US is main source of EU credit card fraud - Europol
Data breaches in the US account for most of the credit card fraud affecting the EU, a new police report says.
Criminal gangs are making about 1.5bn euros (£1.2bn; $2bn) annually from such fraud, the EU police agency Europol says, regretting that compliance with new security features remains patchy.
In 2011 nearly all fraud involving EU cards took place outside the EU. Chip-and-PIN security used in the EU is not yet global, Europol notes.
Such fraud cases overseas have risen.
Besides the US, the fraud networks are also very active in Brazil, Colombia, the Dominican Republic, Mexico and Russia, Europol says.
"So far most of the credit card numbers misused in the EU have come from data breaches in the US," Europol says, adding that most illegal face-to-face card transactions with EU-issued cards also happened in the US.
In 2011 alone nearly 727m payment cards were issued in the EU.
Fraudulent "card-not-present" transactions, where personal data is stolen on the internet, account for about 60% of the losses from credit card fraud, according to Europol.
The agency is launching a new Cybercrime Centre in The Hague this week, dedicated to fighting such crimes.
Europol notes a range of problems in tackling credit card fraud:
- Proper regulations for reporting data breaches to police are lacking
- Criminals operate in complex international networks, exploiting gaps in police and justice co-operation
- Often the crimes take place online in several countries, with numerous people involved
- Data thefts on the internet usually involve huge quantities of personal data, which criminals then sell on the internet.