However, online shopping also has the highest levels of fraud and proving that the cardholder actually conducted the authorised transaction over the Internet cost Visa member banks $250m to resolve disputed charges in 2000. The problem is that 'card not present' transactions only require the card number and expiry date, so there is no way to be sure that it is the actual cardholder providing the details.
It's not surprising then that the card companies have been focusing their minds on the problem of online fraud. The challenge for them is to reduce the cost of fraud while at the same time increasing consumer confidence and encouraging more of us to buy online - whether that is through the Internet or other emerging channels including mobile phones and interactive digital TV.
Where the buck stops...
From the moment we decide to make a purchase using a credit card, there is a complex sequence of processes and organisations that handle the transaction. But in short, the key players are the card associations, the card issuers, merchants and acquirers. The card associations, also known as 'the brands', are the likes of Visa, MasterCard and Discover. The issuers are the banks who provide us with our credit cards and the acquirers are the financial services companies that process transactions on behalf of the merchants. Some large merchants will do this for themselves but most outsource to an acquirer that may also provide merchant hosting facilities.
The question of which of these parties bears the cost of online fraud is a complex one. While in most cases the cardholder is liable for his or her cards being stolen and used, the actual cost to is capped and prevented from exceeding a modest limit. The card issuer bares most of the costs associated with investigating the details of a disputed charge, which may be considerably higher if the dispute is not resolved quickly and always has the potential to damage customer relationships. However, it is the merchant that is liable for the value of the items purchased if the cardholder disputes the purchase ever happened or just refuses to pay the bill.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.