CARD-NOT-PRESENT FRAUD VICTIMIZATION: A ROUTINE ACTIVITIES APPROACH TO UNDERSTAND THE RISK FACTORS

Abstract

Banking cards, including credit cards, debit card, pre-paid debit cards and ATM cards, have become the primary payment method in online transactions. However, this popularity boosted the Card-not-present (CNP) fraud victimization. Despite numerous studies exploring technological solutions to prevent CNP fraud, there is a shortage of theoretically informed research exploring the online lifestyle correlates of CNP. This study, which utilizes the dataset of Crime Survey for England and Wales 2014/2015, addresses this gap in the literature. Routine Activities Theory was used as the theoretical and conceptual framework in this present study. Bivariate and multivariate analyses results suggested that home users’ online lifestyle increases the risk of becoming a victim of CNP fraud. Buying goods or services, accessing online government services and online communication (email/instant messaging and chat rooms) emerged as risk factors. Illustrating the impact of technological vulnerabilities (mobile phones and public access computers) on the risk of CNP fraud victimization was another novel contribution of this study. Additionally, personal guardianship measures, using complex passwords and different passwords, emerged as predictors of victimization. These results provide valuable implications for situational crime prevention efforts. Practical and theoretical implications of this study are further discussed.

Keywords

• Card-Not-Present Fraud,Fraud,Cybercrime,Identity Theft,Situational Crime Prevention,Routine Activities Theory,Security,International Relations

ÇEVRİMİÇİ BANKA KARTI DOLANDIRICILIĞI: RİSK FAKTÖRLERİNİ ANLAMADA RUTİN AKTİVİTELER YAKLAŞIMI

Abstract

Kredi kartları, banka kartı, ön ödemeli banka kartları ve ATM kartları dahil olmak üzere banka kartları, çevrimiçi işlemlerde öncelikli ödeme yöntemi haline gelmiştir. Ancak bu popülerlik banka kartlarının fiziksel olmayan kullanımı dolandıcılığı (BKFOK) mağduriyetinin artmasına neden olmuştur. BKFOK dolandırıcılığını önlemek için teknolojik çözümleri araştıran çok sayıda çalışmaya rağmen, BKFOK dolandırıcılığının çevrimiçi yaşam tarzı ilişkilerini araştıran teorik olarak temellendirilmiş araştırma eksikliği mevcuttur. İngiltere ve Galler 2014/2015 Suç Araştırması veri setininin kullanıldığı çalışmamız, literatürdeki bu boşluk üzerinde kurgulanmıştır. Bu çalışmada teorik ve kavramsal çerçeve olarak Rutin Aktiviteler Teorisi kullanılmıştır. İki değişkenli ve çok değişkenli analiz sonuçları, ev kullanıcılarının çevrimiçi yaşam tarzının BKFOK Dolandırıcılığı kurbanı olma riskini artırdığını göstermektedir. Çevrimiçi mal veya hizmet satın almak, çevrimiçi devlet hizmetlerine erişmek ve çevrimiçi iletişim (e-posta / anlık mesajlaşma ve sohbet odaları) risk faktörleri olarak ortaya çıkmıştır. Teknolojik güvenlik açıklarının (cep telefonları ve kamusal alanda kullanılan açık erişim bilgisayarlar) BKFOK dolandırıcılığı mağduriyeti riski üzerindeki etkisini ortaya koymak, bu çalışmanın bir başka önemli katkısıdır. Buna ek olarak, karmaşık parolalar ve farklı parolalar gibi bireysel güvenlik tedbirlerini kullanmak mağduriyetin tahminleyici faktörleri olarak ortaya çıkmıştır. Bu sonuçlar durumsal suç önleme çabaları için değerli sonuçlar vermektedir. Bu çalışmanın pratik ve teorik sonuçları metin içerisinde tartışılmaktadır.

