June 15, 2012 at 7:27 AM ET
First the bad news: It's getting harder for banks to prevent scammersto access your bank and credit card accounts. Now, the good news: Banks are getting better at detecting it when your account is compromised.
In other words, the chances that you will be a victim is up, but at least the bank will discover it quicker. That’s the conclusion of the just-released Annual Card Issuers’ Safety Scorecard from Javelin Strategy & Research.
This is the third year in a row that fraud prevention has declined.
Javelin says credit card fraud is up 87 percent since 2010, resulting in a total loss of $6 billion.
“The good news is that a combination of work that banks are doing and work that consumers are doing is causing people to detect these frauds quicker, so we’re not seeing an increase in dollar loss,” says Jim Van Dyke, Javelin’s president and founder.
Van Dyke sees a positive trend: Credit cardholders are more likely to want to get involved in their own protection. He believes this is an important way to equalize the technology race between you and the bad guys.
“With all these mobile devices and the online access to your bank account, there’s a lot of opportunity out there to stop criminals in their tracks,” Van Dyke says.
Javelin analyzed and ranked the top 23 card issuers in the U.S. for fraud prevention, detection and resolution. Bank of America was ranked best overall for 2012. B of A was also best in prevention.
“They’re doing a great job with the authentication and the electronic alerts,” Van Dyke tells me.
Capital One was named best in detection. There’s a four-way tie for best for resolving fraud problems: American Express, Bank of America, BB&T and Discover.
I spoke at length with Jim Van Dyke about the new Javelin research. Here are the highlights of that conversation.
Q: Is card fraud up because the bad guys are doing a better job or consumers are being more careless or the banks aren’t doing a good enough job of protecting us?
A: Banks are working pretty hard. The criminals just change their methods so fast that it’s hard for the average consumer to keep up.
Credit card issuers are always looking for ways to protect the consumer. And again it’s a race between the bad people and the good people. Fraud is going up because of criminal sophistication and a lot of consumers simply don’t protect themselves. They don’t put anti-malware software on their computers. They don’t protect their mobile devices. They don’t have a password on their mobile device which is essentially a full-fledged computer walking around.
We find that there is a lot of new technology that people can take advantage of, especially related to mobile. You can monitor what’s going on in your accounts all the time. And in one out of two fraud cases, you the consumer can be the first to detect the fraud.
Q: Your conclusion in the report is “credit card issuers should prioritize preventing fraud.” What kind of things should they be doing to protect me?
“The specific capabilities they use are really all about harnessing the latest technology to stay ahead of the bad guys. One method is authentication: using technology and interaction with the customer to prove that it’s really you, because with identity crimes the problem is mistaken identity.
They can do that by ‘fingerprinting’ your device to see if that’s the same computer logging in from the same place. And if not, throw a couple of security questions your way.
Also, they need to get people to sign up for these electronic alerts. Turn off the paper statements because they are really just a way of sending private data around.
Q: A lot of financial institutions ask security challenge questions, but they’re the real obvious stuff that would be on a social media site: your high school, your mother’s maiden name, the name of your pet. I ran across a financial site recently that let me create my own challenge questions. That seems so much better. Why isn’t that industry practice?
“You make a great point. They need to stay away from things that we post online or somebody could even get from a genealogy site, that sort of thing. What’s best is to allow the individual to come up with their own information.
Then along with the secret questions and password, they should filter out what looks like obvious choices. If you’re the bank, send people a notice that says, ‘Don’t use 1,2,3,4 for your password,’ or ‘Don’t use a piece of information, such as your dog’s name. It’s too obvious.’ ”
We have a website called ID Safety where you can find out how to protect yourself.
More from msnbc.com business: