orangeblock
Menu

Who is responsible for losses as a result of credit card fraud?

11 May 2015 | Fraud/Crime | General | Candice Sutherland, SHA

Candice Sutherland, Business Development Consultant at SHA.

According to the South African Banking Risk Information Centre (SABRIC) losses due to credit card fraud increased by 23% from R366 million in 2013 to R453.9m in 2014. In addition, Gauteng, the Western Cape, and KwaZulu-Natal were responsible for 88% of all credit card fraud losses as well as the highest number of skimming devices retrieved. These alarming statistics raise the question of liability for losses as a result of credit card fraud.

This is according to Candice Sutherland, Business Development Consultant at SHA Specialist Underwriters who says when someone becomes the victim of credit card fraud, it is usually the result of a security weakness, such as spyware on their computer, or phishing, which occurs when they respond to an email from fraudsters posing as their bank to try get them to disclose confidential personal information. “The Banking Association of South Africa Code of Baking Practice clearly states: You may be liable for losses, if you acted negligently or without reasonable care and this has caused or contributed to losses.”

She adds that the Payments Association of South Africa (Pasa) has given the individual banks the discretion to decide whether to contact clients with a view to replacing cards that might have been exposed, or rather placing cards on a “heightened level of monitoring”. Furthermore, the Banking Association of South Africa Code of Baking Practice states: Protecting your card and PIN is a crucial security measure for which you are responsible.

While it is clear that consumers need to take the necessary precautions to avoid becoming a victim of credit card fraud, organisations also have some responsibility under the Protection of Personal Information Bill (POPI), says Sutherland. “Banks are in constant collaboration in the ongoing fight against fraud. An “operator” (such as PayGate) or a “responsible party” (such as the bank) can face fines of up to R10 million or up to 10 years in jail for failing to comply with the POPI regulations.”

As a result, any organisation that stores client or employees personally identifiable information should have a cyber-insurance policy in place, warns Sutherland.

A cyber insurance policy would protect the insured in the event of a data privacy breach as well as a network security breach as it provides cover for first party expenses, loss of business income, notification expenses, crisis management expenses as well as associated regulatory fines and penalties to the extent insurable by law.

While organisations can protect themselves with a cyber insurance policy, consumers need to protect themselves by being careful when using their credit card both online, in store and at ATMS, concludes Sutherland.

Tips for consumers:

Sutherland provides the following tips to consumers to better safeguard themselves against credit card fraud:

• Do not use public computers for online banking. Do not use internet cafes or unsecure terminals (hotels, conference centres etc.) to do banking.
• Use ATMs inside the bank as they are less likely to be tampered with.
• Before making purchases online, make sure that the site is 3D Secure (a site that prompts you to register for Verified by Visa or MasterCard Secure Code).
• Opt for websites that make use of reputable third-party payment processors, such as PayPal.
• Ensure that you receive SMS updates from your bank notifying you of any activity on your accounts and receive a one-time password (OTP) for each online transaction. With some banks, you receive an OTP when you shop on a 3D Secure site. These services will alert you to any fraud or attempted fraud on your account.
• Pay attention to the website address. When an internet address is prefixed with http:// it is not as safe as a site address prefixed with https:// (the “s” indicating a secure site). Note, however, that many safe website addresses start off with “http://”, but when a payment needs to be made, a new page may open, which starts with https://.
• Review your bank statements and reconcile your accounts regularly.
• Ensure that there is adequate anti-virus and security software installed and enabled on the computer you use for Internet banking.

Who is responsible for losses as a result of credit card fraud?
quick poll
Question

If you had to hazard a guess, when do you reckon the COFI Bill will be signed into law?

Answer
View the Results arrow
FAnews April 2026
THE LATEST EDITION FANEWS MAGAZINE
  • Geopolitical risk: the rising threat to global trade and insurance markets
  • The regulatory tightrope: achieving consumer protection without overregulation
  • Liability disclaimers and consumer protection: key lessons from recent case law
  • From promise to payout: the real test for employee benefits
  • Retirement planning: when the maths doesn’t math
Products & Services
Useful Links
Important Links
Jobs

© FAnews | Privacy Policy | Site Map | Website Design by Online Innovations