Reducing Losses from Fraud: FSC Implements 5 Measures
In order to minimize the losses suffered by the public due to credit card fraud and skimming incidents, the Financial Supervisory Commission (FSC) has implemented five measures. These include lowering the threshold for instant notification of credit card online transactions from NT$5,000 to NT$3,000 and strengthening One Time Password (OTP) verification via text message.
The FSC has pointed out that fraudulent groups involved in credit card scams often deceive people into providing their credit card numbers and OTP information through various means, and then proceed with skimming transactions or bind the information to platforms such as Apple Pay, Google Pay, or Samsung Pay. The common tactics used are as follows:
Tactic 1: Impersonating a seller community editor to deceive people into providing their transaction information.
With the popularity of online shopping in recent years, many people choose to make purchases online for the sake of convenience and time-saving. However, fraudulent groups have taken advantage of the wide audience in online transactions and often pretend to be editors of seller fan pages. They use fake websites to deceive people into providing their transaction information, leading to the leakage of important transaction details such as credit card numbers.
Tactic 2: Setting up fake websites and luring people into making online payments for cheap goods.
Fraudulent groups target the mentality of people who are eager to grab discounts and take advantage of them by setting up fake websites. They lure people into buying fake goods online, thereby stealing their transaction information.
Tactic 3: Falsely claiming unpaid fees and luring people to click on phishing links.
By deceiving people who are worried about being penalized, fraudulent groups send phishing text messages claiming that they need to pay fines, taxes, or public utility fees, or that their loyalty points are about to expire. They trick people into believing the messages and clicking on the provided URLs, where they then enter their credit card numbers to complete the transaction.
What to do if your credit card is skimmed?
If you have unfortunately entered your credit card information such as the card number and expiration date, OTP is the last line of defense to complete the transaction. If OTP is not entered and authorized by the issuing institution, the transaction cannot be completed.
The FSC urges the public to carefully confirm the content of OTP messages and ensure that the purpose, amount, and currency are correct. If there are any doubts, it is important to avoid blindly confirming the transaction. If you receive a notification from the issuing institution about credit card binding without any intention to do so, it is crucial to immediately contact the issuing institution.
If there are any doubts about the content, you can call the “165” Fraud Prevention Hotline of the National Police Agency for verification. If your card is unfortunately skimmed, it is important to follow these two steps:
1. Notify the bank to freeze the card: The bank will verify personal information and supporting documents (such as signed receipts and refund forms). After the verification is completed, the bank will assist in deactivating the card and issuing a new one.
2. File a police report: Prepare the necessary documents to report the skimming incident to the police. Due to the longer processing time for disputed transactions, it is important to report to the police as early as possible if there are any problems.
How to prevent credit card skimming? FSC implements 5 measures
In order to prevent credit card skimming, the FSC has also implemented five measures:
Lowering the threshold for instant notification of credit card online transactions
Considering the decreasing average amount of fraud and the fact that most incidents occur during online transactions, the FSC has lowered the threshold for instant notification of credit card online transactions from NT$5,000 to NT$3,000. The issuing institutions may also consider adopting even lower temporary notification thresholds.
Strengthening the content of OTP verification messages
If the purpose of the OTP verification message is for transaction authentication, it should include the amount of the credit card transaction. If it is for card binding verification, the message should clearly state “credit card binding verification”.
In addition, the FSC has requested issuing institutions to display the currency code of the transaction amount in Chinese rather than English in OTP verification messages by the second quarter of 2024. This will facilitate accurate verification by the public.
Enhancing anti-skimming measures for mobile payments
This measure includes identity verification mechanisms when binding credit cards to mobile devices, as well as reminder mechanisms after the binding process.
If digital payment service providers (such as Apple Pay, Google Pay, and Samsung Pay) provide the applicant’s mobile number to the issuing institution, the issuing institution should confirm that it matches the mobile number registered with the institution before proceeding with subsequent procedures such as sending OTP verification messages. The issuing institution should immediately notify the cardholder via text message, email, or other means after the cardholder completes the binding process, informing them that their credit card has been bound to a mobile device and that the device has contactless payment functionality. This notification should also include anti-fraud warnings, strengthening information communication with the cardholder, and providing early warning of possible fraudulent activities.
Supervising issuing institutions to strengthen credit card transaction authorization monitoring
The FSC requires issuing institutions to adjust the monitoring parameters for credit card transactions by analyzing suspicious transactions and types of fraud, thereby strengthening the authorization monitoring mechanism.
Promoting the importance of OTP verification
Issuing institutions are requested to promote the importance of OTP verification in various channels such as official websites, mobile banking apps, and credit card statements. The public should properly keep their OTPs and avoid providing them to third parties or entering them on unfamiliar websites.
Furthermore, the FSC has requested the Chinese National Association of Bankers to include the importance of OTP verification in the “Guide to Preventing Credit Card Skimming” e-book. The association will announce the completion of the e-book on its website and provide it to issuing institutions for further promotion to customers.
The FSC once again reminds the public to be cautious of various false messages, phishing text messages, and single-page ad scams, and to avoid clicking on links from unknown sources in text messages or web advertisements. It is important to protect the security of personal information such as credit card numbers and OTPs. Please read the content of OTP verification messages carefully and confirm that the currency, transaction amount, and purpose match before proceeding with the transaction or binding. The FSC will continue to monitor credit card fraud patterns and consider appropriate preventive measures to reduce the risk of skimming for the public.
Edited by: Lin Mei-Xin