Understanding credit card fraud in New Zealand : A dissertation submitted in partial fulfilment of the requirements for the Master of Professional Studies at Lincoln University

Read, Philip M
Abstract
This report presents the reader with an overview of credit cards, what they are, and how they work both locally and internationally. It describes existing security mechanisms, and attempts to scope the extent and nature of existing credit card fraud and of fraudsters. It also attempts to identify any inherent weaknesses in existing security measures that may unwittingly 'enable' fraud to take place and it provides some suggestions about how security might be improved. Credit card fraud in New Zealand is a growing problem. With approximately $17 billion in credit limits and only $5 billion carried as outstanding balances, a total of $12 billion remains available to potential access by fraudsters. Credit card security systems, in particular the way Two-Factor authentication is implemented, appears to be fundamentally flawed for two reasons. Firstly, possession of the physical card, which strictly speaking is a form of 'Identifier' appears also to be accepted within the industry as a first 'Authenticator' ('something you have'). And secondly, the real 'Authenticators' such as the signature, the PIN number, the CVV etc ('the something you know') are static in nature, and in the process of being used are usually brought out into the open at some point where they can be captured and used by a fraudster at a later date. What is required to maintain a robust Two-Factor authentication mechanism, are dynamic second factors, customer intervention, and or multi-channel authentication. This report examines this perceived weakness in the authentication process and highlights the ASB Bank's Netcode security system for Internet banking, as an example of a robust Two-Factor authentication process. This system is not only executed through a second independent communication channel, it also involves the legitimate cardholder, and as such it presents us with an example of a concept that may help improve credit card security and so assist to reduce credit card fraud here in New Zealand.
Keywords
credit card fraud; debit card fraud; fraud detection; fraud prevention; credit card security; two-factor authentication; phishing; skimming; smart cards
Fields of Research
1502 Banking, Finance and Investment; 080303 Computer System Security
Date
2009
Type
Dissertation
Access Rights
Digital thesis can be viewed by current staff and students of Lincoln University only.
Collections
Share this
View/Open
Metadata
 Expand record