Actually, while it’s fun to pretend that poor customers are left holding the bag, in the vast majority of CC fraud cases, the banks do take the hit. However, that doesn’t make mean that fraud isn’t highly frustrating and annoying for the customer.
However, this is a choice that the banks have made because they are cognisant of the fact that the total amount of consumer hatred is far greater if good security measures cause them inconvenience than if a much smaller subset end up having to deal with fraud.
In general, the inconvenience of security measures is blamed on the banks, while the inconvenience of fraud is blamed on merchants and the criminals themselves. In essence, American banks are too consumer-focused to do security properly.
So, fraud does cost the banks a pretty penny. But they believe that losing customers by vigorously pursuing higher security will cost them more. There’s a reason that the US is the last developed country to move to chip, and even then, not to PIN.
