Several weeks ago, we began getting calls from a few clients asking us whether specific versions of MasterCard payment cards had omitted the use of the UV security feature on their card-stock. After receiving maybe half a dozen of these calls, we began trying to learn more about this.
Finally, we reached a Vice President in the fraud department at MasterCard, who told us that the UV security feature was “no longer part of the required design/style elements” dictated by MasterCard. To clarify what this means - MasterCard doesn’t produce credit cards themselves, but leaves design and production in the hands of their licensed card issuers (like banks and credit unions), who themselves contract the work out to professional payment card production facilities. MasterCard issues certain required design guidelines, such as where and what size the MasterCard logo can be placed, what information needs to be presented, etc.
When asked why they were no longer requiring the UV feature in their design guidelines, he told us “because the security for the MasterCard is now self-contained in the RFID chip”.
If you know anything about the success of the roll-out of the “EMV” chip-enabled credit card protocol in the United States, then you know that this statement contains both good and bad news. The good news is that, indeed, EMV chip-cards have significantly reduced in-person credit card fraud. That’s because the chip is necessary to generate the random encryption codes that enable transaction authorizations to take place.
But, there are two “bad news” parts of this story. First, not everyone is up and running with EMV credit card processing yet. The latest statistics show that about 1 in 3 merchants are still not using chip-enabled readers or networks. So, if you haven’t updated your equipment, then this EMV protection not only doesn’t cover you, but likely you are being targeted by bad-guys who share on social-media sites just where, exactly, they can go to find retailers and other businesses that are not yet compliant with EMV systems.
The second piece of bad news - The EMV chip does not guarantee that the person presenting the card is, in fact, the card’s owner!! So, the EMV chip does not prevent instances of a stolen or lost credit card being used by another person.
What Should Businesses Using FraudFighter UV Detection Scanners Do Now?
We have always advocated the use of UV counterfeit detectors - like the UV-16 and POS15 models – to check ID documents during transactions. From a very basic-level perspective, the practice of verifying ID documents will serve as a remarkable deterrent to fraudulent transaction behavior.
FraudFighter UV counterfeit detectors can continue to both DETER and DETECT credit card fraud when they are used to ensure that the person presenting the credit card is the same person whose name in on the credit card.
When ID document verification using UV is coupled with matching the name on the credit card to the name on the ID document, then the UV lights you are already using can continue to be a terrific method to detect a case of fraudulent and/or stolen credit card usage.
FraudFighter publishes an annual companion booklet to enhance the use of our UV detectors in the United States for ID document authentication. The Driver License UV Security Feature Reference Guide contains images of the US state driver licenses as they should appear under UV light. This will give your transaction-level employees a quick and handy resource they can use to confirm what UV features they should be able to see on the ID documents they are verifying.