Card fraud hits more than 1 in 4 in S’pore

SINGAPORE — More than one-quarter of cardholders in Singapore were victims of card fraud in the past five years, a global study showed, eroding confidence in providers, despite the banking sector’s continuing efforts to ramp up security measures following a series of fraud incidents.

In the latest fraud study conducted by payments company ACI Worldwide, which polled 6,100 consumers across 20 countries, the rate of card fraud in Singapore was shown to be moderately high by global standards.

“Twenty-eight per cent of respondents in Singapore have indicated that they have experienced card fraud in the past five years,” said Mr Subhashish Bose, ACI Worldwide’s senior fraud consultant. Globally, the rate is 27 per cent, but in terms of the highest levels of fraud, Singapore ranks 10th among the 20 countries surveyed, he added.

While this is below the more than 40 per cent levels in China, India and the United States, the situation is eroding consumer confidence in providers. The report showed 33 per cent of affected customers in Singapore were at least somewhat unhappy with their financial institutions and that 15 per cent had switched banks after their fraud experience.

In all, there were 1,367 confirmed data breaches globally last year alone, ACI Worldwide’s findings showed.

“Consumers are increasingly concerned about fraud and are losing confidence on a variety of levels … They are unsure that their financial institutions can protect them against fraud,” Mr Bose noted.

The report comes at a time when banks in Singapore are on high alert against security breaches, following several high-profile cases in recent years. In January 2012, DBS and POSB customers were hit by an automated teller machine skimming fraud that resulted in S$500,000 being stolen from accounts. More recently in February, customers of at least four banks — Citi, DBS, UOB and OCBC — reported being affected by unauthorised card transactions.

In that incident, Citi — the biggest credit card issuer in Singapore — was the first bank to inform the authorities, said a spokesperson, stressing that the bank places the highest priority on card security. “All Citi credit cards are enabled with 3-Domain (3D) Secure password authentication service, which Citi was the first in Singapore to launch in 2004,” the spokesperson added. “3D Secure authenticates the cardholder’s identity at the point of purchase at 3D Secure online merchants, with the requirement of an additional one-time password (OTP).”

3D Secure and OTP are now universally adopted features among card issuers to address risks of card-not-present (CNP) transactions. Mr Mark Jansen, PricewaterhouseCoopers’ financial services risk partner, said these and other measures have helped curb card fraud in Singapore.

“To date, while we have seen a number of card frauds, Singapore has not had issues on the same scale as other locations. This does not mean the threat is not real, but with the use of chip technology, limitations on overseas transactions, OTP and short message service (SMS) messaging, it has reduced the exposure,” he said.

But vigilance is still the best prevention and consumers also have a role to play, Mr Jansen added. “Awareness is critical both at an organisational level and for the man in the street, who is subject to phishing attacks,” he said. “In today’s world, being aware of how you are vulnerable is the first step in terms of preventing incidents.”

Ms Wong Chung Yee, OCBC’s head of cards, advised that besides never disclosing credit card information, consumers must avoid downloading attachments from unknown sources or using public computers to perform financial transactions.

Correction: The original article incorrectly named Mr Mark Jansen, PricewaterhouseCoopers’ financial services risk partner, as Mr Mark Jensen. We apologise for the error. This article was edited on June 26, 2014 at 12.00pm.