In Europe, more than €1.8 billion transactions were fraudulent in 2016. Last year the European privacy authorities received nearly 65,000 data breach notifications since the EU's GDPR law went into full effect. Several security measures have been put in place by governments and card companies but card fraud, stolen cards, and stolen personal information can happen often.
The latest report on card fraud analyses related to card payment schemes (CPSs) in the Single Euro Payments Area (SEPA) was released by the European Central Bank in 2016. This report mentions an alarming figure, the total value of fraudulent transactions conducted using cards issued within SEPA amounted to €1.8 billion in 2016.
Moreover, most of those fraudulent transactions, around 73% of the value were from card-not-present (CNP) payments, payments via the internet, post or telephone, 19% from transactions at point-of-sale (POS) terminals and 8% from transactions at automated teller machines (ATMs).
The same report mentions that UK and France are the countries with higher credit card fraud losses, mainly from CNP fraud on internet purchases, lost and stolen card fraud, and cross-border fraud losses on domestic cards used abroad. The reason why CNP fraud transactions are leading is due to the transition to eCommerce away from brick-and-mortar shopping.
In addition, the goal of GDPR was to convey uniformity to data protection guidelines across EU member states and establish how corporations need to store personal information and the way they have to respond in the occasion of a data breach.
GDPR came into full force and at the end of January 2019 in 28 EU member states. The Netherlands, Germany, and the United Kingdom have the highest number of data breaches notified to supervisory authorities. Although this is only personal data information, it can also be related or used for card frauds.
In order to understand what kind of fraud there are out there, here is a quick list. These categories can be useful when you have to report a card fraud.
The card industry and governments around the world have tried to implement as many regulations to decrease fraud and keep the money of the citizens safe.
Consequently, one of the first things the EU did was EMV implementation, also called chip cards. Together with 3D-Secure, and Strong Customer Authentication (SCA). These enabled to reduce domestic losses from lost and stolen cards in Europe. These measures are regulated in the Payment Services Directive PSD2 that went into effect fully in 2019.
Transactions only in secure internet networks. Please don’t buy your next work trip flight in a network with no password. In these types of networks, unencrypted data can be visible to any computer nearby.
Finally, at Payhawk we understand that security is crucial for our clients. In this regard and to protect all information of our users last year we went through a security compliance certification called PCI DSS. Quoting our CTO Boyko,* this certification was the hardest thing I've ever done*. Maybe also consider issuing virtual cards instead - they tend to be more secure than the physical equivalents.
If you want to know more about this topic don't hesitate but schedule some time with the team here.
Whether you have tens, hundreds, or thousands of employees, we’re making your business spend work for you, giving you control over spending at scale with a single solution. Say goodbye to tedious finance tasks, and schedule a demo with us today.