HSBC steps up fraud detection

HSBC is hoping to reduce the amount of card fraud

News that HSBC is introducing technology to screen all card transactions for potential fraud has been broadly welcomed by experts as a necessary step in the fight against rising card fraud.

According to reports, the bank is to use technology from business intelligence and analytics firm SAS to determine in real time whether specific customer transactions conform to pre-determined 'normal' usage patterns.

The most recent figures by UK payments association Apacs show that total card fraud losses increased by 14 per cent to £301.7m in the six months to June 2008, compared with the first half of 2007.

The number of skimmed or cloned cards increased by 22 per cent, while online banking fraud rose a massive 185 per cent to £21.4m.

Neill Blundell, head of financial crime at international law firm Eversheds, argued that the increased checks would be irritating for customers but are " essential to bring the problem under control".

"The increasing technology being used by fraudsters includes sophisticated equipment to clone cards at ATM machines," he said. "Such cloning often goes undetected by the card user, and the banks' fraud departments are often the first to report a problem to the legitimate user."

Stuart Okin, former Microsoft chief security adviser and now UK managing director of security consultancy Comsec, said that the technology for fraud checking is still in its infancy, but is a necessary step for financial institutions to reduce the cost of card fraud.

"However, it doesn't matter what technologies you have in place. If you don't have a good investigative and forensics group the best tools won't help," he said.

Okin also warned that monitoring tools for insider fraud are equally, if not more, important than tools that check customer card activity.

Matthew Tyler, director of consultancy Evolution Security Systems, argued that, as fraud detection systems grow in complexity, the likelihood of false positives will increase.

"But in most cases these 'failed' transactions can be handled at the call centre level and will only enhance public perception of the 'security focus' of the banks," he added.

Gavin Bradbury, director of secure certifications company VeriSign, also welcomed the news. "This move reinforces the fact that financial institutions and online businesses should really be taking more action against criminals by putting additional security measures in place, especially as online fraud is rising," he said.

Akif Khan head of client and technical services at payment provider Cybersource, argued that banks always need to ensure they maintain "an acceptable level of service" when screening for potential fraud.

"There isn't a single solution to tackling online fraud; this is something that can only be dealt with in a collaborative effort by retailers, banks and the law enforcement agencies," he added.