Keywords

• Banka Kartı Dolandırıcılığı,Dolandırıcılık,Siber Suçlar,Kimlik Hırsızlığı,Suç Önleme,Rutin Aktiviteler Teorisi,Güvenlik,Uluslararası İlişkiler

References

1. Ahmad, Z., Zeki, A. M., & Olowolayemo, A. (2016). Security Failures in EMV Smart Card Payment Systems. Paper presented at the Information and Communication Technology for The Muslim World (ICT4M), 2016 6th International Conference on.
2. Akdemir, N. (2019). Understanding the Individual Level and Macro Level Causes of Economic Cybercrime Victimisation in the UK: A Contextual Vulnerabilities Approach to Examine Cybercrime Victimisation. Durham University.
3. Akdemir, N., Sungur, B., & Basaranel, B. U. (2020). Examining the Challenges of Policing Economic Cybercrime in the UK. The Journal of Security Sciences Special Edition, 111-132.
4. Anderson, R., & Murdoch, S. J. (2014). EMV: Why payment systems fail. Communications of the ACM, 57(6), 24-28.
5. Arango, C., Huynh, K. P., & Sabetti, L. (2015). Consumer payment choice: Merchant card acceptance versus pricing incentives. Journal of Banking & Finance, 55, 130-141.
6. Bossler, A. M., & Holt, T. J. (2009). Online Activities, Guardianship, and Malware Infection: An examination of Routine Activities Theory. International Journal of Cyber Criminology, 3(1), 400.
7. Bossler, A. M., & Holt, T. J. (2010). The effect of self-control on victimization in the cyberworld. Journal of Criminal Justice, 38(3), 227-236.
8. Bouchard, M., Wang, W., & Beauregard, E. (2012). Social capital, opportunity, and school-based victimization. Violence victims & Offenders, 27(5), 656-673.

