HKMA steps up online card fraud fight
With the territory’s credit card penetration rate running at more than two per person, the Hong Kong Monetary Authority (HKMA) is actively discussing measures to reduce online credit card fraud.
As of the fourth quarter of last year, there were 17 million credit cards on issue to Hong Kong residents – more than two for every one of the 7.26 million men, women and children in the territory.
In a written answer to a question in the Legislative Council Wednesday, the Secretary for Financial Services and the Treasury, Professor K C Chan said that the police do not maintain a statistical breakdown for crime cases involving stolen credit cards for online purchases, the Hong Kong Monetary Authority (HKMA) has been concerned about fraudsters using stolen credit card information for online shopping.
The authority already requires card issuing banks to send notifications to cardholders via SMS when they have identified high risk online transactions so as to facilitate cardholders to detect promptly suspicious transactions.
Now the HKMA is discussing with the banking industry how to enhance and expand the scope and channels of notifications for online transactions.
“In addition, the HKMA notes that some cardholders can perform online credit card transactions only after the function for such transactions are activated in advance. However, the operation of that function is affected by certain factors. For example, in the event that a cardholder has not activated the function but the merchant has misclassified the cardholder’s non-online transaction as an online transaction, the relevant non-online transaction would be rejected.”
Professor Chan said that in view of this, the HKMA is discussing with the banking industry whether the effectiveness of the relevant arrangement can be enhanced, and whether it is appropriate for banks to offer similar arrangements to more cardholders.
While some card issuing banks now support additional authentication security measures against online card fraud, such as Verified by Visa and MasterCard SecureCode, whether an online credit card transaction requires additional authentication also depends on the readiness of merchants’ systems and the requirement of merchants for cardholders to provide additional authentication information when transactions are being executed.
“As there are still some merchants (both overseas and local) not having systems to support the above security measures and not requiring cardholders to provide additional authentication information, the HKMA is gathering information from the banking industry on how to encourage local merchants to enhance their systems to support such measures and require cardholders to provide additional authentication information, to step up efforts in educating cardholders about the features and use of the relevant measures, and to explore the enhancement of card issuing banks’ support for such measures,” said Chan.