44% of Financial Accounts Have Been Affected By Data Compromise

In the ACI survey, more than 40% of respondents indicated they are more aggressively looking at their EMV plans
In the ACI survey, more than 40% of respondents indicated they are more aggressively looking at their EMV plans

While the headlines continue to highlight data breaches, which involve compromised payment, banking and personal data, it’s clear that financial institutions must stay vigilant in combating fraud loss and maintaining customer goodwill because the ramifications can be profound. More than 15% of respondents indicated recent breaches put increased pressure on fraud operations. Another 12% indicated that they suffered a negative impact on their brand. And only 22% said they felt no direct impact from breaches.

“Managing fraud in the wake of a data breach involves having the right tools to detect fraud as early as possible and using customer communication programs that proactively address account holders’ concerns,” said Mike Braatz, senior vice president and product line manager for payments risk management at ACI Worldwide, in a statement. “Without proper proactive and reactive fraud protocols, banks and issuers risk losing customers and trust in their brands, even when the breach occurred through no fault of their own.”

The issue has been highlighting the role of the Europay, MasterCard and Visa (EMV) global standard for credit and debit cards in protecting customer accounts. EMV chip-based payment cards, also known as smart cards, contain an embedded microprocessor to hold the information needed to use the card for payment, and is protected by various security features, so they’re a more secure alternative to traditional magnetic stripe payment cards.

As the last holdout of EMV technology and standards, many in the US are re-evaluating their strategies after these recent events. Regions including Canada and Great Britain attribute decreased card fraud to the more secure chip and PIN methods employed as part of their EMV strategies, which were rolled out years ago.

“[The] EMV standard is based on risk management which the chip-based card can do itself (offline) or with an external validation support (online),” said Frost & Sullivan’s global program director for ICT in financial services, Jean-Noel Georges. “Based on the risk, different security measures are implemented at the correct level of payment.”

In the ACI survey, more than 40% of respondents indicated they are more aggressively looking at their EMV plans. Another 30% are still exploring options required to meet the 2015 liability shift, and just under 10% indicated they are already EMV-compliant.

The good news is that more than 75% of respondents said they are looking at additional resources to combat fraud in their organizations. Of those, half said they are looking to invest in fraud detection technology, more than 15% are investing in more training for their fraud management teams, and 10% say that they are beefing up staff with new personnel.

And, although data breach-related fraud has a negative impact on the bottom line and on the industry in general, more than 40% of respondents indicated that their customers appreciate the proactive outreach and response to market events.

“Customers want an open dialogue with their financial institutions when it comes to protecting their payments and personal data,” said Bratz. “When executed properly, a payments risk management strategy, which keeps customers informed – early and often – in the event of a fraud or data breach will keep financial institutions on the right side of customer satisfaction and ensure trust in their brand.”

What’s hot on Infosecurity Magazine?