Thursday, May 22, 2008

Prepaid "credit" cards

A prepaid credit card is not a credit card,as no credit is offered by the card issuer: the card-holder spends money which has been "stored" via a prior deposit by the card-holder or someone else, such as a parent or employer. However, it carries a credit-card brand (Visa, MasterCard, American Express or Discover) and can be used in similar ways just as though it were a regular credit card.
After purchasing the card, the cardholder loads it with any amount of money, up to the predetermined card limit and then uses the card to make purchases the same way as a typical credit card. Prepaid cards can be issued to minors (above 13) since there is no credit line involved. The main advantage over secured credit cards (see above section) is that you are not required to come up with $500 or more to open an account.With prepaid credit cards you are not charged any interest but you are often charged a purchasing fee plus monthly fees after an arbitrary time period. Many other fees also usually apply to a prepaid card.
Prepaid credit cards are sometimes marketed to teenagers for shopping online without having their parents complete the transaction.
Because of the many fees that apply to obtaining and using credit-card-branded prepaid cards, the Financial Consumer Agency of Canada describes them as "an expensive way to spend your own money".The agency publishes a booklet, "Pre-paid cards",which explains the advantages and disadvantages of this type of prepaid card.As well as convenient, accessible credit, credit cards offer consumers an easy way to track expenses, which is necessary for both monitoring personal expenditures and the tracking of work-related expenses for taxation and reimbursement purposes. Credit cards are accepted worldwide, and are available with a large variety of credit limits, repayment arrangement, and other perks (such as rewards schemes in which points earned by purchasing goods with the card can be redeemed for further goods and services or credit card cashback).
Some countries, such as the United States, the United Kingdom, and France, limit the amount for which a consumer can be held liable due to fraudulent transactions as a result of a consumer's credit card being lost or stolen.The low security of the credit card system presents countless opportunities for fraud. This opportunity has created a huge black market in stolen credit card numbers, which are generally used quickly before the cards are reported stolen.
The goal of the credit card companies is not to eliminate fraud, but to "reduce it to manageable levels".This implies that high-cost low-return fraud prevention measures will not be used if their cost exceeds the potential gains from fraud reduction.
Most internet fraud is done through the use of stolen credit card information which is obtained in many ways, the simplest being copying information from retailers, either online or offline. Despite efforts to improve security for remote purchases using credit cards, systems with security holes are usually the result of poor implementations of card acquisition by merchants. For example, a website that uses SSL to encrypt card numbers from a client may simply email the number from the webserver to someone who manually processes the card details at a card terminal. Naturally, anywhere card details become human-readable before being processed at the acquiring bank, a security risk is created. However, many banks offer systems where encrypted card details captured on a merchant's webserver can be sent directly to the payment processor.
Controlled Payment Numbers are another option for protecting one's credit card number: they are "alias" numbers linked to one's actual card number, generated as needed, valid for a relatively short time, with a very low limit, and typically only valid with a single merchant.
The Federal Bureau of Investigation and U.S. Postal Inspection Service are responsible for prosecuting criminals who engage in credit card fraud in the United States, but they do not have the resources to pursue all criminals. In general, federal officials only prosecute cases exceeding US $5000 in value. Three improvements to card security have been introduced to the more common credit card networks but none has proven to help reduce credit card fraud so far. First, the on-line verification system used by merchants is being enhanced to require a 4 digit Personal Identification Number (PIN) known only to the card holder. Second, the cards themselves are being replaced with similar-looking tamper-resistant smart cards which are intended to make forgery more difficult. The majority of smartcard (IC card) based credit cards comply with the EMV (Europay MasterCard Visa) standard. Third, an additional 3 or 4 digit code is now present on the back of most cards, for use in "card not present" transactions. See CVV2 for more information.
The way credit card owners pay off their balances has a tremendous effect on their credit history. All the information is collected by credit bureaus. The credit information stays on the credit report, depending on the jurisdiction and the situation, for 1, 2, 5, 7 or even 10 years after the debt is repaid.Credit card security relies on the physical security of the plastic card as well as the privacy of the credit card number. Therefore, whenever a person other than the card owner has access to the card or its number, security is potentially compromised. Merchants often accept credit card numbers without additional verification for mail order purchases. They however record the delivery address as a security measure to minimise fradulent purchases. Some merchants will accept a credit card number for in-store purchases, whereupon access to the number allows easy fraud, but many require the card itself to be present, and require a signature. Thus, a stolen card can be cancelled, and if this is done quickly, no fraud can take place in this way. For internet purchases, there is sometimes the same level of security as for mail order (number only) hence requiring only that the fraudster take care about collecting the goods, but often there are additional measures. The main one is to require a security PIN with the card, which requires that the thief have access to the card, as well as the PIN.
An additional feature to secure the credit card transaction and prohibit the use of a lost credit card is the MobiClear solution. Each transaction is authenticated through a call to the user mobile phone. The transaction is released once the transaction has been confirmed by the cardholder pushing his/her pincode during the call.
The PCI DSS is the security standard issued by The PCI SSC (Payment Card Industry Security Standards Council). This data security standard is used by acquiring banks to impose cardholder data security measures upon their merchants.

No comments: