Cybercrime analyst Kimberly Zenz, of US-based firm iDefense, says the adoption of the EMV chip and pin credit card security standard in Europe means criminal syndicates are having difficulty using stolen card data there. But the same European card information can be used to rip off Australian merchants because the extended authentication made possible by EMV is unavailable here.
"Australia's had problems with this because it takes cards... from the UK that [fraudsters] cannot use in the UK," she told Risky.Biz. "They'll come and use them here for that reason, because here they don't have... [EMV] in place."
Cultural ties between Australia and the UK make the fraud even more appealing to crooks, Zenz argues.
"There's a lot of connections between the UK and Australia," Zenz said. "It's reasonable to expect British cards would be used here. What they're doing is looking for other places to use these cards because it's a lot harder to do it in their own country."
While Zenz won't reveal specific intelligence, she insists it's a significant problem in the Australian market. "It definitely is happening in Australia," she says. "It's always about maximum return for minimum risk and cost."
Universal adoption of a standard like EMV may seem like a simple solution, but the reality is more complex, Zenz says. "The question then becomes if it became universally rolled out, what would they do next? Would they find a solution or would they move on to something else. That remains to be seen."
Risky.Biz's podcast interview with Kimberly Zenz can be found here.
Want more security news like this? Sign up for our newsletter here.