps to heighten card
security, and Javelin’s dream card would make that as easy as
logging on and making a few changes to the way cardholder
information is stored and retrieved, and in encouraging the
cardholder to frequently access account information and monitor
traffic on the card.
Go deeper with GlobalData
Javelin also identified the top credit card issuers that provide
the best features that prevent, detect and resolve identity
fraud.
The study underscored the need by noting that 8.4 million Americans
had been identity fraud victims in 2006 at a cost to them of $50
billion. The average victim paid $587 out-of-pocket for fraud on an
existing account. If the thief opened a new account in the victim’s
name, the average victim paid $792. On average, victims spent 25
hours resolving their fraud case.
Built-in security features
Based on its research, Javelin determined the elements of what it
calls ‘a dream credit card’, which provides the optimal combination
of security tools and policies that best protect consumers.
How well do you really know your competitors?
Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.
Thank you!
Your download email will arrive shortly
Not ready to buy yet? Download a free sample
We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form
By GlobalData“Card issuers have a golden opportunity to increase loyalty and
retention, and strengthen relationships and their brand reputation,
by giving consumers simple identity fraud prevention tools they
like to use,” said James Van Dyke, president of Javelin Strategy
& Research, in a release. “Identity fraud is a major pain point
for consumers and can damage the relationship between the consumer
and the card issuer.”
Such a dream credit card would include the ability to restrict or
allow certain types of transactions such as cash advances, would
offer photos of account holders on the card, and would use
identifiers other than social security numbers for identity
verification. All customer-sensitive data would be truncated while
interacting with customers, and the card would come with antivirus
software, provided by the issuer through partnerships with security
software vendors, such as Bank of America’s partnership with
Symantec.
Many US issuers provide one or more of these security tools, but
the report recommends all as the best way to fight security issues
collaboratively with cardholders.
Fraud prevention and resolution
On the fraud side, Javelin’s dream card would provide mobile device
or e-mail alerts for high-risk changes to accounts, including
replacement cards sent out, PIN or password reset, and change of
physical address or e-mail address. Alerts should also accompany
the initiation of higher-risk transactions, such as
card-not-present or activity on dormant accounts and account
payment status.
“Over two-thirds of account takeover cases are due to a fraudulent
change of address,” the study notes. “Alerts for changes to
personal information are one of the top desired services by
consumers.”
Card issuers should also notify customers of new account setups,
because new account fraud is traditionally the most difficult for
consumers to detect. The study concluded that providing alerts for
payments past due, new account setup and foreign and replacement
card transactions appear to be a missed opportunity for
issuers.
In the event of fraud, Javelin’s dream card would include a
comprehensive, up-to-date data breach resolution plan and provide
an identity fraud assistance team to help customers affected by
fraud. It would offer zero liability for fraud, free identity theft
insurance, next-day card replacement and 24/7 account suspension
capabilities.
As for how the individual issuers currently fare, Bank of America’s
Visa Platinum card is the best of the best when it comes to
offering features that allow consumers to help make their credit
cards secure, the report said. Its platinum card was followed by
American Express Blue, Discover Platinum (which tied with First
National Bank of Omaha’s Platinum Edition Visa), Citibank’s
Platinum Select and Navy Federal Credit Union’s Platinum
MasterCard.
The study also rated the card issuers in several discrete
categories. Citibank topped the list with its Citi Platinum Select
for fraud prevention features, while American Express Blue led in
fraud detection. A dozen US issuers took leading honours in the
fraud resolution category, including five of the top six overall
plus Capital One, HSBC, National City, RBS National, State Farm
Bank, Target and Wachovia.
Overall, the study found that issuers are doing a much better job
with fraud resolution than with fraud detection – not surprising,
given the public relations damage risked by appearing
non-responsive in the wake of a fraud incident.
Involving the customer
The Javelin study noted that, while 84 percent of issuers reported
having a data breach resolution plan in place, there is still
plenty or room for improvement. Only 24 percent of card issuers
provide user-defined limits and/or prohibitions on cash advances
and, more ominously, more than half (56 percent) of top card
issuers still require full nine-digit social security numbers from
customers in mail, telephone and e-mail communications.
The study found that, to date, issuers have provided consumer
security guidelines, multi-factor log-in authentication and online
purchase authentication. However, this does not go far enough.
Issuers have an opportunity to do better in prevention and
detection by placing more of the responsibility into the hands of
their customers, specifically by implementing dynamic, two-way
alerts for suspicious transactions. Customers must also be given
greater authority over their user profiles and have the ability to
receive alerts for any high-risk changes to their records or any
activity that they have defined as abnormal.
“Consumers play an essential role in security, detecting nearly
half of all identity fraud cases,” said Rachel Kim, a risk and
fraud analyst at Javelin. “Consumers want to be involved in
protecting their accounts, with 60 percent viewing this as a duty
they share with their financial institution.”
