92002E3328

WRITTEN QUESTION E-3328/02

by Toine Manders (ELDR) to the Commission

(25 November 2002)

Subject: Cash card fraud

There is currently talk in the Netherlands of large-scale cash card fraud (see, inter alia, ANP press report of 18 October 2002). PIN number fraudsters appear to copy the data from cash cards by placing a small box in cash dispensers and then transferring the data to a blank card. As soon as they have obtained the PIN code of their victim by cracking or copying the code, the victims' accounts are quickly cleared by phantom withdrawals made with the help of these falsified cards, while the unsuspecting account holders still have their cash cards in their possession. Banks are covering up the situation for fear of losing their customers, and assuring clients that electronic means of payment and the security devices protecting them are fraud-proof.

Consumers have become largely dependent for their financial transactions on electronic banking and electronic means of payment, and are now in danger of becoming victims of these. The rise in the number of recent cases both at home and abroad and the amounts involved make new policies both desirable and necessary. The introduction of the euro and the agreement reached earlier this year by European banks whereby cash can be withdrawn free of charge from dispensers throughout Europe using a national cash card are positive developments in European financial policy, which are, however, being overshadowed by this fraud. The cash card fraud is thus counteracting the positive effect of European policy in this area.

Electronic payment has a significant role to play in the completion of the single financial market in 2005. A loss of consumer confidence in electronic payment could constitute a serious obstacle to the completion of this aspect of the single market. The situation in the Netherlands thus has European implications, making this a European problem requiring a clear European solution.

1. Is the Commission aware of the above situation?

2. Does the Commission agree with the conclusion that this large-scale fraud is undermining consumer confidence in electronic payment and in so doing preventing the completion of the single financial market?

3. Is the Commission prepared to take action in response to the situation described above and, if so, what action?

Answer given by Mr Bolkestein on behalf of the Commission

(8 January 2003)

1. The Commission is aware of the situation mentioned by the Honourable Member.

2. The Commission agrees with the Honourable Member's conclusion. The type of fraud described, where a blank counterfeit card is created and the PIN code is captured through different means (shoulder surfing, use of hidden cameras, etc.) is unfortunately not taking place only in the Netherlands and the modus operandi described is well known by payment industry investigators and law enforcement officers.

In order to reduce counterfeit fraud, the payment card schemes and the banks are deploying substantial resources in order to introduce chip cards in all Member States and in many third countries as well. The data on the card will no longer be stored in the magnetic stripe, but in the chip. This will make their duplication extremely difficult. The payment card schemes and the banks are committed to introduce chip cards in all Member States by 2005. The late deadline is due to the huge number of cards to be re-issued and of the equipment (terminals, automated teller machines, etc) to be replaced or modified.

3. As a result of Resolution No C4 0455/98 of the Parliament, the Commission is taking action to increase the security of payment transactions. To prevent fraud and counterfeiting of non-cash payments, the Commission adopted in February 2001 a three-year Fraud Prevention Action Plan based on a partnership among all stakeholders. It provides for five main areas and 11 main actions that the Commission and other parties should undertake. Security improvements are the main priority of the Action Plan, which supports the introduction of the highest economically viable level of security.

Discussions on security issues, including on the progress in the migration to chip cards in the Union, take place regularly at the meetings of the Union Fraud Prevention Experts Group, the steering group for the implementation of the Fraud Prevention Action Plan.

The Commission will organise in 2003 a Conference on the security of payments in the Internal Market, with a view to improve information on the security of modern payment products and systems.

By the end of 2003, the Commission will report to the Parliament and the Council on the progress achieved with the Fraud Prevention Action Plan and propose, if necessary, further action.

The eEurope Smart Cards Initiative of the Commission also provides for actions aimed at stimulating financial institutions to use chip cards for payment applications (supporting the remedy described in point 2 above).