Credit and debit card fraud is a multibillion-dollar problem, but putting an exact figure on the cost is not that easy.
"It's difficult to quantify what the costs of fraud are," said David Pommerehn, senior counsel for the Consumer Bankers Association. He points out there are a wide range of fraud-linked costs paid by consumers and businesses.
In its "2014 Identity Fraud Report," Javelin Strategy & Research said the cost of credit and debit card fraud rose to $11 billion last year, from $8 billion in 2012.
"We saw a significant jump from 2012 to 2013," said Al Pascual, senior analyst for security risk and fraud at Javelin.
He expects incidents of fraud to continue to grow until the credit card industry and merchants fully embrace the use of cards embedded with computer chips known as EMV (Europay, MasterCard and Visa) cards, and include encryption and tokenization in their security systems.
These steps, he said, would significantly reduce fraud.
Javelin said that more than 8 percent of all consumers were impacted by some kind of card fraud in 2013, costing them on average $106 each when including legal costs, time taken off work to deal with the problem, and the costs of notarizing and mailing documents among other things.
For the most part, consumers have little responsibility when it comes to covering the losses linked to fraudulent transactions. Consumers have zero liability on fraudulent credit card purchases and limited liability on bad debit card transactions, depending on when they contact the bank. The group that absorbs the losses from fraudulent purchases include card issuers, merchants and acquirers or processors.
Merchants and acquirers—the payment processors—are responsible for covering "card-not-present" purchases of those made online, over the phone or via mail order. Including chargebacks—charges disputed by merchants and processors—it's the card issuers that absorb the majority of the losses.
Card issuers and some merchants will incur other costs linked to fraud. Those include reissuing cards to customers at a cost of between $2 and $10 each, and the costs of notifying clients and helping them resolve the problem.
"The pre-emptive cost of reissuing a portfolio comes at a great cost to the industry," Pommerehn said.
After the data breach at retailer Target last year, industry members including card issuers, payment processors and merchants agreed to work together to adopt more secure cards and payments systems. These steps include adopting EMV cards, which Visa and MasterCard plan to have in clients' hands by October 2015.
The push to adopt EMV technology comes after years of foot-dragging by businesses.
Many were reluctant to adopt given the cost, which is expected to be in the multibillions of dollars when including the price of the new cards, the upgrades needed for ATMs and new point-of-sale systems that retailers need to buy.
Still, it appears businesses are finally willing to spend that money, in order to better protect their customers.
—By CNBC's Mary Thompson