9. Branco, B., Abreu, P., Gomes, A. S., Almeida, M. S., Ascensão, J. T., & Bizarro, P. J. a. p. a. (2020). Interleaved Sequence RNNs for Fraud Detection.
10. Bulakh, V., & Gupta, M. (2015). Characterizing credit card black markets on the web. Paper presented at the Proceedings of the 24th International Conference on World Wide Web.
11. Button, M., Nicholls, C. M., Kerr, J., & Owen, R. (2014). Online Frauds: Learning from Victims why They Fall for These Scams. Australian & New Zealand Journal of Criminology, 47(3), 391-408. doi:10.1177/0004865814521224
12. Ching, A. T., & Hayashi, F. (2010). Payment card rewards programs and consumer payment choice. Journal of Banking & Finance, 34(8), 1773-1787.
13. Choi, K.-s., Choo, K., & Sung, Y.-e. (2016). Demographic variables and risk factors in computer-crime: an empirical assessment. Cluster Computing, 19(1), 369-377.
14. Clarke, R. V. (1980). Situational crime prevention: Theory and practice. Brit. J. Criminology, 20, 136.
15. Clarke, R. V. (1995). Situational crime prevention. Crime and justice, 91-150.
16. Clarke, R. V., & Felson, M. (1998). Opportunity makes the thief: Practical theory for crime prevention. Retrieved from
17. Cohen, L. E., & Cantor, D. (1981). Residential burglary in the United States: Life-style and demographic factors associated with the probability of victimization. Journal of Research in Crime and Delinquency, 18(1), 113-127.
18. Cohen, L. E., & Felson, M. (1979). Social change and crime rate trends: A routine activity approach. American Sociological Review, 588-608.
19. Cohen, L. E., Kluegel, J. R., & Land, K. C. (1981). Social Inequality and Predatory Criminal Victimization: An Exposition and Test of a Formal Theory. American Sociological Review, 46(5), 505-524.
20. Corre, K., Barais, O., Sunyé, G., Frey, V., & Crom, J.-M. (2017). Why can’t users choose their identity providers on the web? Proceedings on Privacy Enhancing Technologies, 3, 72-86.
21. Cross, C., Richards, K., & Smith, R. G. (2016). Improving responses to online fraud victims: An examination of reporting and support.
22. Dytham, C. (2011). Choosing and using statistics: a biologist's guide: John Wiley & Sons. Field, A. (2009). Discovering statistics using SPSS: Sage publications.
23. Fisher, B. S., Daigle, L. E., & Cullen, F. T. (2010). What distinguishes single from recurrent sexual victims? The role of lifestyle‐routine activities and first‐incident characteristics. Justice Quarterly, 27(1), 102-129.
24. FTC. (2019). Consumer Sentinel Network. Retrieved from https://www.ftc.gov/system/files/documents/reports/consumer-sentinel-network-data-book-2018/consumer_sentinel_network_data_book_2018_0.pdf
25. Garg, V., & Nilizadeh, S. (2013). Craigslist scams and community composition: Investigating online fraud victimization. Paper presented at the Security and Privacy Workshops (SPW), 2013 IEEE.
26. Gillespie, A. A., & Magor, S. (2020). Tackling online fraud. Paper presented at the ERA Forum. Grabosky, P. N. (2001). Virtual Criminality: Old Wine in New Bottles? Social and Legal Studies, 10(2), 243-250.
27. Healey, J. F. (2014). Statistics: A Tool for Social Research (9 ed.). Belmont, CA: Wadsworth Publishing Company.
28. Hindelang, M. J., Gottfredson, M. R., & Garofalo, J. (1978). Victims of personal crime: An empirical foundation for a theory of personal victimization: Ballinger Cambridge, MA.
29. Ho, R. (2013). Handbook of univariate and multivariate data analysis with IBM SPSS: CRC Press. Holt, T. J. (2013). Examining the forces shaping cybercrime markets online. Social Science Computer Review, 31(2), 165-177.
30. Holt, T. J., & Bossler, A. (2016). Cybercrime in progress: Theory and prevention of technology-enabled offenses: Routledge.
31. Holt, T. J., & Bossler, A. M. (2013). Examining the Relationship between Routine Activities and Malware Infection Indicators. Journal of Contemporary Criminal Justice, 1043986213507401.
32. Holt, T. J., & Turner, M. G. (2012). Examining risks and protective factors of on-line identity theft. Deviant Behavior, 33(4), 308-323.
33. Holtfreter, K., Reisig, M., & Pratt, T. (2008). Low Self-Control, Routine Activities, and Fraud Victimization. Criminology, 46(1), 189-220.
34. Holtfreter, K., Reisig, M. D., Leeper Piquero, N., & Piquero, A. R. (2010). Low self-control and fraud: Offending, victimization, and their overlap. Criminal Justice and Behavior, 37(2), 188-203.
