Preview

e commerce fraud

Powerful Essays
Open Document
Open Document
7897 Words
Grammar
Grammar
Plagiarism
Plagiarism
Writing
Writing
Score
Score
e commerce fraud
Journal of Internet Banking and Commerce
An open access Internet journal (http://www.arraydev.com/commerce/jibc/)
Journal of Internet Banking and Commerce, December 2009, vol. 14, no.3
(http://www.arraydev.com/commerce/jibc/)

The Role of IT/IS in Combating Fraud in the Payment Card Industry
Jan Devos
Lecturer at the Ghent University Association, Howest Kortrijk, Belgium
Graaf Karel de Goedelaan 5, 8500 Kortrijk, Belgium
Author 's Personal/Organizational Website: www.pih.be/opleiding/elektronica/~jdv/index.aspx Email: jan.devos@howest.be
Jan Devos is currently lecturer in Information Systems, IT Management, IT Security and
E-Business. He holds a master degree in Engineering and Applied Mathematics and an
MBA. He had his own consulting company and conducted more than 50 expert opinions on litigation of IS failures. His current research interest are IT Governance in SME’s and
IS failures. He has a broad experience as a practitioner in Information Systems
Management and Project Management as well as an Executive Professor.
Igor Pipan, MBA
Risk Manager, NLB Tutunska banka AD Skopje, Skopje, Macedonia
Vodnajnska 1, 1000 Skopje, Republic of Macedonia
Author 's Personal/Organizational Website: www. nlbtb.com.mk
Email: i.pipan@tb.com.mk
Igor Pipan is a risk manager at NLB Tutunska banka AD Skopje, involved in fraud prevention related activities in the banks card business. He has been part of the implementation of almost all of the banks card protective systems and is still working in that field.

Abstract
The vast growth of the payment card industry (PCI) in the last 50 years has placed the industry in the centre of attention, not only because of this growth, but also because of the increase of fraudulent transactions. The conducted research in this domain has

JIBC December 2009, Vol. 14, No. 3

produced statistical reports on detection of fraud, and ways of protection. On the other hand, the relevant body of research is quite partial


References: Alaric, (2007), ‘Card fraud detection - Comparison of detection technologies’, p. 1-4, [Electronic], PDF. APACS, (2006), ‘The card transaction process’, presentation p. 1-2, [electronic]. APACS, (2007), ‘Fraud – the facts’, PDF p. 4-5, [electronic]. APACS, (2008), ‘2008 fraud figures announced by APACS’, [Online], Available: http://www.apacs.org.uk/09_03_19.htm. Barclaycard, (2009), ‘Credit Card Fraud’, [Online], Available: http://www.barclaycard.co.uk/ personal-home/credit-guidance/fraud-guide/what-iscredit-card-fraud/index.html. Barge, B., (2002), ‘Smart Cards’, [Online], Spring 2002. EMVCo, (2009), ‘The EMV 4.2 Specification books’, Available: http://www.emvco.com/specifications European Commission, (2008), ‘Report on fraud regarding non cash means of payments in the EU: the implementation of the 2004-2007 EU Action Plan’, p FPEG, (2009), ‘Fraud in non-cash means of payment’, [Online], Available: http://ec.europa.eu/internal_market/fpeg/non-cash_en.htm. JIBC December 2009, Vol. 14, No. 3 Maes, S., Tuyls, K., Vanschoenwinkel, B., Manderick, B., (2002), ‘Credit Card Fraud MasterCard, (2009), ‘Corporate Overview’, [Online], Available: http://www.mastercard.com/us/company/en/docs/012109CorporateOverview.pdf. Myers, M. D., (2008), ‘Qualitative Research in Information Systems’, [Online], Association for Information Systems, Available: http://www.qual.auckland.ac.nz/. PCI Security Standards Council, (2008), ‘PCI Quick Reference Guide’, p. (4, 6, 7, 1224), [Online], Available: https://www.pcisecuritystandards.org/pdfs/pci_ssc_quick_guide.pdf. PCI Security Standards Council, (2008), ‘Payment Application Data Security Standard’, v PCI Security Standards Council, (2009), ‘PCI Encrypting PIN Pad (EPP) Security Requirements’, v PCI Security Standards Council, (2009), ‘PCI POS PIN Entry Device Security Requirements’, v U.S. Census Bureau, (2009), ‘Credit Cards—Holders, Number, Spending, and Debt, 2000 and 2006, and Projections, 2010’, [Online], Visa, (2009), ‘Visa Inc Corporate Overview’, [Online], Available: http://www.corporate.visa.com/av/pdf/Visa_Inc_Overview.pdf. Visa Canada, (2009), ‘How VbV works’, [Online], Available:http: //www.visa.ca/en/merchant/ products/vbv/howitworks.cfm. Woolsey, B., (2008), ‘Credit card 'phishing ': What it means, how to prevent it’, [Online], Available: http://www.creditcards.com/credit-card-news/phishing-credit-card-scamfraud-1282.php [June 20, 2009]. Yin, R. K., (2004), ‘Case Study Research, Design and Methods’, 3rd ed. Newbury Park, Sage Publications.
Continue Reading
View Writing Issues

