ACI Worldwide, a Florida-based payment system firm, has released a study which revealed that more than one third of Singaporeans have faced card fraud since 2014.
The statistic demonstrates the seriousness of the underlying vulnerabilities discovered in the security systems of credit card operators and credit card networks.
Technically, when a credit card purchase is made either online or at a physical location, the private key of the credit card is retrieved by the processing party. That means, the business or person receiving the credit card payment holds the responsibility of storing the unique key of credit cards that are utilized to settle transactions.
The same concept can be observed on online platforms, which automatically charge credit card subscription or renewal fees at an interval, typically by a certain number of months.
ACI Worldwide research team states that the increasing card fraud cases in regions like Singapore can be observed as a direct result of customer’s’ misuse and carelessness when initiating in credit card transactions.
“[In Asia} there is a clear correlation between risky behaviour and fraud incidents,” said ACI senior fraud consultant Giselle Lindley. Lindley noted that credit card fraud cases in Asia are typically associated with customer’s “risky behaviour.”
However, in 2014, four major banks including Citibank, DBS, UOB and OCBC were hit by card fraud. Many credit card users and customers were charged with small transactions that were supposedly settled by a Taiwanese merchant.
As expected, Citibank Singapore responded in 2014 with an anticipated statement which read, “There was no breach of any systems within Citibank.”
While customer’s misuse of credit cards could be considered as a major factor when evaluating various credit card fraud cases, the more serious issue lies within bank’s centralized records of customer data and online platforms’ ability to retrieve private keys and information of credit card users.