About


Take On Payments, a blog sponsored by the Retail Payments Risk Forum of the Federal Reserve Bank of Atlanta, is intended to foster dialogue on emerging risks in retail payment systems and enhance collaborative efforts to improve risk detection and mitigation. We encourage your active participation in Take on Payments and look forward to collaborating with you.

Take On Payments

« May 2013 | Main | July 2013 »

June 24, 2013


The Forgotten Check

The paper check—remember those things that came 25 to a packet along with a vinyl cover? You could get them in basic solid colors, with floral designs, monogrammed, or even with your favorite sports team or your pet's picture. You would have to actually sit and write out all that information and even had to record the amount you needed twice, once in figures and once spelled out. (Does "fifty" have an "e" or not?) If you had the style that contained a duplicate to help you remember checks you’ve written to record in the register, you had to press down hard and put the divider in so the duplicate on the next check wouldn’t pick up the writing. It's no wonder that, when electronic bill payment and other alternative payment methods came along, they were so widely and quickly accepted.

Over the last three decades, there has been an ever-decreasing use of checks, especially by consumers. Aided by the advent of Check 21, image capture, and ACH conversion, volumes have decreased to the point that by 2010, the Federal Reserve System had consolidated its 45 check processing centers to a single operation at the Atlanta Fed. Still, despite the rapid decline in volume on the consumer side, the check remains a key payment instrument for commercial customers.

Despite physical security enhancements such as watermarks and holographs and services such as positive pay to detect unauthorized checks, the low-technology aspects of the paper check make it an appealing target to the less-sophisticated criminal. With knowledge of the routing-transit number and account number, criminals can quickly create a counterfeit check displaying high-quality graphics. Since signatures are generally checked only on a random basis and on extremely large dollar items by the drawee bank due to bulk filing process, passing "bad paper" at a number of locations in a short period of time can result in sizeable losses. Based on the Financial Crimes Enforcement Network's 2012 SAR [Suspicious Activity Report] Activity Review—By the Numbers, the number of check-fraud SARs increased 6 percent over 2011 and represented the largest category of fraud-related SARs in 2012.

While much of the risk management effort these days is focused on electronic payments, be sure not to forget about the paper check. It is obvious the crooks haven't.

Dave LottBy Dave Lott, a retail payments risk expert in the Retail Payments Risk Forum at the Atlanta Fed

June 24, 2013 in check fraud, checks | Permalink

TrackBack

TrackBack URL for this entry:
https://www.typepad.com/services/trackback/6a01053688c61a970c019103c60619970c

Listed below are links to blogs that reference The Forgotten Check:

Comments

Post a comment

Comments are moderated and will not appear until the moderator has approved them.

If you have a TypeKey or TypePad account, please Sign in

June 17, 2013


Security versus Privacy: Finding the Right Balance

The national news headlines over the last two weeks have again heated up public discussion on the issue of when the collection of data about the activities of individuals considered necessary to identify criminal or terrorist threats crosses the line to become an invasion of privacy. This issue has become increasingly complicated as data collection, storage, and analytics have advanced and become less expensive, faster, and more sophisticated. At the same time, people are participating more in electronic communications, transactions, and activities creating additional electronic footprints that can be tracked and analyzed.

Many consumers don't seem to mind providing personal information to retailers if they in turn receive some sort of "members only" benefits in the way of rewards programs, preview ads, discount coupons, or other special offers. Many people also appear to be willing to provide individual and family information on social media sites, where it can be gathered by criminals or law enforcement agencies and used with the information that they collect from devices we can’t seem to live without—our mobile phones, our laptops, and so on—to establish profiles of certain behaviors.

I believe that most people in the security and IT industries have a good understanding of the data collection efforts that are under way, both in the public and private sectors. For them, the recent revelations came as no surprise. But I wonder how many consumers, when they click on the "Accept" button to indicate they agree to a site's terms and conditions, really understand what data are being collected or how those data are being used and by whom. This is a question that those in the public sector have debated for some time, as evidenced by the Cyber Intelligence Sharing and Protection Act (CISPA) that passed the House but stalled in the Senate in 2012 after major protests from the online community, which viewed the bill as a threat to individuals’ privacy.

Should there be improved transparency by the various companies that collect the data? Perhaps they could disclose in simple terms what information they collect, how they use it, whom they share it with, and how long they retain it. The fine print of those agreement blurbs may already contain much of this information, but would clearer disclosures make consumers more or less likely to agree to share their personal information and activities? And what about the option for the consumer to select the various types of information they would be willing to share instead of the “all or nothing” option they generally face today? We welcome your thoughts on this subject.

David LottBy David Lott, a retail payments risk expert in the Retail Payments Risk Forum at the Atlanta Fed

June 17, 2013 in privacy | Permalink

TrackBack

TrackBack URL for this entry:
https://www.typepad.com/services/trackback/6a01053688c61a970c01910373018e970c

Listed below are links to blogs that reference Security versus Privacy: Finding the Right Balance:

Comments

Post a comment

Comments are moderated and will not appear until the moderator has approved them.