You May Also Find These Documents Helpful

  • Satisfactory Essays

    Project part 6
    • 406 Words
    • 2 Pages

    Project part 6

    PCI DSS stands for Payment Card Industry Data Security Standard. PCI DSS originally began as five different programs: Visa, MasterCard, American Express, Discover and JCB data security programs. Each company creates an additional level of protection for card issuers by ensuring that merchants meet minimum levels of security when they store, process and transmit cardholder data. PCI DSS specifies 12 requirements for compliance, organized into six logically related groups called control objectives. Each version of PCI DSS has divided these 12 requirements into a number of sub-requirements differently, but the 12 high level requirements have not changed since the inception standard. The control objectives are Build and maintain a secure network, protect cardholder data, maintain a vulnerability management program, implement strong access control measures, regularly monitor and test networks and maintain an information security policy. The requirements for compliance are, install and maintain a firewall configuration to protect card holder data, do not use vendor-supplied defaults for system passwords and other security parameters, protect stored cardholder data, encrypt transmission of cardholder data across open public networks, use and regularly update anti-virus software on all systems commonly affected by malware, develop and maintain secure systems and applications, restrict access to cardholder data by business need-to-know, assign a unique ID to each person with computer access, restrict…

    • 406 Words
    • 2 Pages
    Satisfactory Essays
    Read More
  • Good Essays

    HomeworkIntroduction To Statistics1 Credit Card Usage
    • 453 Words
    • 3 Pages

    HomeworkIntroduction To Statistics1 Credit Card Usage

    1. Credit card usage is requiring an increasing amount of information from users in order to avoid…

    • 453 Words
    • 3 Pages
    Good Essays
    Read More
  • Best Essays

    Hydraulic Fracking Research Paper
    • 3245 Words
    • 13 Pages

    Hydraulic Fracking Research Paper

    industry. We then discuss the why behind its boom. The main reason being that the industry is…

    • 3245 Words
    • 13 Pages
    Best Essays
    Read More
  • Better Essays

    Heart-Healthy Insurance Information Security Policy: Case Study
    • 1344 Words
    • 6 Pages

    Heart-Healthy Insurance Information Security Policy: Case Study

    (November 2013). Requirements and Security Assessment Procedures. Payment Card Industry (PCI) Data Security Standard, Version 3.0, 61-72. Retrieved from https://www.pcisecuritystandards.org/security_standards/documents.php…

    • 1344 Words
    • 6 Pages
    Better Essays
    Read More
  • Powerful Essays

    PCI DSS Compliance
    • 1344 Words
    • 6 Pages

    PCI DSS Compliance

    This report outlines the history of the PCI DSS which came about from the emergence of the CISP and SDP that MasterCard and Visa have developed. This standard was then adopted by almost every major card brand; it is known as the Payment card industry security standard council and extends invites at a fee to become a member of the council which governs this standard. However research has been shown that less than half of Australia has adopted this standard and the even though this is now a law, heavy penalties and fines apply, if an error should occur, to those who do not comply with the standard. The second half the report outlines firewall and network changes to the business, “Bricks and Mortar”, to comply with the rules and regulations of the PCI DSS. This includes moving the cardholder database into a more secure environment such as the trusted network. A diagram has been included as an end result of the configuration process.…

    • 1344 Words
    • 6 Pages
    Powerful Essays
    Read More
  • Powerful Essays

    British Columbia Paper
    • 2364 Words
    • 10 Pages

    British Columbia Paper

    The most westerly province in Canada is British Columbia (B.C), which is displayed in figure 1 below. In earlier times the province had an extreme “britishness” which indicated its name, of which was originated with Queen Victoria and was officially declared in 1958 (Kimmel 54). It is the third largest province after Ontario and Quebec, with a mountainous area of 947 800km2 according to BC stats. It is characterized by high, snow covered mountains rising above narrow inlets and broad forested uplands of the central interior and the plains of the northeast. This land area holds a provincial population of 4,573,321 according to BC Stats in 2011. Most of the population is mainly clustered in the southwestern corner of the province. The physical and human geography features of British Columbia will be presented more in depth through out the rest of this research report.…

    • 2364 Words
    • 10 Pages
    Powerful Essays
    Read More
  • Satisfactory Essays

    paper
    • 267 Words
    • 1 Page

    paper

    What competitive strategy are the credit card companies pursuing? How doinformation systems support that strategy? (10 marks)…

