Speaking at this week’s Retail Fraud 2005 conference, Riten Gohil, a risk management executive at UK payments association APACS, said there had already been a marked increase in card-not-present fraud, and cited APACS data showing that it had risen from £110.1m to £122.1m despite a fall in card crime in the UK from 2002 to 2003.
He urged retailers to limit their exposure by using the Address Verification Service and the Card Security Code. He also recommended adopting 3D-Secure, which directs the card user from the web site to the card issuer for verification and is used by Tesco.
He said a breakthrough would be Chip and PIN-reliant Token-Based Access.
The technology, still in development, requires users to insert their cards into a remote reader, enter a PIN and then use a password valid for that transaction only. There will be pilot schemes this year.