Anna Frajtova - Fotolia

Mobile device use feeds card fraud in Asean region

Card fraud is rising in Asean countries, with the high use of mobile devices a contributing factor.

This article can also be found in the Premium Editorial Download: CW ASEAN: CW ASEAN: SMEs present security weakness

Card fraud rates are on the rise in Association of Southeast Asian Nations (Asean), mirroring a global trend, a study has found.

Users of smartphones and tablets in the region need to be educated on security.

Singapore has the sixth highest rate of card fraud globally and the third highest in Asia-Pacific, with 36% of credit, debit and prepaid card users having experienced unauthorised activity on their cards in the past five years. Indonesia has card fraud rates of 26% and Thailand 23%.

The 2016 study by ACI Worldwide surveyed 6,000 consumers across 20 countries, which included Singapore, Indonesia and Thailand.

There was a clear correlation between risky consumer behaviour and fraud, with the overall risk of fraud rising due to a global increase in smartphone and tablet use.

The reported suggested consumers need educating about risky behaviour, which includes leaving smartphones unlocked when not in use, shopping or banking online without security software, and responding to emails or calls that ask for banking information.

“The faster maturing markets, such as Thailand, Indonesia and India, tend to show greater levels of risky behaviour,” stated the report, claiming this may be attributed to less consumer education and experience with payment cards.

Mobile device use in Asean region drives up card fraud

  • Singapore government will table new Cyber Security Bill in 2017 to strengthen its online defences.
  • Banks in Singapore are rolling out biometric technology to improve customer services by speeding up the authentication process.
  • Security is a rising concern in the Asean region, with fears fuelled by incidents such as the recent hacking incident in Manila.

In the Asean countries surveyed, over 20% of consumers banked or shopped online using computers without security software or on public computers.

Consumers in Thailand and Indonesia tend not to have strong broadband connections at home, so they rely on internet cafes when activities cannot be completed on a mobile device.

“Card fraud rates are on the rise in the majority of countries included in the survey,” said Ben Knieff, senior research analyst at Aite Group. “The data shows that consumer education and customer service remain a challenge for financial institutions globally, as risky behaviour has a direct correlation to experiencing fraud.”

Fraud means lost revenue

In the Asia-Pacific region, the proportion of consumers who received at least one replacement card after an attack ranged from 14% in Thailand to almost 34% in Singapore. This may be a reflection of targeted fraud attacks and data breaches aimed at more affluent regions such as Singapore.

Many consumers across the Asia-Pacific region used these replacement cards less than the original cards, however, with 36% of consumers in Singapore, 58% in Indonesia and 74% in Thailand opting to use cash or alternative payment methods over credit or debit cards following a card fraud incident.

This behaviour represents lost revenue for financial institutions, demonstrating consumers’ lack of confidence and an increasing availability of non-card-based payment options.

While risky and imprudent behaviour makes security more challenging to enforce, the digitisation of financial services inevitably exposes banks through a greater number of client touchpoints and greater exposure to risk, said Sui-Jon Ho, senior market analyst at IDC Financial Insights.

“Remote devices, be it client smartphones, remote ATMs or point of sale units, are all potential entry points for database breaches, yet the ecosystem of users continues to expand beyond what any single bank can feasibly control,” said Ho.

“As vehemently as banks attempt to mitigate such intrusions, it also falls to merchants and consumers themselves to safeguard their transactions.”

Other security threats include spoofing, pharming, phishing and ransomware – all part of a would-be hacker’s arsenal to illicitly attain personal card information.

“Such external threats are premeditated and instigate specific risky actions to a larger degree, rather than leveraging on consumers’ own carelessness,” said Ho.

Read more on Identity and access management products