Viewpoint: Payment Security

Payment security is relevant to all cardholders.  According to the latest EAST research, the majority would contact their bank with an issue.

Most of us use payment cards on a regular basis for online transactions and for transactions at payment terminals.  Having something happen to your card while using a payment terminal can therefore be a great inconvenience.  For example a card can be retained by an ATM – while this might be at the request of your bank, it can it can also be due to fraudulent activity such as card trapping.  Also your card might be compromised at a terminal due to card skimming, or it might be compromised due to a data breach at a third party.

From January to April 2019 EAST ran a poll which asked the question ‘If you had a payment card related issue while using a payment terminal (ATM, POS or UPT) which party would you be most likely to contact?’  The results can be seen in the chart below.

Payment Security

  • The majority of the respondents (80%) would contact their card issuing bank
  • 12% would contact a central fraud line
  • 4% would contact the owner of the payment terminal or the merchant where payment was done
  • 4% would directly contact the police

EAST presents at Mastercard Global Risk Leadership Conference

Otto de Jong from ING Netherlands and chair of the EAST Expert Group on All Terminal Fraud (EGAF) attended and presented at the ‘MasterCard Global Risk Leadership Conference – Europe’ in Albufeira, Portugal.  The focus of the event was the sharing of knowledge and best practices on key payment security issues, vulnerabilities, and innovative techniques to mitigate fraud.

On 26 September Otto de Jong (second from right in picture), together with representatives from MasterCard and MacAfee, gave a presentation on Cybersecurity Research Leadership and Cyber Attack Methods.  In his talk he gave an overview of EAST and covered rising card fraud threats from the perspective of the industry (ATM and POS terminal).

The Conference, which ran from 25 to 28 September 2017, was attended by stakeholders from the card payments industry in Europe (Issuers , Acquirers and Vendors).

EAST changes name




EAST is changing its name to the European Association for Secure Transactions (EAST).  The announcement was made by EAST Executive Director Lachlan Gunn at the EAST Financial Crime and Security (FCS) Forum in The Hague.  The name change is in line with a new strategic direction for EAST.

EASTEAST was formed in 2004 to focus on ATM security when card skimming was a rising issue in Europe.  Since then there have been significant changes in the payment landscape, which continues to evolve at great speed.  EAST will continue to report on ATM crime issues as part of a wider reporting structure, which will be broadly split into Terminal Security and Payment Security.  The core strength of EAST is the National Member platform, backed up by interaction with Associate Members, and this change will enable EAST to keep serving all its members as their needs change.

The EAST Expert Group on All Terminal Fraud (EGAF) will continue to focus on fraud at all terminal types, and the EAST Payments Task Force (EPTF) is focussed on the security of payments and transactions.  The EAST Expert Group on ATM and ATS Physical Attacks (EGAP) will continue to be mainly ATM focussed, to help counter the growing threat of solid explosive and explosive gas attacks.

EAST has national representation from the following 26 European countries:  Austria, Belgium, Bulgaria, Cyprus, Czech Republic, Denmark, Finland, France, Germany, Greece, Hungary, Ireland, Italy, Liechtenstein, Luxembourg, Netherlands, Norway, Malta, Poland, Portugal, Romania, Slovakia, Spain, Sweden, Switzerland, United Kingdom.  EAST is still seeking national representative members from:  Estonia, Iceland, Latvia, Lithuania and Slovenia.

Brazil, Canada, Indonesia, Mexico, Russia, Serbia, South Africa, Turkey, Ukraine and the United States are represented at EAST as non-SEPA members and EAST is seeking to establish links with parties in any country, able to share national incident and loss statistics for terminal related fraud and physical attacks.  For more information contact us.