Indonesian Political, Business & Finance News

Plastic money omits hassle, create nuisance

| Source: JP

Plastic money omits hassle, create nuisance

Urip Hudiono, The Jakarta Post, Jakarta

When credit cards first appeared, people eagerly applied for
them, delighted with the concept of a single card replacing bills
and coins.

But along the way, the downside of plastic money became all
too clear, with complaints of debt-snaring interest-rate schemes,
lousy billing systems, aggressive marketing and debt collection
cases increasing by the day.

Another major headache for card holders, issuers and merchants
as well, was the rising incidence of credit card fraud.

Data from the Indonesian Credit Card Association (AKKI) shows
that losses from credit card fraud in the country amounted to
some Rp 40 billion (US$4.3 million) last year. Although that
figure is down from Rp 60 billion in 2003, an alarming number of
cases continue to be reported to the association.

In light of this, major credit card issuers in the country
have upgraded their security systems to protect their customers
-- as well as their own businesses -- from fraud.

The central bank also issued Bank Indonesia (BI) Regulation
No. 6/30/PBI/2004, requiring card issuers to take a number of
security measures, apart from implementing a risk-management
system.

The Hongkong Shanghai Banking Corporation Limited (HSBC)
Indonesia, for example, implements an "early warning system"
within its electronic transaction system to detect any possible
"hits" against its customers.

The system, HSBC marketing manager Ichsan Tobing said, was
constantly monitored and upgraded by the bank's global security
analysis team.

"The team is always on guard for any novel fraud scheme and
immediately adds that to our prevention system," he said.

Meanwhile, almost all card issuers request merchants to call
up and verify, first hand, any suspicious transactions --
particularly those that involve the purchase of expensive items
-- to the customer.

Nevertheless, even with such sophisticated systems installed,
security measures are only as secure as their weakest link, which
many experts say lies in the credit card holders and merchants.

"Security systems can be hacked and beaten, but it's much
easier to manipulate the (credit card holder's) lack of knowledge
and precautions," Yudi (not his real name), a former "carder",
told The Jakarta Post.

"One of the most basic precautions, is that they should never
let their cards out of their sight mid-transaction," Yudi said.

Transactions at a merchant with a doubtful reputation should
always be avoided, he said, as its employees might be part of a
credit card fraud ring.

If that was the case, Yudi explained, the customer would
likely fall victim to a "skimming" scheme, whereby data in the
magnetic strips of credit cards is read off using electronic
equipment -- the size of which can be as small as the palm of
one's hand.

Another scheme is "chipping", whereby a card reader is
implanted with an electronic chip to record the data of any cards
swiped.

Meanwhile, with the use of credit cards becoming more common
for online transactions, fraudsters have also resorted to
"phishing" techniques, whereby they claim to be card-issuer
employees, contact unsuspecting card holders by phone or e-mail,
and trick their way into obtaining personal data.

"Card holders can actually avoid phishing schemes by simply
ignoring any such phone calls and e-mails, as card issuers and
merchants never ask for card numbers, expiration dates, dates-of-
birth, or mother's maiden names through phone or e-mail," he
said.

Yudi said that if card holders needed to do online
transactions, they should do it through a secure website -- which
usually shows a lock on the browser -- and on a private computer.

"A public computer, like at an Internet cafe, might be
installed with spyware that reads anything you key in," he said,
adding that he used to obtain credit card data through such a
scheme.

Meanwhile, on the part of the merchant, Yudi explained that
they should use software that can verify that a card's country of
issuance matches that of where an online transaction is made.

With the potential loopholes in the magnetic strip card, Bank
Indonesia has required all card issuers in the country to
gradually replace their customers' cards with smart cards that
comply with the international EuroPay MasterCard Visa (EMV)
standard.

Such smart cards are embedded with data encrypting
microprocessors, ensuring a more secure transfer of data.

The AKKI, however, estimates that only 25 percent of 20
issuers are ready to migrate from magnetic strip cards to smart
cards.

View JSON | Print