Store Clerk: “Sorry, we don’t accept debit or credit cards here.”The pensive customer thinks out aloud – “Really? In 2017?”Technology evolves rapidly and any era prior to now is undoubtedly considered the “dark ages’. Most people cannot fathom the world without computers. How did one ever function without

Google? Where is the nearest ATM? Siri, what is the temperature outside? Andrea, I’m on my way — send me a pin drop.With the advent of credit/debit cards, e-commerce, ApplePay, and bitcoin technology, cash is deemed an inconvenience. Many wallets today are not even designed with cash in mind but there are numerous pockets to hold our cards.Technology has certainly obliterated barriers and has made physical geographic borders a far removed concept in modern society. So much so that you are able to purchase an item from half-way across the world — at home in your pajamas.Advances in technology are attended by impending risks. Sources say globally, there are at least 12 cybercrimes every second and with these increases everyone is at risk. The cybercriminal’s objective is financial gain, so it should come as no surprise then that the financial sector is primarily targeted. According to Norton, in 2015, consumers lost an alarming $110 billion due to cybercrimes. In 2016, over 15 billion transactions were analysed and it was determined that the financial sector was most vulnerable. Two of the most prevalent issues that plague the sector are card fraud and identity theft. 

WHAT IS CARD FRAUD AND HOW DOES IT OCCUR?Credit card fraud can manifest itself in a number of ways. One is through card skimming and cloning. Skimming typically involves the use of a device to read and copy the information contained on the magnetic strip (black strip) affixed to the back of your card. The skimming device ordinarily is inconspicuously placed on point of sale machines or inside the card slots and access points at ATMs.The fraudsters may also enlist the assistance of people with access to credit/debit cards such as cashiers, wait staff, and gas station attendants to steal your information through skimming. These inexpensive, small, hand-held devices allow perpetrators to read and copy information from your card, which can be stored for future use or be transmitted electronically to anyone anywhere in the world. 

CARD CLONINGAfter the information is obtained, the fraudster can clone your card and thereafter use it to transact business using your account. These may range from withdrawing funds from the account to shopping online or in store. Alternatively, the fraudster may sell your card information to other criminals, who may, in turn, clone your card or steal your identity. 

CAN CRIMINALS GAIN ACCESS TO MY INFORMATION WITHOUT PHYSICALLY ROBBING ME?Indeed, criminals have taken on new modes of operation and are not only bandits with guns walking into banks or committing duplicitous murderers. Some fraudsters see this activity as “just a little card fraud” but stand to gain millions, oftentimes without even a trace.Hacking is another way in which card fraud and identity theft may be perpetuated. There have been a number of reports of companies’ systems around the world being hacked and millions of credit card and other personal information of individuals being compromised as well. It is trite to note that as consumers we are also targets. The fraudster may utilise a combination of computer technical skill and software to gain access to computers that contain the information they need. Further, they may employ several tactics such as phishing or social engineering attacks. 

WHAT LAWS EXIST IN JAMAICA TO PROTECT ME?

Unauthorised Access to DataMore often than not the accessing of your account or computer by fraudsters is unauthorised. This unauthorised access is outlawed by Section 3 of the Cybercrimes Act, 2015 (“the Act”) and can attract a penalty of $3 million or three years’ imprisonment if convicted by a Parish Judge or a maximum of $15 million or five years for repeat offenders. On the other hand, if a fraudster is convicted before a Supreme Court Judge, he/she faces imprisonment of up to seven years. In the case of a repeat offender, he/she faces a maximum sentence of 15 years. Importantly, there is no limit to the fine a Judge of the Supreme Court may impose.  

ACCESS WITH INTENT TO COMMIT AN OFFENCENow, if it can be proven that the fraudster not only accessed the account but did so to steal your money or to allow another person to steal it, he/she commits another offence (Section 4 of the Act). The parish judge may hit him/her with a fine of $4 million or four years’ imprisonment for a first-time offender and $5 million or five years for repeat offenders. Likewise, a Supreme Court judge may impose a maximum sentence of seven years for a first offence and 15 for a repeat offender. There is, however, no limit on the fine this judge may impose. 

UNLAWFUL POSSESSION OF SKIMMING DEVICESSection 10 of the Act speaks generally to possessing the device without authorisation. Thus, the section is a ‘catch-all’ provision which makes it illegal to possess, manufacture, sell or otherwise make available, skimming devices (or similar devices) for committing credit/debit card fraud or similar offences. Consequently, once you have the device in your possession in any of the situations above, it is an offence. When convicted, the parish judge may impose a fine of $4 million or four years’ imprisonment. The repeat offender is liable to a fine of $5 million or five years behind bars. A Supreme Court judge may impose a maximum of 10 years’ imprisonment for a first-timer. If it’s a repeat offender, you are looking at up to 20 years behind bars. The applicable fines also have no limit in these circumstances. 

PROTECT YOURSELFCustomers generally enjoy the convenience and speed of using credit cards. At the same time, they expect their transactions to be secure as well as their personal and financial information to remain confidential and free from the risk of compromise. These two competing concerns — convenience and security — appear to be one of the major trade-offs in the industry. What is clear, though, is that cybersecurity is everyone’s business and as such, we all play a role. As we have seen, even organisations with sate-of-the-art security have fallen prey to cyber attacks. So the issue isn’t so much the technology itself but also addressing other concerns such as human aspects in cybersecurity and other ethical, legal, psychological and policy issues; chief of which is the importance of ongoing training and programmes to increase awareness.While the world comes to terms with these issues, some practical steps that we can take to mitigate the impending risks of credit/debit card fraud are:• Be cautious: Trust, then verify all transactions and recurrent payments;• Be vigilant when verifying the veracity of e-mails; do not click on links or download attachments from unfamiliar senders;• Ensure enough is done to protect computers from malware; update antivirus routinely;• Exercise extreme caution when sharing credit card information over the phone or via any form of electronic communication;• Check your statements and balances frequently;• Monitor your online accounts frequently;• Report any suspicious transaction to your financial institution immediately, no matter how small in value;• Cover your keypad when entering your pin code (even at ATMs);• Keep your card in view when handed over to facilitate purchases;• Opt to pay cash at restaurant terminals instead of handing your card over;• Do a quick check at ATMs or POS machines for anything loose, bulky, or seemingly out of place. 

— Hodine Williams and Orrett Brown are Crown Counsel in the Cyber Crimes Unit at the Office of the Director of Public Prosecutions.