24th June – The crime of card skimming at ATMs has reared its ugly head again, with a number of Eastern European criminal gangs becoming active in the past couple of months, for the first time since early 2009.

Amounts of up to €60k have been absorbed by individual banks already this year due to the reappearance of this crime. While the majority of ATMs in Ireland now have anti-skimming devices installed, the criminals appear to be targeting the small number of machines that don't yet have the solution in place. In a similar manner to before, the criminals are using skimming devices at the throat of the ATM which captures the card details on entry. They use a micro-camera which captures an image of the PIN as the customer openly keys it in. They then use the genuine card details to create fake cards, which are used at ATMs abroad, in countries where Chip & PIN has not yet been implemented.

More than 23 incidents of ATM skimming have been reported to date to IPSO this year. Only a small portion of those attacks were successful while anti-skimming devices foiled the majority of attempts. In the rare circumstances where criminals were successful, the ATM card issuers continue to absorb the fraud losses and refund their customers.

IPSO appeals to cardholders to keep their PINs safe from prying eyes when using a PIN pad at an ATM or in shops. A very simple technique of covering the PIN pad with the free hand when keying in a PIN will mean that the criminals cannot use the card details for fraud. It's simple, but it works!

The banking industry is working tirelessly together with the Gardaí to keep these scams to a minimum and to ensure that the remaining ATMs in Ireland are upgraded to include the relevant anti-skimming technology. The Garda Bureau of Fraud Investigation (GBFI) has made significant arrests in the past month relating to ATM skimming and continues to be successful in the fight against this crime.

For more informaiton, contact info@safecard.ie or phone 01 663 6740

The IPSO Card Services Fraud Prevention Members' Seminar drew speakers from a range of industry backgrounds providing insight on enterprise fraud and recent fraud trends while focusing on e-crime prevention. The seminar attracted a record attendance level and feedback to date has been very positive.

In 2009 the total value of fraud lost to the retail banking industry is estimated to have cost approximately €16.7million. Chip & PIN continues to keep frauds such as skimming, counterfeiting and lost/stolen fraud to a minimum but unfortunately the criminals continue to find new areas to target and currently the predominant sector is e-commerce. Card Not Present (CNP) fraud continues to be the biggest issue with 74% of all fraud losses in 2009 relating to this type of fraud.

The Card Fraud Forum is the specialist fraud task force run under the auspices of IPSO Card Services, which collates industry fraud loss figures so that new fraud trends can be measured and the highest risk areas targeted. The purpose of the group is to share fraud data, best practice guidelines and to develop solutions to specific fraud issues.

Further Information:

For further information, please contact Úna Dillon, Head of IPSO Card Services, 01 663 6740 or e-mail: info@safecard.ie

Similar claims were issued by the Cambridge team just prior to the roll out of Chip & PIN in 2004 in which it claimed that Chip & PIN would not work. This was proven not to be the case. IPSO will shortly be issuing its fraud figures for 2009 however we can confirm that since the rollout of Chip & PIN cards the industry has seen a significant drop of more than 60% in fraud committed on lost and stolen cards as well as skimming and counterfeit frauds. In other words, Chip & PIN has worked and has been proven to be successful.

Commenting on the claims, Úna Dillon, Head of Card Services at the Irish Payment Services Organisation stated that; "We could simply compare the claims with a so-called expert suggesting that house alarms can be broken. It may be possible to put them out of action however in reality they are an excellent deterrent, continue to prevent break-ins in our homes and they continue to be updated to the latest technology. In a similar way Chip & PIN can be attacked but to date there have been no breaches to the technology as suggested by this recent report.
IPSO takes card fraud very seriously and deals with the live issues affecting people in the day to day payments environment. If we find, from real statistics, that cards are being compromised, we work with the industry stakeholders to ensure that identified weaknesses are removed and solutions implemented".

It is true to say that the type of fraud described in the programme can be detected by the banks’ fraud systems. In addition, under the banking code all card issuers are obliged to investigate every fraud claim. Where there is evidence of fraud, customers will always be reimbursed. The reputation of the payment card industry is based on the reliability of the cards systems and on customer protection. IPSO continues to work with banks, card processors, retailers and consumers to make them aware of the latest fraud prevention advice through the work of the SafeCard Task Force.

IPSO continually works to raise awareness of security advice and on how to protect against card fraud through media interviews, press releases, fraud seminars and conferences, specialised workshops and website updates. While criminals persist in testing the payments systems, IPSO monitors the activity and continues to take the necessary preventative measures in partnership with its members.

Card fraud figures in Ireland are well below the European average at 0.06% fraud to turnover, compared with latest figures of 0.14% for the EU. This low fraud figure is as a result of the fraud prevention work being done by the industry as a whole as well as the diligence of our cardholders and merchants.

For information on current payment fraud issues and fraud prevention tips see www.SafeCard.ie

One such e-mail currently being sent to consumers appears as though it has been sent by a major UK bank and strongly advises the consumer to complete an Online Banking Customer Form by clicking on the fake link contained in the e-mail. The link directs the consumer to an imitation website (which looks just like the real one). The reader is asked to fill in details to confirm their account details in order to ‘update’ their online banking security details.

IPSO advises consumers to be wary of requests for personal information, particularly payment and account details and reminds consumers that their bank or building society would never initiate contact with them for personal details via email.

According to Una Dillon, Head of IPSO Card Services, "Consumers should never give out personal information via the Internet unless they are 100% confident that they are visiting an authentic website. The best way to ensure this is to avoid following links in e-mails. Online banking users should always type the URL of the website they wish to visit into the navigation bar themselves."

This same advice can be applied to personal information being provided over the phone. If consumers receive an unsolicited /unexpected telephone call from an individual professing to be from a bank or other financial institution, they should always ask for a landline telephone number and check it against the phone book and/or hang up and phone their financial institution directly, using the phone number provided on their payment card or bank statement.

For further information on card fraud and simple, but effective techniques to protect against it, please visit www.SafeCard.ie