European customers aren't liable for fraudulent charges either, I don't really understand your logic here.

Everyone pays the price of fraud and it's probably one major reason that explains high interchange fees in the US.

No, US interchange fees pay for "reward" cards. You charge everybody 5% extra, you give Karen 5% cashback, she thinks you're "rewarding" her and everybody else get screwed, the payment network keeps the difference.

The EU caps the interchange fee, does that mean the networks exit the business because they can't make money? No. Does it mean they've eliminated fraud? No. But it does mean they can't pay Karen 5% "reward" so they don't. There aren't any cards like that in Europe. For everybody else it makes the system cheaper.

I can assure you they use part of the interchange fee to cover fraudulent transactions or they offload the risk via insurance covering fraudulent transactions. There’s no way the issuing banks or Visa/MC just eat the fraud charges, we all pay for it.

Yes, rewards cards are paid for with interchange fees, but that doesn’t mean that’s the only thing they pay for. Most people pay more interest than they earn in fees per year anyways shrug

Early on the customers were completely liable because the banks claimed that the only wait a fradulent charge could be made is if the customer "allowed" their PIN to get stolen. Eventaully they changed this and made it more customer friendly.

IN Europe the liability shifted to the non complying partner - which helped takeup.

Already the same in the US once EMV was rolled out.

That is the thing that it took me a while to understand once arriving in US from Europe. In Europe I did not care the least if someone managed to hack my credit card. The bank is liable. The bank is responsible to make as secure as possible. That is probably why we had credit card with chip & pin since the 80's. Banks had incentive to reduce the fraud as they could not easily pass it to the customers. But when I arrived here in US, I heard all those horror stories with fraudulent charges (and it happened to me too) and why I should take it seriously. And why I should protect my CC details ?!? (like my US social security number... but that is for another thread :) Coming from a country where CC used chip & pin for more than 30 years, and only have US embracing it (but only half-way) in recent years, is bizarre.

Coming from a country where your address and social security number are basically publicly-available information (so of course neither are used for anything sensitive), it took me some time to understand the fuss Americans tend to make about SSNs...

Yes, when I arrived my coworker gave me an orientation and highly suggest buy a paper shredder ?!? Why? I have never had a paper shredder before. I saw some at the lab I was working in Europe, but it made sense there (pre-2000 we use to print listing a lot). Yes, Social Security number is another oddness, with the credit score too :)

The banks may take on the liability but I assume they offload the risk elsewhere with insurance or pricing it in.

We pay for fraud with increased transaction fees.

Right, and so the trade-off seems completely reasonable to me.

If the bank has calculated that extra fraud costs less than the price mitigating it with additional security measures, and it is the one bearing the cost either way, then power to them!

I'm not sure I understand this. Fraud, and cleaning up after it, is not free of cost. If anything, fraud is more insidious because it costs the one thing I can't replace, which is time.

Even for me--someone who has multiple payment cards, primarily uses credit (instead of debit), a healthy savings account, and a flexible job--cleaning up from a stolen credit card number takes two or three hours at a minimum. For someone who does not have those things, particularly for people who primarily use debit cards[0], the impact is far worse.

If we swapped our cards to simply require a PIN that's validated by the chip on the card (so that in-person charges without the proper PIN cannot complete, even if the card is shimmed), that removes the bulk of in-person fraud attempts. But US banks are, largely, so fearful of customers switching away from them at even the slightest provocation, we don't get PINs. So I'm forced to ask what other "basic" measures (like 3D Secure for online transactions) we lack.

0 - I don't want to hear the rebuttal that "well, people should just use credit cards." There are a hundred different reasons why people don't use credit cards--don't qualify for one, have an objection to debt, past bad experience, and so on--and we cannot write off people who "only" use debit from security measures.

Overall, debit cards make much more sense than credit. Their purpose is just to move money across accounts, not to entice you to overspend and then prey on you if you forget the magic dance, or datamine your spending patterns. There is no intrinsic reason for credit cards to be safer.

This completely ignores the amount of worry and frustration which an ordinary person has to go through to get back to the point that only the bank are out of pocket. It's not trivial by any means.

You could also make an argument that by continuing to allow this fraud to happen we're funding all kinds of nasty people. I'm not convinced the argument holds water since bad guys are often faster to move than the banks but it's worth noting.

It’s a systemic issue. In jurisdictions where banks cannot shift the risk to the customers, they tend to be more effective.

In the few European countries I know, banks are very pro-active about card fraud and refund without asking questions if fraud happens anyway.

Nasty people will get funded anyway, but reducing fraud also reduces their income. The main drawback is that people have to use their PIN (and even that is getting rare thanks to contactless cards).