35. Howard, R. (2009). Cyber fraud: tactics, techniques and procedures: CRC press.
36. Hutchings, A., & Hayes, H. (2008). Routine activity theory and phishing victimisation: Who gets caught in the net. Current Issues Crim. Just., 20, 433.
37. Jackson, S. L. (2013). Statistics plain and simple: Cengage Learning.
38. Jansen, J., & Leukfeldt, R. (2015). How people help fraudsters steal their money: An analysis of 600 online banking fraud cases. Paper presented at the Socio-Technical Aspects in Security and Trust (STAST), 2015 Workshop on.
39. Jansen, J., & Van Schaik, P. J. C. i. H. B. (2018). Testing a model of precautionary online behaviour: The case of online banking. 87, 371-383.
40. Jordan, G., Leskovar, R., & Marič, M. (2018). Impact of fear of identity theft and perceived risk on online purchase intention. Organizacija, 51(2), 146-155.
41. Kahn, C. M., & Liñares-Zegarra, J. M. (2016). Identity theft and consumer payment choice: Does security really matter? Journal of Financial Services Research, 50(1), 121-159.
42. Kennedy, L. W., & Forde, D. R. J. C. (1990). Routine activities and crime: An analysis of victimization in Canada. 28(1), 137-152.
43. Kokh, M. T. (2019). Symantec Mobile Threat Defense: Using Mobile to Stay One Step Ahead of PC Attacks. Retrieved from https://symantec-blogs.broadcom.com/blogs/product-insights/symantec-mobile-threat-defense-using-mobile-stay-one-step-ahead-pc-attacks?es_p=10097396
44. Leukfeldt, E. R., & Yar, M. (2016). Applying routine activity theory to cybercrime: A theoretical and empirical analysis. Deviant Behavior, 37(3), 263-280.
45. Lipsman, A. (2019). Global Ecommerce 2019, Ecommerce Continues Strong Gains Amid Global Economic Uncertainty. Retrieved from https://www.emarketer.com/content/global-ecommerce-2019
46. Marcum, C. D., Higgins, G. E., & Ricketts, M. L. (2010). Potential factors of online victimization of youth: An examination of adolescent online behaviors utilizing routine activity theory. Deviant Behavior, 31(5), 381-410.
47. Meier, R. F., & Miethe, T. D. (1993). Understanding theories of criminal victimization. Crime and justice, 459-499.
48. Miethe, T. D., & McDowall, D. (1993). Contextual effects in models of criminal victimization. Social Forces, 71(3), 741-759.
49. Miethe, T. D., & Meier, R. F. (1990). Opportunity, choice, and criminal victimization: A test of a theoretical model. Journal of Research in Crime and Delinquency, 27(3), 243-266.
50. Miethe, T. D., & Meier, R. F. (1994). Crime and its social context: Toward an integrated theory of offenders, victims, and situations: Suny Press.
51. Miethe, T. D., Stafford, M. C., & Long, J. S. (1987). Social differentiation in criminal victimization: A test of routine activities/lifestyle theories. American Sociological Review, 184-194.
52. Mittal, S., & Tyagi, S. (2020). Computational Techniques for Real-Time Credit Card Fraud Detection Handbook of Computer Networks and Cyber Security (pp. 653-681): Springer.
53. Montague, D. A. (2010). Essentials of online payment security and fraud prevention (Vol. 54): John Wiley & Sons.
54. Mustaine, E. E., & Tewksbury, R. (1998). Predicting Risks of Larceny Theft Victimization: A Routine Activity Analysis Using Refined Lifestyle Measures. Criminology, 36(4), 829-858. doi:10.1111/j.1745-9125.1998.tb01267.x
55. Newman, G. R., & Clarke, R. V. (2013). Superhighway robbery: Routledge.
56. Ngo, F., & Paternoster, R. (2011). Cybercrime Victimization: An examination of Individual and Situational level factors. International Journal of Cyber Criminology, 5(1), 773-793.
57. Office for National Statistics. (2020). Crime Survey for England and Wales, 2014-2015. [data collection]. 2nd Edition. UK Data Service. SN: 7889, http://doi.org/10.5255/UKDA-SN-7889-2.
58. Paek, S. Y., & Nalla, M. K. (2015). The relationship between receiving phishing attempt and identity theft victimization in South Korea. International Journal of Law, Crime and Justice, 43(4), 626-642.
59. Payton, M. E., Greenstone, M. H., & Schenker, N. (2003). Overlapping confidence intervals or standard error intervals: what do they mean in terms of statistical significance? Journal of Insect Science, 3(1), 34.
