Credit card fraud

This article needs additional citations for verification. Please help improve this article by adding citations to reliable sources. Unsourced material may be challenged and removed. Find sources: "Credit card fraud" – news · newspapers · books · scholar · JSTOR (Learn how and when to remove this message)

You must add a |reason= parameter to this Cleanup template – replace it with {{Cleanup|February 2006|reason=<Fill reason here>}}, or remove the Cleanup template.

Credit card fraud is a kind of fraud where a merchant (business, service provider, seller, etc.) is "tricked" into releasing merchandise or rendering services, believing that a credit card account will provide payment for goods/services. The merchant later learns that they will not be paid, or the payment they received will be reclaimed by the card's issuing bank.

Typically, the fraudster causes a credit card of another person to be charged for a purchase. Today, half of all credit card fraud is conducted online, meaning that the fraudsters make online purchases with the credit card details of other people.

This section needs expansion. You can help by adding to it.

When a card holder loses or has their credit card stolen, it is possible for the thief to make unauthorized purchases on that card up until the card is cancelled. Businesses that accept credit cards are required to check the ID of the card holder against the card, but this is rarely what actually happens. A thief can potentially purchase thousands of dollars in merchandise or services before the card holder or the bank realize that the card is in the wrong hands. Self serve payment systems such as gas stations are also highly prone to accepting a stolen credit card, as there is no verification of the card holder's identity.

Using a stolen credit card number, or computer generated card number, a thief will order merchandise from a website and have it shipped to a fake or forwarding address. The thief then takes the merchandise and disappears with it. When the real cardholder realized that they did not make the purchase, they call their credit card issuer and request a chargeback. The merchant then loses the money from the transaction, in addition to the merchandise that they do not recover. This is the most common type of credit card fraud.

Mail non-receipt fraud occurs when a thief intercepts a replacement card sent to the legitimate cardholder and uses it. However, many banks increasingly send out inactive cards that cannot be used until the legitimate account holder confirms his or her identity to the bank using the person's Social Security number, home address, mother's maiden name, the number on the card and where the person got it.

Chargeback fraud occurs when a legitimate cardholder pays for a good or service, but then claims never to have authorized the transaction, or that the good or service was never received. This is also known as first-party fraud.

Skimming is the theft of credit card information by a dishonest employee of a legitimate merchant, manually copying down numbers, or using a magnetic stripe reader on a pocket-sized electronic device. Common scenarios for skimming are restaurants or bars where the skimmer has posession of the victim's credit card out of their immediate view. The skimmer will typically use a small keypad to unobtrusively transcribe the 3 or 4 digit Card Security Code which is not present on the magnetic stripe.

Cards in countries such as the UK are issued featuring a smart chip with public key encryption. The chip cannot be copied, but the card number, expiry date and security code can be, and this set of data is often sufficient to use the the victim's credit card account for fraudulent purposes with so-called "card not present" transactions, i.e. over the telephone or internet.

Carding is a term used by fraudsters for a process they use to verify that sets of stolen credit card data are still valid. The fraudster will present each set of credit card details in turn on a website that has real-time transaction processing, making a purchase for a very small monetary amount so as not to use up the card's credit limit, and so as not to attract the attention of a human reviewer to the transaction.

Often, an online donation site for a charity is used instead of an eCommerce merchant, since there is no need to find an item of a suitable price to put in the virtual shopping cart, nor to supply shipping details. The carder may do this manually with a web browser, or may write automated software to interface to the website's checkout or billing forms.

In the past, carders used to use computer programs called "generators" to produce a sequence of credit card numbers, and then test them to see which were valid accounts. However, this process is no longer viable due to widespread requirement by internet credit card processing systems for additional data such as the billing address, the 3 to 4 digit Card Security Code and/or the card's expiry date. Nowadays, carding is more typically used to verify credit card data obtained directly from the victims by Skimming or Phishing.

A set of credit card details that has been verified in this way is known in fraud circles as a phish (see Phishing). A carder will typically sell data files of phish to other individuals who will carry out the actual fraud. Market price for a phish ranges from US$1.00 to US$50.00 depending on the type of card, freshness of the data and financial

The examples and perspective in this article may not represent a worldwide view of the subject. You may improve this article, discuss the issue on the talk page, or create a new article, as appropriate. (Learn how and when to remove this message)

U.S. Federal Law can hold the cardholder victim responsible for up to $50, but the merchant victim is held responsible for 100% plus research and investigation fees levied by the banks. Merchants risk losing their merchandise or services, as well as the research and investigation fees charged by the banks. Merchants in high-risk industries, like unattended automated fuel pumps or Internet sales, anticipate a certain amount of credit card fraud, and set prices accordingly. These higher costs are then passed onto the customer.

In 2003 the Wall Street Journal estimated that the credit card industry generated $500,000,000 in annual revenue in research and investigation fees paid by consumers and businesses. This additional revenue offsets some of the costs incurred by credit card issuing and processing companies' when investigating chargeback claims. Some merchants believe the high revenue generation by the banks from the crime victims, reduce the incentive for the credit card banks to implement procedures to reduce credit card crime. However, the companies which collect these fees are not capable of dictating fraud prevention policies to the rest of the world. Payment transfer associations, like Visa and Mastercard, receive profit from transaction fees calculated as a percentage of the amount of money they transfer. These associations are motivated to enact policies which increase the amount of money transferred by their systems. Credit card fraud has a chilling effect on merchant acceptance of credit cards, motivating merchants to not accept credit card payments to mitigate their risk of loss. These payment transfer associations are therefore motivated to enact policies and enforce regulations which reduce credit card fraud.

Merchants have begun to request changes in State and Federal Laws to protect consumers and merchants from fraud, but the credit card industry has opposed many of the requested laws.

Because all card-accepting merchants and card-carrying customers are bound by contract law, according to the agreements they sign with their processing / issuing banks, respectively, State and Federal law has a smaller role in preventing merchants from being tricked. Payment transfer associations enact regulatory changes, and issuing / acquiring banks, merchants, and cardholders are contractually bound to these new regulations.

Persons that commit credit card crime largely go unpunished and repeatedly victimize consumers and businesses. The Secret Service handles crimes involving the US money supply, they have a limit of $2,000 before investigating each crime. Most credit card criminals know this and keep purchases from any one business below $2,000. With credit card crime occurring across state lines, criminals often are never prosecuted because the dollar amounts are too low for local law enforcement to pay for extradition.

If you lose or have your credit card stolen, you should immediately report it to your card issuer. Once you report the incident, you are no longer responsible for unauthorized charges made on your card.

Credit card fraud can be reported to the FTC and to local and regional authorities. It is the standing policy of the FTC not to investigate reports where the value of fraud does not exceed $2000. Local law enforcement may or may not further investigate a credit card fraud, depending on the amount, type of fraud, and where the fraud originated from.

• Internet fraud
• Phishing
• Carder
• Predictive analytics
• Chargeback insurance
• Friendly Fraud

• Fraud Reporting
  • FTC Consumer Complaint Form

• General Fraud Information
  • Consumer Sentinel Fraud tips, reporting, trends and other general information.
  • Description of ATM cameras and phantom withdrawals
  • International Association of Financial Crimes Investigators (IAFCI)
  • What does a fraudulent transaction look like? from merchantaccountblog.com