06 August 2007

Rating Credit Safety


Javelin Announces Security Elements of Dream Credit Card to Fight Fraud; Scorecard Ranks Best Card Issuers in Consumer Fraud Protection

[August 01, 2007]

Javelin Announces Security Elements of Dream Credit Card to Fight Fraud; Scorecard Ranks Best Card Issuers in Consumer Fraud Protection

SAN FRANCISCO --(Business Wire)-- Today Javelin Strategy & Research announced the security features of a dream credit card that put consumers in the driver's seat when it comes to protecting them from identity fraud and knowing exactly what's happening with their accounts. Javelin also announced the top credit card issuers that provide the best features that prevent, detect and resolve identity fraud. The findings are detailed in Javelin's comprehensive research study, "2007 Card Issuers' Identity Safety Scorecard."

"Card issuers have a golden opportunity to increase loyalty and retention, and strengthen relationships and their brand reputation, by giving consumers simple identity fraud prevention tools they like to use," said James Van Dyke, President of Javelin Strategy & Research. "Identity fraud is a major pain point for consumers and can damage the relationship between the consumer and the card issuer."

Why it's important to address identity fraud today

Last year, 8.4 million Americans became victims of identity fraud, with total fraud amounting to $50 billion. The average victim paid $587 out-of-pocket for fraud on an existing account. If the thief opened a new account in the victim's name, the average victim paid $792. On average, victims spent 25 hours resolving their fraud case(1).

Security elements of a dream credit card for protection against identity fraud

Javelin's research has determined the optimal combination of available, effective tools and policies that best protect consumers. Below are the ideal security elements of a dream credit card and research findings in support of them:

For Fraud Prevention

-- Provides customers the ability to restrict or allow certain types of transactions (e.g. cash advances, foreign transactions, card-not-present transactions).

-- Uses identifiers other than social security numbers for identity verification.

-- Truncates all customer-sensitive data while interacting with customers.

-- Encourages customers to protect their home computers with anti-virus software by partnering with security software vendors (e.g. Bank of America's partnership with Symantec).

-- Offers photo of account holder on card.

For Fraud Detection

-- Provides mobile device or email alerts of high-risk changes to accounts (e.g. replacement card sent out, PIN or password reset, change of physical address or email address), initiation of higher-risk transactions (e.g. card not present, foreign transactions, activity on dormant account), and status of accounts (payment past due). Over two-thirds of account takeover cases are due to a fraudulent change of address. Alerts for changes to personal information are one of the top desired alerts by consumers.

-- Notifies customers of new account set-ups. New accounts fraud is traditionally the most difficult for consumers to detect. Credit cards continue to be the most abused category of fraudulent new accounts.

-- Facilitates consumer ordering of credit reports and credit monitoring services. New fraudulent accounts can be virtually invisible to a consumer without a credit monitoring service.

For Fraud Resolution

-- Institutes a comprehensive, up-to-date data breach resolution plan.

-- Provides an identity fraud assistance team to help customers affected by fraud.

-- Offers zero liability for fraud.

-- Offers next-day card replacement in addition to 24/7 account suspension capabilities.

-- Offers free identity fraud insurance.

The results of Javelin's Card Issuer Scorecard Study:

Overall: Safest card issuers

1. Bank of America (Visa Platinum)

2. American Express (Blue from American Express)

3. (2-way tie) Discover (Discover Platinum), First National Bank Omaha (Platinum Edition Visa)

4. Citibank (Citi Platinum Select)

5. Navy Federal Credit Union (Platinum MasterCard)

Fraud Prevention: Top card issuers

1. Citibank (Citi Platinum Select)

2. (3-way tie) Bank of America (Visa Platinum), First National Bank Omaha (Platinum Edition Visa), Navy Federal Credit Union (Platinum MasterCard)

3. Discover (Discover Platinum)

4. JPMorgan Chase (Chase Platinum Visa)

5. Nordstrom (Platinum Visa)

Fraud Detection: Top card issuers

1. American Express (Blue from American Express)

2. U.S. Bank (U.S. Bank Visa Platinum

3. Bank of America (Visa Platinum)

4. Discover (Discover Platinum)

5. (3-way tie) Capital One (Capital One Platinum MasterCard), First National Bank Omaha (Platinum Edition Visa), Wachovia (Wachovia Visa)

Fraud Resolution: Top card issuers

1. (12-way tie) American Express, Bank of America, Capital One, Citibank, FNB Omaha, HSBC, National City, Navy FCU, RBS National, State Farm Bank, Target, Wachovia

2. (8-way tie) BB&T, Commerce Bank, Discover, Nordstrom, Sun Trust, U.S. Bank, WaMu, Wells Fargo

3. (3-way tie) Fifth Third, GE, USAA

4. Advanta

5. JPMorgan Chase

Key findings from the report

-- Many issuers are not providing consumers with the ability to specify limits or prohibitions on particular types of account activity. Only 24% of card issuers provide user-defined limits and/or prohibitions (UDLAPs) on cash advances.

-- More than half (56%) of top card issuers still require full nine-digit Social Security numbers when interacting with customers, whether by phone, Internet or mail. This is a risky practice that unnecessarily increases the customer's exposure to identity fraud.

-- The number of issuers offering transaction alerts for transactions such as payment past due, new account set up, foreign transactions and replacement cards is a missed opportunity for issuers.

-- The lack of alerts for changes to personal information makes issuers especially vulnerable to new accounts fraud and account takeover. Only 16% of card issuers provide an alert for physical address change.

