<i>Editorial:</i> Banks need to be more open on card scams

Readers of our discovery of a credit card scam on a large scale originating in Auckland city car parking buildings, will have noticed the reluctance of the card-issuing banks to say anything about it. Day after day last week, as we reported the experience of many customers whose cards had been cancelled, the banks refused to confirm the scale of the scam, how it had happened or what, beyond cancelling and replacing cards, they were doing about it.

If this non-response is designed to maintain confidence in the security of their cards it is probably doing quite the opposite. Secrecy only reinforces the suspicion that this sort of thing happens much more often than the banking industry would like to let on.

Electronic payments are a burgeoning new dimension of banking services, steadily eclipsing cash and counter services. Banking embraced the technology before the bulk of its customers, educating them in electronic transactions almost as quickly as it reduced its front office staff. It needs to find defences against electronic robbery that are at least as effective as those it had for physical security, and it would do no harm to let the public see some sign of its efforts.

Credit cards, with their generous drawing limits, long predated computerised banking, but their use has increased with the arrival of eftpos. Mechanised payments have made credit cards popular for transactions as small as a carparking charge because they can be read at entry and departure and a charge recorded with no need to find notes or fumble with coins.

But if these ubiquitous machines are not regularly checked for "skimming" devices, or the programmes they use can be entered by hackers, the industry needs to be honest about it. For customers who do not like handling cash they should be encouraging the use of stored-value cards that can be loaded with only a few hundred dollars, ample for small transactions over a week or two but hardly worth hacking or skimming.

The scam discovered last week appears not to have been a local operation. Several victims have told us their cards had been fraudulently used as far away as the United States. The Police National Electronic Crime Laboratory manager says it has the hallmarks of organised crime rings in Eastern European countries that specialise in computer fraud.

If so, it suggests New Zealand may be regarded as a soft touch for devices to be attached to ATMs, which New Zealanders adopted more quickly than people in other places and use them to a greater extent. If the issuing banks want to retain our electronic confidence, they need to share the results of the investigation they say they are making into the Auckland carparks scam.

It has been said to have been going on for years and come to light only weeks ago. There are suggestions that more than 100,000 cards may have been replaced after recording a payment at one of a number of inner city parking buildings run by the Auckland City Council.

At least Westpac Bank, which is doing the investigation, has told the council the likely extent of the problem, but has asked the council to help keep it quiet. Why?

The Bankers' Association considers that card holders need to know only that they will not be held liable for debts fraudulently incurred and that everyone who has used their card at one of the council carparks will have it replaced.

The industry might save itself some of that cost and trouble if it could bring itself to have a little more confidence in the public. If it routinely admitted when these things happen, and how, people could be more alert to the signs, more careful about where they used their cards, and more likely to use debit cards with low limits. Or is that the banks greater fear?

One way or another, card customers pay for fraud. The banks owe them more information and accountability.