Wednesday September 20 3:35 PM ET

Credit Card Cos. Use Web Fraud Fears for Marketing

LINK

By Mary Kelleher

NEW YORK (Reuters) - U.S. credit card companies portray themselves as watchdogs guarding customers against Internet fraud, but some of their security measures are just clever marketing tools to win new customers.

Credit card theft occurs three to 10 times more online than it does in stores, and such card companies as American Express Co. are rushing to devise online security measures to protect people.

But don't believe all the hype, analysts say. Some card companies' security steps offer minimal protection and simply polish a company's image among consumers. People usually are not liable for online purchases made with stolen account data regardless, and retailers lose the most to Web thieves.

``People are nervous about fraud and American Express is smart to capitalize on it,'' said Avivah Litan, an analyst at research firm Gartner Group. ``It's a marketing ploy by American Express.''

American Express, a New York-based financial services company best known for its green charge cards, said earlier this month it will give its U.S. cardholders disposable, unique numbers for each online purchase so they do not have to give out their account number on the Web.

The feature, called ``Private Payments,'' will protect people from account and identity theft, which now is one of the biggest obstacles to a boom in Internet commerce.

``There have been many cases where merchant databases have been hacked,'' Judy Tenzer, an American Express spokeswoman, said. ``Private Payments will ensure that once a customer makes a purchase, once he uses this random number, it will expire even if a thief gets it from a merchant site or somewhere else.''

Fraud On The Rise

Online fraud is rising as the appeal of Web shopping widens. It is much tougher to detect stolen account data on the Internet because a shop owner cannot look at the buyer or check the signature on the back of a card, analysts said.

Among recent high-profile cases, a federal judge ordered three Californians to pay $37.5 million for billing 700,000 credit card holders for visits they never made to X-rated Web sites. Many of the cardholders wrongfully charged did not even own computers, the Federal Trade Commission said.

Earlier this year, hackers broke into online music retailer CD Universe and stole 300,000 credit card numbers, threatening to use them if the company didn't pay $100,000 in ransom.

American Express is not alone in devising ways to fight fraud, or at least fraud fears. MasterCard, a credit card network owned by major banks, announced a similar plan to replace account data with customer numbers. It has formed a group to develop digital identifications, resembling PIN numbers, for use when shopping online or over cell phones.

But some analysts say these moves ultimately will not deter card thieves, who unearth most of their card numbers either by using programs to generate random numbers or the old-fashioned way: looking over the shoulder of a person signing a credit card bill or rifling through trash cans on the street.

American Express's Private Payments system only guards against account theft that occurs on computer servers, Litan said. Most retailers also outsource their card payment processing to companies that store the numbers and have very sophisticated anti-hacker technology, she added.

``It is a good thing to do but still very limited... it really does very little to protect against fraud,'' Litan said.

Other analysts say American Express is providing a valuable service just by trying to calm consumers' anxieties.

``This is just the next thing to help the consuming public get over their security hurdles,'' said James Punishill, an analyst at Forrester Research.

War For Online Market Share

American Express's Web push comes as it trails rivals Visa and MasterCard for market share online. Only 24 percent of Internet buyers have American Express cards, while 78 percent have Visa cards, 62 percent have MasterCards and 37 percent have Morgan Stanley Dean Witter & Co.'s Discover card, Gartner Group research from February showed.

``It is important for companies like American Express that want a larger share of consumers' wallets to build up their image as fast-moving,'' said James Van Dyke, a senior analyst at research firm Jupiter Communications. ``I see the American Express move as much as public relations as anything else.''

Visa, the biggest U.S. credit card network, also has come up with a system to make sure buyers are legitimate and online transactions are secure. It also will set electronic commerce standards for buyers and sellers.

Among other Internet security efforts, leading U.S. bank Chase Manhattan Corp. on Wednesday launched a free Web service that includes a digital wallet to hide a cardholder's data and make online shopping safer.

-- (hmm@hmm.hmm), September 20, 2000