An increase in friendly fraud is worrying companies in the payments industry. Such a fraud occurs when someone buys goods from an online retailer, receives the goods in the mail but then claims the goods never arrived and asks for a refund.
Another example is when a punter loses a lot of money on an online betting site and claims that someone else had access to his or her credit card.
The vice-president of client solutions at First Data, Peter Cowan, said that as people became more comfortable with purchasing online they were becoming blasé about fraud.
Cowan, who was speaking at RFi's Australian Consumer Finance Forum in Sydney yesterday, said: "People who transact online know that if they are victims of fraud they get their money back. A growing number of people are abusing that security protection."
Australian Payments Clearing Association figures released in June show that the greatest increase in payment fraud in 2010 was in card-not-present transactions. These include online, mail and telephone transactions where payment is made by credit or by scheme debit.
Card-not-present fraud increased by 38 per cent in 2010, compared with the overall increase in fraud of 16 per cent.
Eftpos fraud, while rare, may also be an emerging problem.
The Herald Sun today reports on the possible compromise of Eftpos terminals at three IGA supermarkets over recent weeks.
National Australia Bank's head of industry compliance, David Miller, told the RFI conference that fraud figures were high in late 2010 and early this year because of a number of large data centre compromise events in the United States.
Miller, who was also speaking at the Consumer Finance Forum, said: "At the same time, we observed that retailers, who have been doing it tough, were not being as diligent with security checks."
Miller said Visa and MasterCard have been reluctant to force retailers to enrol in high level security systems, but it was inevitable that they would have to use password-based transaction systems.
Cowan said: "The big online retailers are focused on making sure shoppers don't drop out before the transaction is completed.
"They don't want to introduce anything into the payment process that makes it longer or more complex."
Miller said: "It was the same with the EMV chip. Acquirers (banks who process transactions for merchants) got into EMV when it was mandated.
"What we can say is that single-factor authentication has had its day."