-- 84% of issuers report having a data breach resolution plan in place, given the ever-increasing awareness of incidents such as the TJX breach. Considering the tremendous risk to brand posed by a security breach, it is imperative that any issuer appropriately handle customer notification and assessment in the event that a breach occurs.

Where the industry can improve -- stronger fraud prevention and detection

To date, issuers have provided consumer security guidelines, multi-factor log-in authentication and online purchase authentication. However, this does not go far enough. Issuers have an opportunity to do better in prevention and detection.

Issuers can strengthen their brands and increase customer loyalty by placing some of the responsibility into the hands of their customers, specifically, by implementing UDLAPs on specified activities and dynamic, two-way alerts for suspicious transactions. Customers must also be given greater authority over their user profiles and have the ability to receive alerts for any high-risk changes to their records or any activity that they have defined as abnormal.

Javelin's research found that customers know their own spending habits best and can set the appropriate levels of security when armed with the ability to impose restrictions on their own accounts. "Consumers play an essential role in security, detecting nearly half of all identity fraud cases," said Rachel Kim, Javelin Risk & Fraud Analyst. "Consumers want to be involved in protecting their accounts, with 60% viewing this as a duty they share with their financial institution."

What consumers need to know

Because fraud can be committed through so many methods, consumers are advised to utilize a variety of the most effective measures to protect themselves. Note to editors: Javelin has prepared a document entitled "How Consumers Can Protect Themselves from Identity Fraud," which includes ways to avoid becoming a victim, ways to detect fraud, stop criminals and lower your liability, and ways to resolve identity fraud. It is available upon request or here.

The most comprehensive research on consumer-facing identity fraud features

Javelin conducted the most rigorous and comprehensive research on consumer-facing identity fraud detection, prevention and resolution features to date. Javelin ranked the nation's top 25 credit card issuers on the services and measures they have implemented in partnership with consumers to protect against identity fraud. It analyzed data supplied by the issuers' customer service representatives (CSRs) and consulted information available on card issuers' Web sites. Javelin researchers validated the process with firsthand reviews of actual features in selected cases.

The research employed a multi-disciplinary approach: statistical analysis, mystery shopping with senior level customer service representatives, and monitoring and review of features and policies on card issuer Web sites. The prevention and detection categories were weighted more heavily than resolution due to the greater potential benefits and cost savings.

For More Information

Additional information and a copy of the complete July 2007 Card Issuers' Identity Safety Scorecard, as well as other Javelin reports, are available at www.javelinstrategy.com/research or by calling (925) 225-9100 x26.

About Javelin Strategy & Research

Javelin is the leading provider of independent, industry-specific, quantitative research and strategic direction for payments and financial services initiatives. www.javelinstrategy.com.

(1) Javelin Strategy & Research, 2007 Identity Fraud Survey Report, February 2007.




It is nice to see a demonstration showing how easy it would be to knock out a substantial amount of account application identity theft. The reality is, (as was discussed in the posts Suing the Creditor For Liability and Identity Theft Protection For Healthcare Companies) the suggestions coming from Javelin may not protect a consumer from becoming a victim of Synthetic Identity Theft. The best protection for consumers would be not providing credit reports to creditors solely based upon a social security number. Like a consumer wishing to order their own report, the creditor should be required to submit a full set of PII and answer a consumer generated security question. The answer to the security question would be provided during the application process. The security question and answer would be on file with the credit bureau.

Secondly, the creditor should be required to run a skip trace and verify the identity of the consumer. If the identity does not match exactly, the creditor could either deny the application or request evidential documentation to verify the consumer's PII.

Third, making the creditor pay for any remediation services needed by a victim as a result of the credit issuers actions would serve as a direct incentive for the credit issuer to utilize every reasonable measure to prevent a fraudulent application from being approved.

Identity theft will continue to be a factor in the P/L of credit issuers for many years to come. However, reducing the impact and the number of victims is an achievable and realistic goal.

Stumble Upon Toolbar

0 comments:

What Words Offend Arabs? The Truth.

Children's Poetry Booklet Recalled After Arabs Complain
(Israeli censorship kowtows to Arabs.
When Will We Tell The Truth Without Fear)

(IsraelNN.com 7 Sivan 5768/June 10, '08) Ynet's web site and Arab complaints against a ten-year-old boy's poem about terrorists has resulted in the recall of all of the Nes Ziona municipality's children's poetry booklets.

Ynet boasts that its coverage of the poem resulted in its being recalled.

The text of the poem (Ynet's translation):

Ahmed's bunker has surprises galore: Grenades, rifles are hung on the wall. Ahmed is planning another bombing!What a bunker Ahmed has, who causes daily harm.Ahmed knows how to make a bomb. Ahmed is Ahmed, that's who he is, so don't forget to be careful of him.We get blasted while they have a blast!Ahmed and his friends could be wealthy and sunny, if only they wouldn't buy rockets with all their money.

Poetry competition director Marika Berkowitz, who published the booklet, was surprised at the protests and told Ynet: "This is the boy's creation and this is what he wanted to express. Of course there should be a limit, but I think the there is no racism here. 'Ahmed' is a general term for the enemy. These are the murmurings of an innocent child."

The Education Ministry told Ynet: "The local authority that published the booklet should have guided the students in a more correct manner through the schools. The district will investigate the issue with the local authorities."
4Torah.com
4Torah.com Search from Pre-Approved Torah sites only
Photobucket
Custom Search

Twitter Updates

    follow me on Twitter