Next-Gen Debit

Deep Dive: Assessing And Tackling Debit Card Fraud


Fraudsters have grown adept at finding debit cards’ weak points, and merchants are struggling to keep up. Losses due to false credit and debit card declines — in which merchants reject legitimate orders on the mistaken belief that they are fraudulent — grew to $118 billion last year and are projected to reach $443 billion by 2021. Fraudsters are increasingly savvy, though, and retailers cannot afford to relax much. 

Cybercriminals have more opportunities than ever to swipe debit card numbers and PINs from online consumers, and false websites, large-scale data breaches and skimming tools can compromise account information. Debit card fraud can have far-reaching consequences that extend beyond those of credit card fraud, as debit technologies link directly to customers’ bank accounts. This connectivity can make debit a valuable asset for consumers who want protection against the overspending encouraged by credit, but it can also prove dangerous if bad actors take control. It is, therefore, critical for banks and payment providers to bolster the protections they offer debit cardholders, especially as fraudsters’ attacks grow more complex and varied. 

Debit card providers must protect against skimming tools targeting both online and brick-and-mortar purchases, guard against malicious website links and verify customers properly. They must also ensure that their security measures can keep up with cybercriminals capable of snagging cardholders’ details in milliseconds. Preventing or minimizing damage caused by fraud is critical to maintaining customers’ trust and loyalty, after all. 

Fraud And The Problem Of Convenience

Consumers are increasingly relying on debit rather than credit cards to make online purchases, with one report noting that one in four debit transactions are now made without cards being physically present. Consumers — especially those in the U.S. — are more likely to utilize debit cards as their primary purchasing method, too, linking them to mobile wallets and using them for most of their daily payments. 

Debit cards offer users convenience, ease and speed, but these qualities can also make it harder to protect cardholders from bad actors. Consumers’ propensity to reach for their debit cards gives cybercriminals ample opportunities to snag their details. The likelihood that fraudsters will make off with untethered or weakly protected payment information grows each time a consumer swipes a card. 

Skimming tools are frequently used by bad actors to access consumers’ sensitive payment information, as these devices can be attached to ATMs, gas station pumps, point-of-sale (POS) systems and other payment terminals. Skimming can be almost impossible to detect, and cardholders often do not realize their information has been stolen until long after the fact. It is thus up to card issuers and payment professionals to protect their data by carefully monitoring ATMs for unwanted hardware and other fraud tools. 

Fraudsters’ tactics are evolving as transactions for everything from groceries to gasoline move online, and phishing and false link scams have become particularly popular. Online sales do not rely on PINs or chip technology to secure debit transactions, and they often ask users to input security codes to complete their purchases. Even sites that employ additional authentication measures — such as sending text messages or emails to verify customers’ identities — can be subject to data breaches. 

How Banks Are Responding To Fraud Concerns

Banks and payment providers are focused on fighting debit card fraud, and many are experimenting with biometrics to ease customer verification while securing their platforms against fraudsters. Simply informing cardholders about the risks of debit fraud can also help payment players shore up their operations. Providing educational tools and information regarding typical ATOs, hacks and phishing schemes empowers consumers to play a part in keeping their data secure. 

Debit cards will likely remain popular, meaning fraudsters will continue to search for ways to access customers’ details. Making sure that consumers are informed about risks and ensuring payment security technology can keep out fraudsters are just a couple of the ways that debit providers can shield customers from fraud. 



The How We Shop Report, a PYMNTS collaboration with PayPal, aims to understand how consumers of all ages and incomes are shifting to shopping and paying online in the midst of the COVID-19 pandemic. Our research builds on a series of studies conducted since March, surveying more than 16,000 consumers on how their shopping habits and payments preferences are changing as the crisis continues. This report focuses on our latest survey of 2,163 respondents and examines how their increased appetite for online commerce and digital touchless methods, such as QR codes, contactless cards and digital wallets, is poised to shape the post-pandemic economy.