60. Pratt, T., Holtfreter, K., & Reisig, M. (2010). Routine Online Activity and Internet Fraud Targeting: Extending the Generality of Routine Activity Theory. The Journal of Research in Crime and Delinquency, 47(3), 267.
61. Rege, A. (2009). What's Love Got to Do with It? Exploring Online Dating Scams and Identity Fraud. International Journal of Cyber Criminology, 3(2), 494-512.
62. Reisig, M. D., Pratt, T. C., & Holtfreter, K. (2009). Perceived Risk of Internet Theft Victimization. Criminal Justice and Behavior, 36(4), 369-384. doi:10.1177/0093854808329405
63. Reyns, B. (2013). Online Routines and Identity Theft Victimization: Further Expanding Routine Activity Theory Beyond Direct-Contact Offenses. Journal of Research in Crime and Delinquency, 50(2), 216-238. doi:10.1177/0022427811425539
64. Reyns, B. W. (2015). A routine activity perspective on online victimisation: Results from the Canadian General Social Survey. Journal of Financial Crime, 22(4), 396-411.
65. Reyns, B. W., & Henson, B. (2016). The thief with a thousand faces and the victim with none: Identifying determinants for online identity theft victimization with routine activity theory. International journal of offender therapy and comparative criminology, 60(10), 1119-1139.
66. Reyns, B. W., Henson, B., Fisher, B. S., Fox, K. A., & Nobles, M. R. (2016). A gendered lifestyle-routine activity approach to explaining stalking victimization in Canada. Journal of Interpersonal Violence, 31(9), 1719-1743.
67. Sampson, R. J., & Wooldredge, J. D. (1987). Linking the micro-and macro-level dimensions of lifestyle-routine activity and opportunity models of predatory victimization. Journal of Quantitative Criminology, 3(4), 371-393.
68. Schoepfer, A., & Piquero, N. L. (2009). Studying the correlates of fraud victimization and reporting. Journal of Criminal Justice, 37(2), 209-215.
69. See-To, E. W., Papagiannidis, S., & Westland, J. C. (2014). The moderating role of income on consumers’ preferences and usage for online and offline payment methods. Electronic Commerce Research, 14(2), 189-213.
70. Sendo, M. R., Sherman, R. S., & Kaltwasser, J. C. (2005). Methods and apparatus for conducting secure, online monetary transactions: Google Patents.
71. Shabir, G., Hamad, N., & Anosh, M. (2014). A True Picture of Electronic Business on Agriculture Sector of Southern Punjab, Pakistan. International Journal of Innovative Research Development, 2278-0211.
72. Singh, A., & Jain, A. (2020). A Novel Framework for Credit Card Fraud Prevention and Detection (CCFPD) Based on Three Layer Verification Strategy Proceedings of ICETIT 2019 (pp. 935-948): Springer.
73. Smith, M., Bouffard, L. A. J. T. E. o. C., & Justice, C. (2014). Victim precipitation. 1-5.
74. Thomas, C., Thiry, J., Hsu, K., Traver, K., & Tengkiattrakul, P. (2014). Analysis of Online Credit Card Black Markets.
75. Turban, E., Outland, J., King, D., Lee, J. K., Liang, T.-P., & Turban, D. C. (2017). Electronic commerce 2018: a managerial and social networks perspective: Springer.
76. Van Wilsem, J. (2011). Worlds Tied Together? Online and Non-Domestic Routine Activities and Their Impact on Digital and Traditional Threat Victimization. European Journal of Criminology, 8(2), 115.
77. Van Wilsem, J. (2013a). Bought it, but Never Got it’ Assessing Risk Factors for Online Consumer Fraud Victimization. European Sociological Review, 29(2), 168-178. doi:10.1093/esr/jcr053
78. Van Wilsem, J. (2013b). Hacking and harassment—Do they have something in common? Comparing risk factors for online victimization. Journal of Contemporary Criminal Justice, 29(4), 437-453.
79. Vishal, V., & Johari, R. (2018). SOAiCE: Simulation of Attacks in Cloud Computing Environment. Paper presented at the 2018 8th International Conference on Cloud Computing, Data Science & Engineering (Confluence).
80. Wall, D. S. (2007). Cybercrime: The transformation of crime in the information age (Vol. 4): Polity.
81. Wall, D. S. (2010). Micro-frauds: Virtual Robberies, Stings and Scams in the Information Age. In T. Holt & B. Schell (Eds.), Corporate Hacking and Technology-Driven Crime: Social Dynamics and Implications (pp. 68-85): IGI Global.
82. Wolfgang, M. E. J. T. J. o. C. L., Criminology,, & Science, P. (1957). Victim precipitated criminal homicide. 48(1), 1-11.
83. Yar, M. (2005). The Novelty of 'Cybercrime’ an Assessment in Light of Routine Activity Theory. European Journal of Criminology, 2(4), 407-427.