I would like to borrow a theme from Jim Collins, the management researcher and writer. His two best-known works, Built to Last and Good to Great, are evidence-based studies of what makes commercial organisations outperform over the long term. APCA’s own core principles – our values, purpose, unique positioning, member benefit proposition and vision – were developed using the Collins framework. You can find them on our website. Collins has the luxury of something to measure: he looks at relative increase in total shareholder value of listed companies against competitive peers over long periods of time. Then he tries to work out how the top performers got there in the first place, and how they stay on top. These days there is plenty of debate over the validity of this method but its influence on corporate strategic thinking is undeniable. Unfortunately, neat quantitative measures of achievement are not generally available for payment systems. But the long-term, structural orientation of Collins’ work aligns well with broader payments system evolution: how does the industry build a payments system that will stand the test of time, and respond to the unknowable challenges of the future? It’s not about any one strategy or programme, but the overall structure, culture and orientation.
October is Cybersecurity Awareness month and it kicked off with the launch of the Australian Government’s Stay Smart Online Week. Trish McGinness, Compliance Manager at APCA, spoke at the launch. With cybercriminals and fraudsters becoming more sophisticated and more determined – here’s what she had to say about in the importance of cyber safety and payments fraud prevention:
Why is cyber safety important for Australians?
Effective cybersecurity enables safe participation in the digital economy and with our increasingly digital payments habits, it’s more important than ever. The increase of payments fraud online means Australian consumers and businesses must be aware of the cybersecurity risks they face.
We know Australians are spending more than ever before online. At the same time, it’s getting harder to make fraudulent transactions in person. For example, thanks to closer cooperation between financial institutions and law enforcement, counterfeit fraud continues to drop each year. So it’s not surprising that we’ve seen an increase in card-not-present (CNP) fraud in recent years as fraudsters shift to an easier medium and make use of stolen card data from the large data breaches seen in recent years.
Watch out for APCA’s release of the Milestones Report for the most up-to-date statistics on Australia’s continued transition away from traditional payments such as cash and cheques.
What is the biggest challenge in achieving cyber-smart nation?
The biggest challenge is striking the balance between security and convenience. We all say we want security, but in practice, it’s been proven time and again that people will go for convenience every time, particularly in relation to online activity.
This is a major obstacle in ensuring online safety. Studies show that despite education campaigns and awareness, consumers still opt for the most convenient route without necessarily considering the safety issues.
If you asked, no one would say that ‘yes I’d give a total stranger access to all my online accounts’ and yet that’s what a surprising number of Australians are doing. When they use certain third party services they’re providing an external party with access to their personal bank accounts. Why? Because it’s easy, they perceive a benefit and the service they’re being offered is convenient.
We’re all aware of our physical safety but most people are very relaxed about online safety, even with the inherent risks. It’s important for us to shift our thinking and know that it’s just as important to protect our digital selves as it is to protect our physical selves, that’s why Australians must be aware of the risks of cybersecurity.
APCA monitors payments fraud data collected across all financial institutions and card schemes – what are some of the latest statistics?
Last month APCA released its report Australian Payments Fraud Details and Data 2016 – you can check it out for more information on fraud trends, preventative measures, and data here.
It shows that globally, the rates of online fraud are rising. Australia’s own rate of CNP fraud, occurring mainly online, has increased by 38%. This type of fraud – domestically and overseas – now accounts for 79% of all Australian card fraud by value.
These statistics show that consumers and businesses need to be more vigilant about protecting themselves online.
How can Australians protect themselves online?
There are many simple things businesses and consumers can do to help stay safe online to support broader industry initiatives.
Tips for consumers:
- Always keep your PC security software up-to-date and do a full scan often.
- Change passwords regularly.
- Only provide your card details on secure websites – look for the locked padlock.
- Register for, and use your financial institution’s online fraud prevention solutions whenever prompted.
- Check your account statements and report any suspicious transactions to your financial institution.
Tips for retailers:
- Use a fully hosted payment gateway provider to collect payments on your behalf.
- Watch for suspicious orders. Is the order unusually large for your business? Is the customer trying various cards in order to make a successful payment?
- Avoid shipping re-saleable goods to a temporary address (e.g. hotel) or to a PO box number.
- Never take payments on behalf of any other business or person.
- Only make refunds to the card originally used to pay for the goods.
- Take advantage of the tools available such as online authentication methods – American Express SafeKey, Mastercard SecureCode and Verified by Visa.
For more information about payments security online, please refer to Australian Payments Fraud Details and Data 2016.