Stored value cards, which may also be known as gift cards, prepaid cards, shopping cards or fare cards, prepaid Mastercard™ and Visa™ cards (instant issue) among other names, are very popular with both consumers and retailers. The wide appeal of stored value cards, as a result, has attracted the unwelcome attention of criminals seeking to exploit the conveniences and automated processes afforded by such cards. In particular, such criminals misappropriate and manipulate stored value cards and associated account information to perform fraudulent transactions. Stored value card fraud is typically perpetrated in the form of either at the physical point of sale (POS) or “card present” fraud, or for virtual POS purchases or “card not present” (CNP) fraud. The latter includes transactions such as in e-commerce or internet purchases that cannot be authenticated using “standard” processes used at the physical POS.
A stored value card is typically the size and shape of a conventional credit card (CR80 Card) and includes a magnetic stripe, barcode or other similar activation method, account identifying element, or means for using the card. The stripe, code, account identifying element, etc. on the card is encoded with data, which includes a unique account number. The account activation indicia, for example, may be visible while the card is secured in or secured to packaging, such that the account activation indicia may be used during the purchase and activation of the card.
Commonly, stored value cards are displayed by retailers for purchase by customers. The cards may be stored in an active or inactive state. If stored in an inactive state, the card cannot be used to purchase goods or services until the card has been activated. A customer may have a card activated by bringing a card to a cashier and having the cashier then, for example, swipe the card through a point of sale terminal, which may add value to the card in exchange for payment, or activate value already on the card. In this context, the “swipe” action could involve passing a card (or its packaging) though a magnetic strip reader/writer; or passing the card or package over a barcode scanner; or putting the card or package in the vicinity of a proximity reader/writer (such as, for example, an RFID reader/writer), or any other equivalent activation technique. A balance on the card may be maintained within a computer system located at the point of sale or at a remote location. A holder of the stored value card may then use the card to purchase goods and/or services immediately or over time up to the value of the card. These current procedures relating to stored value cards, although providing convenience to consumers, leave the cards vulnerable to criminals.
One particular fraud that is perpetuated by criminals with regard to stored value cards is called “skimming.” Skimming is a serious problem resulting in significant loss to both retailers and consumers, and applies to both card present and CNP fraud. To skim a card having a magnetic stripe holding account information, for example, a criminal will purchase a stored value card from a retailer, thereby causing an account associated with the card to become activated. The criminal will then remove additional cards from the store that have not yet been activated, and will then alter magnetically stored information on the inactivated cards to match that of the activated card. As such, all of the altered, inactivated cards will have the magnetic information that identifies the account of the originally purchased card. The criminal will then return the altered cards to the store shelf where unsuspecting customers seeking to purchase a stored value card will unknowingly place money into the account of the criminal holding the originally purchased card. The unsuspecting customer may attempt to use their card and will be told that it has no associated value or has a smaller value than thought. The retailer may be able to verify that the customer did not use the value associated with the stored value card, and in the interest of customer service, may restore the value to the customer. In that case, the retailer loses the money. However, in some cases, there may be no way to prove fraud and the customer may lose up to the entire value.
Another type of fraud that is perpetrated by criminals with regard to stored value cards is unauthorized activation. Specifically with secure packaging, activation indicia, such as a barcode, is printed on the card and positioned beneath a perforated pull tab. Account information, such as a PIN or account number, is also on the card and sealed within package. Fraud is perpetrated when a criminal takes a stored value package from a retailer without purchasing the card. The criminal will then carefully remove the card from the package, and steal account information from the card and either replace the card within the package or with another card with an activation barcode, and carefully reseal the pack. The criminal rehangs or replaces the package at the retailer location. The criminal then waits until package is sold by visually checking if pack is still on rack or attempts to check balance online. An unsuspecting customer then purchases the package and activates the stored value card, unknowingly placing money into the account of the criminal holding the originally purchased card or with access to the original account information. The unsuspecting customer may attempt to use their card and will be told that it has no associated value or has a smaller value than thought.
Another fraud perpetuated by criminals is carried out by the criminal viewing stored value cards in the store. The criminal writes down the code associated with the particular stored value card (such as a credit card type number) while it is still in the store. In such situations the code is in plain view of the criminal or may be easily viewed without altering the card packaging. Once the criminal has recorded the code, the criminal waits for a period of time, assuming that an unsuspecting customer will purchase and have the card activated during that time. The criminal then periodically checks to see if they are able to make purchases, such as online purchases (CNP fraud), by attempting to use the card code. If the card has been activated by the true purchaser, the criminal will be able to purchase goods online using the activated code, thereby stealing the balance on the card from the true purchaser.
Criminals may perpetuate the above-described frauds or other frauds with regard to stored value cards as they sit on store shelves today. Thus, there is a need for a way to protect such cards and insure that they have not been tampered with or duplicated prior to purchase or activation by an innocent consumer.
There have been proposals and attempts to reduce the occurrence of fraud associated with stored value cards. For example, modifications to card readers or other parts of the activation process have been proposed, but changing existing systems in such ways involves significant cost. Additional steps have been added to the activation process for some cards, such as steps involving pin numbers and web access. However, additional steps reduce the level of convenience that such cards provide to consumers.
Other attempts at reducing the occurrence of fraud include packaging of the card such that unauthorized tampering with the packaging or card therein is visually evident. Examples of these types of secure packs can include, for example, sealing the card, sensitive information concerning the card, or combinations thereof within a single or multi-panel carrier such that a breach of the package destroys the carrier. However, these packages have been vulnerable to breach by the use of a sharp instrument, such as a razor blade, to slice open the package at its sealed edge. The card and/or information are then accessed for skimming purposes, and the package is resealed, without evidence that it has been compromised.
Therefore, there remains a need for a way to prevent fraud relating to stored value cards that is effective, and inexpensive to implement, while at the same time not negating the convenience of stored value cards.