    • 267 Words
    • 1 Page
    Satisfactory Essays
    Read More
  • Good Essays

    English 101
    • 412 Words
    • 2 Pages

    English 101

    Time has change, so has technology, the prices of items and even real estate has changed. However one thing that hasn't change is the minimum wage. There are three classes in the United States which consist of: Poor, Middle and Upper class. The upper class usually own and run a business where the poor and middle class work for them, so paying them less money is better. The minimum wage has become the main issue for politicians and economist. Advocate and critics who’s rich are trying their best to stop U.S congress from raising the minimum wage every time an amendment present to them. While most individuals think increase the minimum wage will benefit the poor and the middle class, others believe it will be a bad idea. In my opinion increasing the minimum wage will benefits many individuals especially the poor families.…

    • 412 Words
    • 2 Pages
    Good Essays
    Read More
  • Satisfactory Essays

    Identity Theft
    • 2479 Words
    • 8 Pages

    Identity Theft

    Thesis: One day you receive a call from your bank, stating you had just made a purchase for a random estimate of 5,000 dollars. But you did not go on a shopping spree. Your identity just has stolen. How secure is your identity? Do you ever wonder about your identity? Ways to prevent/protect yourself from identity theft and frauds.…

    • 2479 Words
    • 8 Pages
    Satisfactory Essays
    Read More
  • Good Essays

    Cmgt 400 Common Information Security Research Paper
    • 1058 Words
    • 5 Pages

    Cmgt 400 Common Information Security Research Paper

    In very basic terms, phishing involves a fraudster masquerading as a financial institution in order to steal a customer 's account information. More recently, criminals have been using increasingly sophisticated spy ware including Trojan horse, key logging and screen scrapper programs – which capture screen shots to obtain end user credentials (Reavley, 2005). No banking institution is immune to phishing. A financial want of desperate individuals is the driving force behind this threat also. They pray on almost all of the banking institutions regardless of their information security infrastructure. Banks now days take many anti-phishing measures to protect their customers. It is not so much of banking institution information security vulnerability but an internet browser security issue. Many browser now have an anti-phishing extension plug-in available for users to safely enter their important information…

    • 1058 Words
    • 5 Pages
    Good Essays
    Read More
  • Good Essays

    Identity Theft
    • 2587 Words
    • 11 Pages

    Identity Theft

    Bibliography: "Identity Theft: What to Do If It Happens to You | Privacy Rights Clearinghouse." Privacy Rights Clearinghouse | Empowering Consumers. Protecting Privacy. Web. 25 May 2011. .…

    • 2587 Words
    • 11 Pages
    Good Essays
    Read More
  • Good Essays

    Identity Theft
    • 671 Words
    • 2 Pages

    Identity Theft

    Identity Theft is a form of fraudulent activity, which involves using someone else’s personal details and assuming their identity. There are several forms of identity theft, but the most common are business/commercial identity theft, and financial identity theft – in which the victim’s credit might be severely affected and could be accountable for the perpetrator’s actions. This paper will highlight ways to prevent identity theft, and what to do if you are a victim of identity theft.…

    • 671 Words
    • 2 Pages
    Good Essays
    Read More
  • Good Essays

    international adoption
    • 337 Words
    • 1 Page

    international adoption

    "Lack of regulation and oversight, particularly in the countries of origin, coupled with the potential for financial gain, has spurred the growth of an industry around…

    • 337 Words
    • 1 Page
    Good Essays
    Read More
  • Powerful Essays

    Terminal Data Capability Emv
    • 1475 Words
    • 6 Pages

    Terminal Data Capability Emv

    -Shall have parameters initialised so that it can identify what language(s) supported to process the card’s language preference.…

    • 1475 Words
    • 6 Pages
    Powerful Essays
    Read More
  • Better Essays

    Internal Control Accouting System
    • 1770 Words
    • 8 Pages

    Internal Control Accouting System

    Preface Over the past 20 years, financial institutions, governments, insurers and retailers have seen an explosion in the amount and types of fraud perpetrated against them. In the United Kingdom alone, card-fraud losses in 2006 totaled €620.6 million (£428 million) and while this total represented a reduction of 3 percent over 2004 and a decrease of nearly €116 million (£80 million) over the past two years, it was still a considerable loss to business. Of particular concern is the evolution of types of fraud to circumvent the effectiveness of PIN-based domestic transactions. This has led to a 43 percent increase in fraud committed on UK cards abroad, where perpetrators take advantage of non-PIN environments. Fraud Loss: A Cost of Doing Business? UK banks recently reported their total profits for 2006 amounted to £40 billion. Considering the size of this figure, it can be said that fighting card fraud is not wholly related to financial loss but rather to a significant risk to the banks’ reputations. The negative press associated with the use of fraudulent card transactions to support terrorism, drugs, prostitution and human trafficking can only result in a negative customer perception. Therefore, from a risk-management perspective, it is important to actively and effectively prevent and detect card fraud. The growth of organized crime and terrorism and their associated requirements are well documented. Their need for significant funding easily explains the inventiveness and increasing sophistication of criminal gangs and individuals in their attempts to defraud organizations of huge sums on a global scale. The manifestations of fraud are seen in money laundering,…

    • 1770 Words
    • 8 Pages
    Better Essays
    Read More

Related Topics