On 26 September 2018, the ECB presented figures on card fraud in 2016. It is the fifth report of this kind. The main results are as follows:

• The total value of fraudulent transactions conducted using cards issued within the Single Euro Payments Area (SEPA) amounted to €1.8 billion in 2016 (a slight decrease of 0.4% compared to 2015);
• 73% of the value of card fraud resulted from card-not-present (CNP) payments, i.e. payments via the Internet, post or telephone;
• CNP losses amounted to €1.32 billion – by far the largest category of fraud in absolute value;
• The largest drop in the level of fraud concerned card fraud committed at automated teller machines (ATMs), with 12.4% less fraud in 2016 compared with 2015, while fraud committed at point-of-sale (POS) terminals went down by 3.0%;
• From a geographical perspective, domestic transactions accounted for 90% of all transactions, but only 35% of fraudulent transactions. Cross-border transactions within the SEPA made up 8% of all transactions, but 43% of fraudulent transactions. Although only 2% of all transactions were performed outside the SEPA, they accounted for 22% of all fraud;
• There are higher fraud losses on non-SEPA issued cards used inside the SEPA than there are on SEPA-issued cards used outside the SEPA.

In summary, the observation was made that online card fraud increased only slightly in 2016, whereas it had been growing at much higher rates in previous years. Furthermore, a drop in card-present fraud (card use at ATMs or POS terminals) is evident.

This trend can be explained by increased security measures in the industry, as encouraged by EU regulators. A significant decrease in counterfeit card fraud and fraud using lost or stolen cards, combined with the adoption of “Chip and PIN” (the EMV standard), explains the significant decrease in fraud at ATMs and POS, particularly for transactions outside the EU. Since 2015, the “two factor” customer authentication adopted by banks and supported by merchants has helped limit online card fraud.