Online fraud advice updated
France’s National Commission on Informatics and Liberties issues new guidelines 10 years after they were first published
AS ONLINE purchases using credit or debit cards continue to rise, guidelines to prevent fraud have been updated, 10 years after they were first published.
France’s National Commission on Informatics and Liberties (CNIL) updated its advice on the use of credit cards in online transactions shortly before the European Central Bank (ECB) published figures this week that revealed online fraud rose 14.8% across the EU in 2012.
ECB figures reveal that fraud cost victims’ $1.33bn (about €970m) in 2012 in Single Euro Payments Area countries (SEPA) - which include the EU, plus Iceland, Liechtenstein, Monaco, Norway and Switzerland. About 60% of all scams came as a result of postal, telephone or internet purchases.
"This data shows that we must remain vigilant against credit card fraud, even though it is reassuring to see that the level of counterfeiting is less within SEPA and beyond, thanks to higher safety standards,” said Vítor Constâncio, vice president of the ECB.
The CNIL proposes changes to the law that would place a greater onus on businesses to protect their clients’ transactions. CNIL says that bank card numbers can only be used as part of a transaction, along with other information needed to fulfil the transaction - address, expiry date and Card Verification Value (CVV) number.
If any further information is required, sellers must prove that they have a “specific and legitimate” need for it, such as to prevent fraud.
Risks to consumers increase, CNIL said, if retail sites require consumers to use their credit card number as identification, or send copies of their card.
Traders must also ask for the consent of consumers if it wants to keep a record of their banking data, and cannot insist on being allowed to keep hold of this data to complete any transaction.
Consumers must also be allowed to withdraw their consent at any time, CNIL said.
The CNIL also urged users not to store bank details on computers, tablets or smartphones - and said that those whose details are stolen should be informed quickly so that they can contact their bank and stop fraudulent use of their accounts.
Photo:Sean MacEntee
