E-commerce and fraud Ian Brown UCL
Outline <ul><li>Where is fraud happening: card payments and telecommunications </li></ul><ul><ul><li>Is this a technology ...
Card payments <ul><li>Global fraud yr.2000: $2bn (DataMonitor) </li></ul><ul><li>“ Online fraud has risen by 60 per cent, ...
Small and shrinking problem?! <ul><li>Overall, UK online fraud  fell  from 0.32% to 0.29% of turnover </li></ul><ul><li>UK...
Faulty technology? <ul><li>Credit card numbers flowing over Internet where they can be grabbed by any passing 13-year old ...
Liability <ul><li>Banks push “card not present” transaction risk to merchants – so can afford to be generous to consumers ...
Secure card payments <ul><li>Use chips, not stripes </li></ul><ul><li>But where does it go in your PC… and what does your ...
Telecommunications fraud <ul><li>Actually larger problem - $1bn+ dial-through fraud alone </li></ul><ul><li>Phone phreakin...
Continuing fraud problems <ul><li>Hacking switches – Porsches, Concorde </li></ul><ul><li>PBX fraud – Scotland Yard lost £...
Better phone security <ul><li>Analogue    digital mobile phone changeover brought major security improvements </li></ul><...
Protecting customers from fraud <ul><li>Call charge display and limits </li></ul><ul><li>Consistent numbering </li></ul><u...
Conclusion <ul><li>Fraud is rarely entirely the “fault” of one party </li></ul><ul><li>Law should help consumers help them...
Upcoming SlideShare
Loading in...5
×

E-commerce and fraud

545

Published on

Presented at Cambridge Economic Crime Symposium

Published in: Technology, News & Politics
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
545
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
13
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

E-commerce and fraud

  1. 1. E-commerce and fraud Ian Brown UCL
  2. 2. Outline <ul><li>Where is fraud happening: card payments and telecommunications </li></ul><ul><ul><li>Is this a technology problem? </li></ul></ul><ul><ul><li>How can we fix it? </li></ul></ul><ul><li>Nothing in this discussion is meant to absolve criminals… </li></ul>
  3. 3. Card payments <ul><li>Global fraud yr.2000: $2bn (DataMonitor) </li></ul><ul><li>“ Online fraud has risen by 60 per cent, from £5m to £8m which the Interactive Advertising Bureau said was to be expected because Internet shopping rose by 76 per cent in the same period [Jan-Sep 2001].” </li></ul><ul><li>– The Observer </li></ul>
  4. 4. Small and shrinking problem?! <ul><li>Overall, UK online fraud fell from 0.32% to 0.29% of turnover </li></ul><ul><li>UK online fraud < 2% total card fraud </li></ul><ul><li>Europe 1/1500, US 1/2500 </li></ul><ul><li>May change in future, but should be kept in perspective </li></ul>
  5. 5. Faulty technology? <ul><li>Credit card numbers flowing over Internet where they can be grabbed by any passing 13-year old hacker? </li></ul><ul><li>No: SSL, telephone orders, bar/restaurant use </li></ul><ul><li>SET development; merchant obstruction </li></ul>
  6. 6. Liability <ul><li>Banks push “card not present” transaction risk to merchants – so can afford to be generous to consumers (£50 limit) </li></ul><ul><li>But many online banking terms and conditions force risk onto customers: </li></ul><ul><ul><li>“ Until you tell us, you will be responsible for any instruction in writing or by telephone or Internet which we receive and act on even if it was not given by you.” – Egg </li></ul></ul>
  7. 7. Secure card payments <ul><li>Use chips, not stripes </li></ul><ul><li>But where does it go in your PC… and what does your PC tell it? </li></ul><ul><li>Who pays? </li></ul>
  8. 8. Telecommunications fraud <ul><li>Actually larger problem - $1bn+ dial-through fraud alone </li></ul><ul><li>Phone phreaking </li></ul><ul><li>Clip-on fraud </li></ul>
  9. 9. Continuing fraud problems <ul><li>Hacking switches – Porsches, Concorde </li></ul><ul><li>PBX fraud – Scotland Yard lost £1m </li></ul><ul><li>Premium rate calls </li></ul>
  10. 10. Better phone security <ul><li>Analogue  digital mobile phone changeover brought major security improvements </li></ul><ul><li>Cryptographic phone authentication </li></ul><ul><li>But designed by phone companies, so guess who benefitted… </li></ul>
  11. 11. Protecting customers from fraud <ul><li>Call charge display and limits </li></ul><ul><li>Consistent numbering </li></ul><ul><li>PBX manufacturer liability </li></ul>
  12. 12. Conclusion <ul><li>Fraud is rarely entirely the “fault” of one party </li></ul><ul><li>Law should help consumers help themselves… </li></ul><ul><li>… but also ensure liability lies with party best-placed to reduce the problem </li></ul>
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×