GS Logo
The Green Sheet, Inc

Please Log in

A Thing
View Archives

View PDF of this issue

Care to Share?

Table of Contents

Lead Story

Outside forces impinge on payments in 2011


Industry Update

California Lucky's unfortunate breach

Experts discuss the future of mobile payments

NRF sues Fed over Durbin regs


SMBs: Security must become serious

Bill Farmer
Mako Networks

An interview with Marc Abbey

Ken Musante
Eureka Payments LLC

Status report: U.S. economy Q3 2011

Selling Prepaid

Prepaid in brief

Will prepaid pivot with Green Dot's purchase?

'Smart' gifting gears up


Thinking outside the bank

Patti Murphy
ProScribes Inc.


Street SmartsSM:
EMV's time is nigh

Bill Pirtle
C3ET Credit Card Consortia for Education & Training Inc.

QR codes - the new call to action

Stephen Enfield
POS Supply Solutions

Fraud trends 2012: Like 2011, only more so

Nicholas Cucci
Network Merchants Inc.

Crisis management as opportunity

Dale S. Laszig
Castles Technology Co. Ltd.

ISOs welcome in the POS waters

Jerry Cibley
United Bank Card Inc.

Parlay tradeshow costs into social media bonanza

Alan Kleinman
Meritus Payment Solutions

Company Profile


New Products

All-in-one payment platform

FrontStream Payments Inc.


Use your human gifts


10 Years ago in
The Green Sheet


Resource Guide



2012 Calendar of events

A Bigger Thing

The Green Sheet Online Edition

December 26, 2011  •  Issue 11:12:02

previous next

Fraud trends 2012: Like 2011, only more so

By Nicholas Cucci

What will 2012 bring to the payments industry? In this age of technology, personal cardholder information such as credit card data is more vulnerable to fraudsters and computer hackers. According to the Bureau of Justice Statistics, only 23.7 percent of households subjected to some form of identity theft had no direct financial loss as a result. The average out-of-pocket loss was $1,640, but half suffered minor losses of $200 or less.

The emotional impact of identity theft is often far more painful than the actual financial loss. Consumers and regulators should be proactive about guarding and protecting credit card and other personal information.

Play it SAFE

With the global economy struggling to correct itself and fraud continuing to rise, we will see breach notifications become a priority in 2012. We started to see this year that larger data breaches have a trickle-down effect, which causes the government to take action. Congress is considering the so-called SAFE Data Act, which would preempt breach notification laws in 47 states.

The act would require notification of consumers within 48 hours of identifying those whose information has been compromised, except when an inadvertent breach is unlikely to cause harm. The legislation would require companies and other entities that handle sensitive cardholder information to establish and maintain appropriate security policies to prevent unauthorized acquisition of data.

Even with the progress toward a national standard for breach notifications, it still seems the law may be ambiguous. In 2012, we will continue to see the struggle for clarity of the legal requirements for companies handling cardholder data.

For example, what is an inadvertent breach? If the compromised data is limited just to email addresses, the argument could be made that this is partially sensitive data. When a fraudster can't pull down credit card or more sensitive personal information, the next best thing is an email address.

With that, the fraudster can start phishing - a way of attempting to acquire more sensitive data, such as user names, passwords and credit card details, by masquerading in an email as a trustworthy entity. If emails are compromised, will that fall under "unlikely to cause harm"?

A banner year for fraudsters

Some of the largest breaches in history occurred in 2011:

With technology advancing daily, criminals' methods become ever more sophisticated and organized. We need to continuously evolve our defenses in order to stay ahead of fraudsters. Everyone must understand that fraud is still a two-step process. The first step is stealing the data, while the second step is conversion of that data.

Here are our expectations for the top five fraud hazards in 2012.

Until we make a shift to more secure technology, like EMV, we will continue to see fraudsters attacking card databases and the resulting proliferation of counterfeit credit cards.

Nicholas Cucci is the Director of Marketing for Network Merchants Inc., a graduate of Benedictine University and a licensed Certified Fraud Examiner. Cucci is also a member of the Advisory Board and Anti-Fraud Technology Committee for the Association of Certified Fraud Examiners. NMI builds e-commerce payment gateways for companies that want to process transactions online in real time anywhere in the world. Contact him at

Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.

previous next

Spotlight Innovators:

North American Bancard | USAePay | Impact Paysystems | Board Studios