Retail Payments Risk Forum
Font Size: A A A

Portals and Rails

« Finding a Reasonable Definition of Commercially Reasonable | Main | Pointing to the Future: Biometrics Crucial for Data Protection »

August 27, 2012

Mind the Gap: PIN versus Signature Authentication

In a January post, Portals and Rails considered the difference in fraud rates for payments using signature versus those using PIN authentication. Based on the data at hand, we concluded that "financial institutions have significantly more exposure to fraud losses from card payments with signature authentication than those from PIN authentication." The just-released PULSE Debit Issuer Study reveals that in 2011 the gap in loss rates between signature and PIN debit transactions has widened further. Issuers lost an average of three cents per signature debit transaction compared to less than one-half of one cent on PIN transactions.

Debit Card Issuer Loss Rates

Fraud is a concern for issuers
According to the study, which was conducted by the consulting firm Oliver Wyman on 57 banks and credit unions, 74 percent of large financial institutions (asset size greater than $10 billion) and 90 percent of small institutions (asset size under $10 billion) view fraud as a major challenge for 2012. Looking deeper into 2012 fraud concerns, 54 percent of issuers, regardless of their size, expect signature debit fraud to increase, while only 37 percent of issuers expect an increase in PIN debit fraud levels.

With fraud being of such high concern to issuers, I expected EMV card issuance to be high on their priority list, but that is not the case. In fact, 71 percent of the financial institutions have no immediate plans to issue EMV cards. In the past, we've highlighted some of the many possible ways to do an EMV implementation—according to the study, these unknowns of a U.S. EMV implementation have many financial institutions taking a "wait-and-see" approach.

Of particular note, issuers are interested in knowing if PIN authentication will become mandatory or if it will continue to coexist with signature authentication. Hopefully, this issue and others surrounding EMV implementation will soon be addressed by the industry through the recently announced collaborative EMV Migration Forum created by the Smart Card Alliance. The sooner these issues get sorted out, obviously, the better, as signature debit card fraud is showing no signs of slowing down.

Douglas A. KingBy Douglas A. King, payments risk expert in the Retail Payments Risk Forum at the Atlanta Fed

August 27, 2012 in chip-and-pin, crime, EMV, fraud | Permalink

TrackBack

TrackBack URL for this entry:
http://www.typepad.com/services/trackback/6a01053688c61a970c0177445db2c5970d

Listed below are links to blogs that reference Mind the Gap: PIN versus Signature Authentication:

Comments

Post a comment

Comments are moderated and will not appear until the moderator has approved them.

If you have a TypeKey or TypePad account, please Sign in