EMV: Risk of Customer Confusion

Consumers Ill-Informed About Payments Fraud, Security
EMV: Risk of Customer Confusion

Consumers have been poorly educated about payments fraud prevention, and the introduction of EMV, the Europay, MasterCard, Visa standard, to the U.S. will likely spur more confusion, says Aite analyst Shirley Inscoe.

See Also: Check Kiting In The Digital Age

Inscoe, the author of a new report, "Global Fraud and Clueless Consumers", says most U.S. consumers don't understand or appreciate the security variances that exist among differing card-payments types.

"I don't think that consumers even understand the difference between debit and credit cards," Inscoe says during an interview with Information Security Media Group [transcript below].

"We saw a high rate of people here in the U.S. who indicate that they use a PIN when they use their credit card at point-of-sale," she says. "If you're in the United States, the payment network won't even accept a PIN with a credit card at point-of-sale, and yet over a third of people thought they were doing that."

Inscoe says Americans don't really know what EMV is, despite the face that this advanced card technology has been used in other global markets for nearly a decade.

"I have credit cards with more than one financial institution," she says. "I've heard nothing about EMV. I've had no educational information provided to me. Only because of my work in the industry am I familiar and knowledgeable about EMV."

But U.S. consumers are becoming more concerned about fraud, and U.S. banking institutions will have to step up their educational efforts to maintain consumer confidence, Inscoe says. "Identity theft is their No. 1 concern," she says. "But they don't understand the payment systems and they don't know how to protect themselves."

During this interview, Inscoe discusses:

  • Risky user behaviors that contribute to fraud;
  • The mobile wallet threats facing various global markets; and
  • How U.S. migration to EMV will likely spur more consumer confusion about debit and credit payments.

At the consultancy Aite, Inscoe specializes in financial services fraud trends and banking technology. She is the former director of payments strategy and strategic support manager of enterprise loss management for Wachovia Bank and previously served as corporate compliance manager for First Union Corp. She also is the co-author of "Insidious: How Trusted Employees Steal Millions - and Why It's So Hard for Banks to Stop Them."

Unsafe Consumer Practices

TRACY KITTEN: What can you tell us about the unsafe consumer practices unveiled in your research?

SHIRLEY INSCOE: This study shows that some risky behaviors do lead to higher rates of fraud. For example, in many of the countries that were included in the survey, including the United States, consumers who admitted to certain risky behaviors - such as using public computers or computers without security software to shop online or to do online banking, those who wrote their PIN down and carried with their card, or those who responded to e-mails or calls about their bank accounts - experience fraud at statistically significantly higher rates than consumers who did not exhibit those behaviors.

KITTEN: Are there certain consumer behaviors noted in this second part of the survey reporting that stand out relative to what was revealed in the first report?

INSCOE: Yes. In the first report, we noted that certain behaviors of those I just mentioned were prevalent among consumers in some countries. In the second report, we actually correlated the rates of fraud reported by the participants in the survey and compared that to those who said that they exhibited this good behavior. Like I said, it did show a statistically significant higher rate of fraud in many countries among those exhibiting risky behaviors.

Variations on a Global Scale

KITTEN: This was a global survey. Were there variations in consumer behaviors based on the different global markets that you could speak to?

INSCOE: There definitely are differences in behavior. In some countries, consumers are far less likely, or they're far more concerned I'll say, to use a card to shop online or to travel internationally and use a card. In some countries, it's very prevalent for people to only use cash or traveler's checks when they're traveling internationally. For example, 28 percent of those in the United Arab Emirates, 21 percent in China and 19 percent in the UK, say they don't use cards when they travel internationally, compared to only 8 percent in the United States.

KITTEN: What varying payment methods are noted in the report?

INSCOE: Primarily, the report focuses on card behavior as well as adoption of mobile wallets and tablets, online banking and consumers' concerns about things along those lines - shopping online, traveling internationally, but a lot of it is card and mobile.

Mobile Wallet

KITTEN: Are consumers actually reporting fraud by mobile wallet transactions, or did the survey results merely reflect that they have concerns about fraud?

INSCOE: Actually, we're not seeing a lot of fraud in the mobile wallet space yet. What we saw that was so interesting is that in countries that don't have as highly developed financial systems as the United States, mobile wallet adoption has really grown tremendously. For example, in China, 47 percent of those who were surveyed have a mobile wallet; in India, that's 34 percent; and in the UAE, it's 26 percent. Here in the U.S., only 7 percent of respondents said they have a mobile wallet. As we see, mobile wallet behavior and adoption increase, that's when I believe we'll start to see the fraud begin to really pick up.


KITTEN: What about other forms of fraud, such as fraud that impacts e-commerce transactions and card fraud generally? What stood out there?

INSCOE: One thing that stood out dramatically is the very high rate of consumers who report that they worry a lot more about fraud when they shop online, and there's a segment of the population that just will not shop online still due to their concern about fraud. Obviously, if card issuers can figure out [how] to make consumers more comfortable using their cards online, using their cards when they travel internationally, etc., then their revenues could very well go up significantly.

Retail Fraud Concerns

KITTEN: What about point-of-sale and retail fraud concerns?

INSCOE: Consumers indicate they worry far more when they're shopping online with the card than when they're at point-of-sale, and that's really interesting in light of all the data breaches that we've seen. But consumers really worry when they're using that card and entering it online.

Confusion Surrounding Payments Systems

KITTEN: Do consumers understand from where fraud is occurring or how vulnerable they are when it comes to certain types of card transactions?

INSCOE: We're assuming that people globally are more and more concerned about fraud. It's in the news. They're hearing more about it and they're very concerned. Identity theft is their number-one concern about payment fraud. But what this report really showed is that consumers are confused. They don't understand payment systems. They don't understand fraud and they don't understand how to protect themselves against fraud. Financial institutions are either not educating consumers or they're not doing so in an effective manner that's understood and the information has been retained by consumers. They end up being very confused and very concerned.

Anecdotally, I was in a doctor's office last month and when I went to check out there was an older gentleman in line ahead of me, and I heard him say to the accountants, "Do I have to give you a debit card or do you want a credit card? How can I pay for this?" He literally was asking her how he could pay and what he should give her. I think that his confusion is widespread. People don't understand when they can use a PIN, when they can't use a PIN, and with EMV coming into the United States very shortly, I believe that it's just going to cause the confusion to multiply. One thing that we know historically is that when people are confused, that's when fraudsters strike. They take advantage of that vulnerability and that confusion to create more fraud. That's something that I think financial institutions need to really think about.


KITTEN: Do consumers really understand what EMV is?

INSCOE: I don't think that consumers even understand the difference between debit and credit cards. As an example of that, we saw a high rate of people here in the U.S. who indicate that they use a PIN when they use their credit card at point-of-sale. If you're in the United States, the payment network won't even accept a PIN with a credit card at point-of-sale, and yet over a third of people thought they were doing that. People are very, very confused.

KITTEN: Is that confusion just in markets where EMV doesn't currently exist?

INSCOE: That confusion was expressed somewhat globally, and I believe that part of that confusion has probably resulted with the EMV rollout where people have debit cards and credit cards. Different countries have implemented EMV in different ways, and so when people are using these different cards, they may be traveling internationally, and the rules change from country to country what's required at point-of-sale. I believe it has just created a lot of consumer confusion locally.

KITTEN: What about here in the United States, where EMV is not the standard card technology?

INSCOE: I suspect that many people here in the U.S. don't even know what EMV is. I know personally I have credit cards with more than one financial institution. I've heard nothing about EMV. I've had no educational information provided to me. Only because of my work in the industry am I familiar and knowledgeable about EMV. I think if you ask the general customer of a financial institution or a card issuer, I don't think they really know much about it at all at this point.

Identity Theft

KITTEN: How concerned are consumers about ID theft?

INSCOE: Yes. As I mentioned, consumers' number-one financial fraud concern is identity theft, and that's true globally. That's what they worry about the most. Often, as a result of experiencing fraud, we see that consumers are far more likely to change card providers. For example, in the United States, 12 percent of consumers who experienced fraud changed their financial provider, compared to 27 percent in Mexico and in the UAE. At even higher rates, we see 44 percent in China and Indonesia, 41 percent in India, and 37 percent of consumers who experienced fraud in Singapore changed card issuers. Those are extremely high attrition rates that are very costly for the card issuers.

I think that consumers are just extremely confused and I know that some financial institutions are trying to do a good job of educating their consumers. But they need to understand that what they're doing just isn't working well. They need to figure out how to not only communicate with consumers, but to do so in a way that they understand the communication and they can retain that information. It's such a shame to see financial institutions lose customers because of confusion. That would be a message I hope that the financial institutions hear from this report. Consumers are confused. They don't understand when to use a PIN, the difference between various kinds of cards. They don't understand how to protect themselves against fraud. They want to partner with their financial institution to protect themselves, but they don't really know how. There were a significant percentage of people who said that they don't notify their card issuer before traveling internationally, and they didn't know it would make a difference. That shows a total lack of education because that could be a strong alliance if consumers understood that letting their financial institution know they're about to travel internationally would be helpful. That's just one example, but there were lots of examples in the report of how consumers really do need better education.

About the Author

Jeffrey Roman

Jeffrey Roman

News Writer, ISMG

Roman is the former News Writer for Information Security Media Group. Having worked for multiple publications at The College of New Jersey, including the College's newspaper "The Signal" and alumni magazine, Roman has experience in journalism, copy editing and communications.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.