|
|
 |
 |
|
| Account Compromise in USA | | |
What happened?
Continuing extensive investigations by Visa and the FBI in the US have established that the breach of data security at US-based processor Card Systems Solutions Inc (CSI) involved approximately 40 million cards across all payment brands. Of these, only 205,000 were Visa cards issued by banks in Asia Pacific.
Furthermore, since 92 percent of the 205,000 Asia Pacific accounts potentially at risk involved Internet or mail order transactions, full magnetic stripe data was not compromised. In the case of the remaining 17,943 accounts, a combination of fraud detection systems installed by Visa and its issuers mean that there is no automatic link between accounts at risk and subsequent fraud. The overall risk is therefore limited.
| |
Is my card at risk?
Visa has identified all affected accounts and provided issuing banks in Asia Pacific and the rest of the world with full details of the accounts involved. Banks are taking appropriate action with their individual cardholders.It is the practice of Visa Asia Pacific’s member banks to absorb the cost for any fraudulent transactions made on accounts identified as “at risk”.
| |
What precautions should I take?
Monitor your monthly statements, especially after an overseas trip, and check for smaller transactions, because savvier criminals try ''testing out'' stolen accounts by buying inexpensive items rather than large ones Protect your cards as if they were cash - always keep them in a secure place Only use reputable merchants or vendors Protect your card with Verified by Visa. Added password protection increases the safety of online transactions Report lost and stolen cards immediately Notify your bank immediately if you detect anything unusual
| | | |
How is Visa maintaining trust in the system?
Fraud and the fear of fraud erode trust in the payments system. We know that this is the number one concern of all stakeholders in the system. For that reason, Visa in conjunction with its issuers invests heavily in technology and expertise to combat ever more sophisticated attempts to breach the system. Without in any way being complacent, issuer fraud in the network as a whole is around 7 cents for every US$100 of Card Sales Volume (CSV) and 9 cents for every US$100 Retail Sales Volume (RSV). In Asia Pacific, equivalent figures are 3 cents per US$100 CSV and 4 cents per US$100 RSV - all-time low figures.
Nobody takes security more seriously than Visa. We secure the global payment system by building multiple layers of protection around each component of the transaction chain that include PIN, EMV chip and Verified by Visa for Internet purchases. In rare instances such as this data security breach, criminals may exploit one component of the payment system, but our multiple layers of protection respond quickly and minimize impact to cardholders. Issuers’ fraud detection systems allow them to identify suspicious activity quickly and take appropriate action to prevent fraud from occurring.
Bearing in mind the importance to all users of maintaining trust in the system, Visa’s global policy is to not comment publicly about compromise incidents until it has notified potentially impacted issuers. This practice is in place to ensure that all issuers have sufficient clarity on the details to respond to cardholder and media enquiries in order to avoid creating unnecessary and avoidable alarm to the public.
| |
What can prevent this from happening again?
As EMV chip cards offer the best long-term solution to the problem of counterfeit fraud, in Asia Pacific, Visa is committed to EMV chip migration, with national programs underway in four markets. As of March 2005, Visa has close to 33 million EMV-compliant chip cards and more than 743,000 EMV terminals deployed in the region. In a mature chip world, compromised data would be very hard to use and cardholders would rest assured that they have the best protection against the problem.
In addition, entities that touch cardholder information have a responsibility to protect it. It is clear that merchants and processors must do more. That is one reason Visa was the first to introduce data security requirements for merchants called Account Information Security. In addition, entities that touch cardholder information have a responsibility to protect it. It is clear that merchants and processors must do more. That is one reason Visa was the first to introduce data security requirements for merchants called Verified by Visa for Internet transactions and the holographic magnetic stripe.
| |
|
|
| | |  | | |  | Verified by Visa | | | Protect your Visa card online with a personal password. With Verified by Visa, it's reassuring to know that now you can feel as secure shopping on the Internet as you do shopping at the mall. | |
| | | | Email Fraud | | | Learn how you can stay safe and minimize your exposure to identity theft and phishing scams | |
| | | | |
|
