To reduce the losses incurred by the public due to fraud, the Financial Supervisory Commission (FSC) has implemented five measures. These include lowering the threshold for instant notification of credit card online transactions from NT$5,000 to NT$3,000 and strengthening One Time Password (OTP) verification via SMS.
The FSC points out that fraudsters in credit card fraud cases often deceive people into revealing their credit card numbers and transaction information such as OTP, which are then used for fraudulent transactions or linked to digital payment platforms like Apple Pay, Google Pay, or Samsung Pay. Common tactics used by fraudsters include:
Tactic 1: Posing as a seller or a social media community admin to obtain your transaction information. With the rise of online shopping, many people choose to make purchases online for convenience. However, fraudsters take advantage of the large audience of online transactions and often pose as admins of seller fan pages to confirm transaction information. They use fake websites to obtain people’s transaction information, leading to the leakage of important transaction information such as credit card numbers.
Tactic 2: Setting up fake websites and enticing online transactions with low-priced goods. Fraudsters target people’s desire to grab discounts and take advantage of them by setting up fake websites to trick people into purchasing fake goods and stealing their transaction information.
Tactic 3: Claiming unpaid fees to lure people into clicking on phishing links. Fraudsters deceive people who are worried about penalties by sending phishing SMS notifications about impending default fines, tax payments, or utility fees, or by claiming that their loyalty points are about to expire. They trick people into believing the messages and clicking on the provided URLs, leading them to enter their card numbers and complete the transactions.
What to do if your credit card is stolen?
If you have unfortunately entered your credit card information such as card number and expiration date, OTP is the last line of defense for completing the transaction. Without entering OTP and obtaining authorization from the issuing institution, the transaction cannot be completed.
The FSC urges people to carefully verify the content of OTP SMS, ensuring that the purpose, amount, and currency match. It is important not to blindly confirm transactions if there are any doubts. If you receive a notification from the issuing institution about credit card linking when you have not intended to do so, it is essential to contact the institution immediately.
If there are any doubts about the content, you can call the “165” Fraud Prevention Hotline of the National Police Agency for verification. If you have been unfortunate enough to be a victim of credit card fraud, there are two important steps to take:
1. Notify the bank to stop the card: The bank will verify personal information and supporting documents (e.g., receipts, refund forms). After the verification process, the bank will assist in deactivating the card and issuing a new one.
2. File a police report: Prepare evidence of the fraudulent transactions and report to the police station. As the resolution of disputed charges may take a long time, it is crucial to report to the police as soon as possible if there are any problems.
How to prevent credit card fraud? FSC’s five measures
To prevent credit card fraud, the FSC has implemented five measures:
1. Lower the threshold for instant notification of credit card online transactions: Considering the decreasing average amount of fraud and the prevalence of online transactions, the FSC has lowered the threshold for instant notification of credit card online transactions from NT$5,000 to NT$3,000. The issuing institutions can also consider adopting even lower temporary notification thresholds.
2. Strengthen the content of OTP verification SMS: If the purpose of OTP verification is for transaction authentication, it should include the amount of the transaction. If it is for card linking verification, the SMS content should clearly state “Credit Card Linking Verification.”
Additionally, the FSC requires issuing institutions to display the transaction currency in Chinese characters instead of currency codes in OTP verification SMS by the second quarter of 2024. This aims to facilitate accurate verification by the recipients.
3. Enhance measures to prevent fraud in mobile payment services: This includes identity verification mechanisms when binding credit cards to mobile devices and reminders after the binding process is completed.
If digital payment service providers (e.g., Apple Pay, Google Pay, Samsung Pay) provide the applicant’s mobile number to the issuing institution, the institution must verify that the provided number matches the one registered with the institution. Only then can they proceed with sending OTP verification SMS and other related identity verification procedures to complete the binding process.
After the binding process is completed, the issuing institution should promptly remind the cardholder via SMS or email that their credit card has been linked to a mobile device with contactless payment capabilities. The reminder should include anti-fraud warnings and strengthen information communication with the cardholder to proactively alert them to potential fraudulent activities.
4. Supervise issuing institutions to strengthen credit card transaction authorization monitoring: The FSC requires issuing institutions to adjust the monitoring parameters for credit card transactions based on the analysis of suspicious transactions and fraud patterns. This aims to strengthen the authorization monitoring mechanism for credit card transactions.
5. Promote the importance of identity verification through OTP: Issuing institutions are urged to promote the importance of OTP authentication in credit card online transactions through various channels, including official websites, mobile banking apps, and credit card statements. People should keep their OTP secure and should not provide it to third parties or enter it on unknown websites.
The FSC has also requested the Banking Association of the Republic of China to include the importance of OTP in the “Prevention of Credit Card Online Fraud Handbook” e-book. The association will announce the e-book on its website and provide it to issuing institutions to further promote the importance of OTP to customers.
The FSC once again reminds people to be cautious of various types of false information, phishing SMS, and one-page advertisements used in scams. It is important not to click on links from unknown SMS or web advertisements to protect the security of personal information such as credit card numbers and OTP. People should carefully read the content of OTP verification SMS, ensuring that the currency, transaction amount, and purpose match before proceeding with transactions or bindings. The FSC will continue to monitor credit card fraud patterns and consider appropriate preventive measures to reduce the risk of cardholder theft.