Before the debacle of sub-prime mortgages...before the creation of CDO's and CDS'...before the near collapse of the banking system...before George Bush entered the White House...and after God created the Earth in seven days...credit card theft reigned supreme.
Today, the Wall Street Journal reported that Target customers, who accepted the enticing offer of a free Target credit card, are in default to the tune of over $300M. CitiBank, which announced the elimination of 20% of its workforce yesterday, American Express and other major banks are also losing billions in their credit card operations. And the good news keeps dribbling in.
Just to add to your list of worries, however, the Department of Justice recently announced a masssive credit/debit card theft, CBS News reported a case where 11 people stole information off 40 million credit cards wirelessly by driving past retail outlets, then transmitting the stolen data overseas. And CrediMom, a blogger, wrote a post describing how credit card thieves clone and skim your private information off the metallic strips on the back of your cards.
Let me tell you a personal eCommerce story that should keep you awake at nights...a secret that few people know about credit card transaction processing in the U.S.
I spent three hours on the telephone today speaking with my former merchant account company (merchant account companies work in tandem with Authorize.Net and banks to approve credit card transactions). I also chatted with a police officer in West Virginia about a $2,500 loss I recently experienced in my business due to credit card fraud.
What I discovered is startling. Do you know that if someone has your credit card number, the three or four digit CVS security code printed on the front or back of your card, your zip code and numeric street address, a credit card transaction can be approved?
If it's an online transaction, the thieves don't even need your NAME. That's right. If the card is valid and the charge is within the credit limit, an online purchase can be approved even if the purchaser writes "Donald Duck" in the bill-to area of the shopping cart screen.
No one at my merchant account company, Authorize.net, a "gateway" company that coordinates CC transactions and the bank that processes approvals could tell me why credit card holder NAMES are not part of the authorization requirements. The answer from everyone with whom I spoke: "That's just the way it is."
Fraudulent credit card transactions--now estimated in the billions each year--are either charged back to online merchants, who have insuffiicent proof-of-delivery, or written off by the issuing bank. The owner of the credit card disputes the charge and that's it.
Now you know why credit card companies charge outrageous interest rates. Someone has to pay for credit card fraud and, guess what, it's you and me.
So, while Americans worry about losing their jobs, homes, 401k's and next year's vacations, don't forget about the plastic. Remember, the thieves are out there--and many have gone high tech.
Comments