Thursday, June 12, 2008

Retailers stand to lose millions from credit card fraud


A loophole that allows credit card fraudsters to bypass security and make purchases online without raising any alarms in the online purchases security systems was reported by the BBC today. Apparently The Third Man security company noticed the crime being committed completely by chance while they were monitoring sales at an online shop.

Apparently, the loophole can be found in the Address Verification System and is quite simple to carry out:

"When carrying out address checks AVS compares the house number of a customer plus the digits in their post code to those input during a transaction.

For instance, if the Prime Minister bought goods at an online store with a credit card, AVS would use numbers in the address - 10 Downing St, SW1A 2AA - to help verify his identity.

In this case AVS would use 1012 as a shorthand ID check."(BBC)

So technically, all a credit card thief needs to do is find out your address and then an address including those numbers and he can start ordering away from your credit card. Just another reason to cancel cards as soon as you realise you no longer have them on you, and be very careful where you order from.

As liberating as online shopping is for millions of us, we must not pose the new risks that accompany it and neither should the retailers we use. After all, 1 in 10 (Britons) has fallen victim to some sort of online fraud and several tech sites report that over £500 million in fraud was attempted in 2007. If they do not use a safer system, I'm not shopping from them.

If you would like to see what other ways there are to avoid online credit fraud have a look at this article.

No comments:

Post a Comment