If you have a TypeKey or TypePad account, please Sign in

June 10, 2013


What Do the Elderly and Military Personnel Have in Common?

I recently took close notice of the Federal Trade Commission's 2012 Consumer Sentinel Network Data Book because the report reveals that two states within the Federal Reserve Bank of Atlanta's footprint, Florida and Georgia, have the highest rates of identity theft in the United States. In 2012, Florida had 361.3 identity theft complaints per 100,000 people, followed by Georgia, with 193.9.

On closer inspection of the report, I learned that nearly half of identity theft complaints stem from "government documents or benefits fraud," and more than 93 percent of these complaints are tax- or wage-related fraud. In Florida and Georgia, government documents or benefits fraud accounts for 72 percent and 66 percent, respectively, of identity theft complaints. What could be the reason behind this high incidence of identity theft in these two states?

Two things stand out in terms of their population. For Florida, it is the "oldest" state; it has the highest percentage of its population comprised of people aged 65 or older. For Georgia, it is a "military" state, with a higher percentage of its population comprised of active military and civilian personnel than most other states. In fact, of the four Georgia metropolitan areas that rank in the top 15 for identity theft complaints in the United States, three have a significant military presence. Atlanta, ranked #8, is the outlier.

The identity theft rate in Florida doesn't come as a big surprise given its elderly population and the rising incidence of financial crimes targeting that population segment. (A Portals and Rails post highlighted this trend about two years.) But I was surprised to see Georgia ranked second, though maybe I shouldn't have been with the large number of military bases in the state. Identity theft among those in the military has been an ongoing problem. In fact, a West Point professor, Lieutenant Colonel Gregory Conti, wrote about this significant problem in 2010.

Presumably, other factors beyond high rates of elderly and military populations played a role in catapulting Florida and Georgia to the dubious position of tops in identity theft complaints. However, we can't overlook that both the elderly and military personnel are prime targets for identity thieves. What can those institutions and entities that serve these segments of the population do to educate them on the dangers of identity theft and prevent them from becoming victims of this crime?

Douglas A. KingBy Douglas A. King, payments risk expert in the Retail Payments Risk Forum at the Atlanta Fed

June 10, 2013 | Permalink

TrackBack

TrackBack URL for this entry:
https://www.typepad.com/services/trackback/6a01053688c61a970c0191032de177970c

Listed below are links to blogs that reference What Do the Elderly and Military Personnel Have in Common?:

Comments

Post a comment

Comments are moderated and will not appear until the moderator has approved them.

If you have a TypeKey or TypePad account, please Sign in

June 3, 2013


Do Digital Currencies Need Bank Secrecy Act Regulations?

Nearly two years ago, a Portals and Rails post looked at digital currencies and posed the question, "Will the use of alternative currencies gain popularity in the criminal world?" It appears that the answer to the question is "yes." According to the recent indictment of a digital currency provider, the currency under question "was designed to give criminals a way to move money earned from credit card fraud, online Ponzi schemes, child pornography and other crimes without being detected by law enforcement," ultimately building up a $6 billion money laundering operation.

At the heart of the issue with this particular digital currency is its anonymous nature. Payment instruments that provide anonymity do attract the criminal element. Anonymity is a major reason cash remains king when it comes to payments for illicit activities. The anonymity that prepaid cards provided in their earlier years attracted the criminal element, which ultimately resulted in regulators attaching Bank Secrecy Act/anti-money laundering (BSA/AML) regulations to these instruments.

There is no doubt that digital currency has benefits over paper and coins. The convenience of not having to lug around paper and coins is appealing to me, as is the fact that I wouldn't feel the need to scrub my hands after handling digital currency since it's no secret that paper money and coins are dirty. I am all for the success of digital currencies and can't wait for them to become more mainstream. But I believe that as long as any digital currency continues to support anonymity, it will be difficult for that to happen.

While regulation can stifle innovation, I believe that BSA/AML regulation of digital currencies could help increase the adoption of this type of payment instrument by the mainstream. One need look no further than the prepaid card industry to understand the potential impact. Many factors have played into that industry’s phenomenal growth rate, but the BSA/AML regulatory requirements also played a role by providing a credibility to prepaid cards that did not exist in their infancy.

What are your thoughts on the need for BSA/AML regulation of digital currencies?

Douglas A. KingBy Douglas A. King, payments risk expert in the Retail Payments Risk Forum at the Atlanta Fed

June 3, 2013 in cybercrime, emerging payments, money laundering, regulations | Permalink

TrackBack

TrackBack URL for this entry:
https://www.typepad.com/services/trackback/6a01053688c61a970c01901cef3bcf970b

Listed below are links to blogs that reference Do Digital Currencies Need Bank Secrecy Act Regulations?:

Comments

Great Post.
In my opinion all e-currencies need to be regulated, specially the more popularly used ones. It will be sad to see another one going down like LR.

Posted by: Bhagesh Nair | June 4, 2013 at 04:48 PM

Post a comment

Comments are moderated and will not appear until the moderator has approved them.

If you have a TypeKey or TypePad account, please Sign in

Google Search



Recent Posts


Archives


Categories


Powered by TypePad