Comerica’s Prepaid Card Mobile Payments System Hit With Fraud

August 29, 2024         By: Steven Anderson

Fraud has long been a problem for just about any payments system, and mobile payments systems are no different. Whether it’s counterfeit coins or money, credit card fraud, or anything like that, it’s a problem a mobile payments system must overcome. Recently, Comerica Bank shut down its Cardless Benefit Access Service, part of its federal benefits prepaid card program, thanks to fraud in the system.

The security flaws in question were traced back to part of the program known as Direct Express, which allowed customers to access the funds in which they were entitled regardless of location. That made it prime hunting ground for scam artists who got hold of cardholder data and used it to route cash elsewhere.

Jackie Dinsmore, a caregiver apparently part of the program noted “Direct Express didn’t put up a red flag, even though they had all the information about the money being wired to Florida, when we live in Massachusetts, but they just sent the money. We were thinking it was safe because it’s the US Treasury.”

Naturally, an investigation has already begun, which will hopefully not only better illuminate just where the security involved failed and how to address said failings, but also possibly find those scam artists and recover the ill-gotten funds.

The good news here is that the program may not be shut down for long, as there are plans to upgrade all the outstanding cards to chip-and-PIN security as opposed to the chip-and-signature that’s been the standard for MasterCard and Visa since late 2015.

Improving security is generally good practice, and in the wake of a security breach as seems to have been the case here, a special augmentation is likewise worthwhile. Security has long been the problem child of mobile payments, and here we see why. Even with new security measures stepping in and taking hold, we still have problems. We cannot wait for the systems to “put up a red flag”, but rather, we must monitor our own accounts with the same fervor we expect the systems to do.

Between our own vigilance and the vigilance of the systems in question, we can come out ahead with powerful new mobile payments tools. A failure on either part is a failure of the whole system.