Credit card flaws fuel online fraud bonanza

Today's credit cards are vulnerable to online fraud because of fundamental design flaws, industry experts warned today.

According to Forrester Research, the provision of all security and other functionality on a single physical card makes it intrinsically unsafe.

Ivan Remsik, senior analyst for financial services at Forrester, warned that, as long as multiple technologies use or reside on the same physical plastic entity, fraud is set to rise.

"The criminals will always look for the weakest combination. For instance, they would copy data from the magnetic strip on a chip card and acquire the cardholder's Pin through a fake terminal," he said.

"It is then child's play to encode this data on a plastic hotel room key and use it to withdraw money from a cash machine."

The analyst firm also warned that card fraud is increasingly moving online. Remsik argued that "something clearly needs to be done" to reduce the ease with which card-not-present fraud can be perpetrated, in particular online.

But he added that the current fraud prevention mechanisms on offer from Visa and Mastercard have their own problems.

Forrester indicated that various types of online scam targeting the consumer are on the increase, both technical, such as Trojans, and non-technical, such as phishing.

The analyst firm believes that fighting this threat effectively must combine technical and non-technical responses from financial services institutions, and potentially others such as ISPs.

Forrester's warning comes after the Association for Payment Clearing Services released figures this week indicating that UK card fraud increased by 20 per cent in 2004 compared to the previous year.

According to APACS, losses are reported to total £504.8m. The rise is attributed to fraudsters increasing their activity before the security benefits of chip and Pin are fully realised, in addition to targeting other areas such as card-not-present and identity fraud.