Hacked this season - How to avoid becoming another retail fraud statistic.
At this time of year, hackers and the holiday season go together hand-in-hand, like whipped cream and hot cocoa. Hackers and hot cocoa…most people cannot escape a holiday season without either one.
I noticed several unexplainable charges and the ‘amount owed’ scared me even more than usual. By the time I had realized that my new chip-enabled credit card number was hacked, presumably on-line and used overseas, my hot cocoa had gone cold!
I was hacked!
Working in the payments industry, I am well aware of fraud prevention strategies. But, nothing makes you appreciate the harsh reality of fraud more than a personal experience. The new benchmark data from ACI Worldwide shows that top retailers have experienced a recent surge in “card-not-present” fraud activity, along with the most popular pathways to fraud in an EMV environment.
The pathway found me when I discovered that my credit card number was used in a foreign country to purchase luggage and apparel. I asked my husband if he was planning a surprise vacation to a warm, exotic location. I envisioned him calling a few retailers to purchase high-branded apparel, buying luggage to store it all in, and having it wait for us at a hotel.
Seriously, stop daydreaming…my credit card data had been compromised. No second honeymoon! No expensive luggage!
Fraudsters targeting eCommerce channels
Did I really have to be an unwilling participant in a card-not-present fraud scheme? As the ACI data shows, the shift to more secure EMV chip cards has now tightened controls on card present transactions, leaving fraudsters to target eCommerce channels. Hackers made me a relevant statistic this holiday season.
To that end, you cannot ignore how this data has impacted the card-not-present channels and also its long-term effects on the omni-channel ecosystem. Having a secure omni-channel strategy to address this risk is critical for any retailer this holiday season.
Just as letters to Santa give parents’ an insight to their kids’ wishes, today’s mobile usage can enlighten retailers, as shoppers frequently consult their phones on purchases they are about to make in-store.
In fact, mobile has encouraged retailers to change their omni-channel strategy and provide layers of defense mechanisms for their security infrastructure. Although EMV helps to fight fraud for card present, we still have to remain vigilant as additional benchmark data findings tell us:
• First, fraud attempt rates have increased by 33% compared to the same period in 2014.
Many recent data breaches and online shopping hacks show the need for more secure measures between the attacker and the merchant. One layer of security is not enough and perhaps an augmented security effort is best, with several layers of defense.
• Secondly, another interesting finding is that the fraud average ticket value (ATV) has decreased by $9.00 over the past year from $282 to $273.
I experienced this lower fraudulent spend amounts trend with my own compromised card situation. Each of the fraudulent items on my bill was less than $200, but totaled a lot more than I would typically pay. (All those vacation outfits I had coordinated in my head!)
What can merchants do during peak holiday periods to minimize risk and fraud?
Is there one solution to minimize the effects of these findings, or a combination of them to curtail fraud? Secure elements? Tokenization? End-to-end encryption?
No single tactic diminishes all threats, but with a comprehensive payment security strategy in place, a retailer can help prevent the uptick in fraud during the holiday season, especially in card-not-present channels. No single security measure is impermeable on its own, but implemented collectively, more aggressive controls can lessen the chance of you or your customers becoming a fraud statistic.
All the “merchant Santas” out there should include a real-time fraud solution as part of an omni-channel strategy which continuously monitors fraud behavior across all channels, online and store.
Our findings show that merchants must be even more careful and implement effective eCommerce fraud protocols during the holiday season. “Hacked this season” has a terrible ring to it.
Related Blog Posts
Helping Merchants Protect Themselves: Cybersecurity Tips from a Former White House CIO
In a world full of open technology, the devices that make our lives easier also leave us vulnerable to being hacked, according to Theresa Payton, former White House CIO and star of the CBS series Hunted. Payton recently joined me for an exclusive ACI cybersecurity webinar, sharing expert insights into how merchants can enable growth, enhance the customer experience and prevent greater instances of fraud.
Why India's Payments Players Need to Fight Fraud with Machine Learning
By 2023, experts are predicting 60 billion UPI (Unified Payments Interface) transactions annually, accounting for more than 50 percent of India’s total digital payments transactions. And it’s estimated that today nearly 50 percent of all real-time payment (RTP) transactions globally are processed in India. It’s an exciting market for payments innovation, with a wide range of digital overlay services available to consumers and merchants, thanks to the introduction of UPI.
The Untapped Opportunity of Machine Learning for Real-Time Payments Fraud Prevention
Artificial Intelligence (AI) is among the buzzwords of the moment, but when it comes to tangible innovations that have the potential to drive rapid ROI, machine learning should be part of every bank or processor’s strategy. No matter the size of the institution.
How Banks and Acquirers Can Deliver on the Benefits of PSD2 SCA Exemptions and Differentiate Their Merchant Services
PSD2 is an opportunity for acquirers to differentiate themselves by delivering improved services to their merchants, if they implement modern solutions to manage SCA exemptions. This will drive the best customer experience in combination with regulatory compliance.
Cooperation, Consultation and Collaboration Are the Keys to Countering CNP Fraud in Australia
As Europe, and other parts of the world ramp up for regulatory changes around PSD2, Australia is about to launch its own strategy to combat Card Not Present (CNP) fraud.
PSD2 and Strong Customer Authentication – What's in Store for Merchants?
With the final pieces of the Payment Services Directive (PSD2) puzzle coming together, payments businesses are highly focused on meeting their compliance obligations. But the forthcoming changes will affect everyone in the payments chain – and it’s important for merchants and PSPs to understand the practical implications for their businesses and customer relationships.
Why Banks Must Democratize Machine Learning for Fraud Prevention and Payments Intelligence
Banks are already actively on the path to digital transformation, considering new technologies, new customer experiences and new business models. A critical piece of this digital transformation centers on better understanding the wealth of data within the banks’ systems and mining it for improved customer insight. In the New Payments Ecosystem, data is as valuable to the bank and its customers as the deposits held in their accounts, and it should be protected, and leveraged for the benefit of the customer.
Payments and Fraud: The Paradox Twins
Digital commerce through web and mobile is where merchants predominantly experience shopper growth today. This has become a hugely important domain for their focus. It offers a means for international growth, new market penetration and a way to engage with shopper-hungry Millennials in their culture. Merchants frequently adopt a Digital-First, eCommerce-First or Mobile-First strategy to ensure full corporate buy-in to this strategy.
Building Trust in Open Banking with Behavioral Biometrics and Machine Learning
Strategies for fraud prevention in payments are having to evolve quickly, as new technologies emerge and digitalization of the banking ecosystem continues at pace. I spoke with Giselle Lindley, Principal Financial Crime Consultant at ACI Worldwide and Tim Dalgleish, Head of Threat Analytics, Asia Pacific at BioCatch to understand how financial institutions can use payments intelligence to build trust in this challenging environment.
Knowing New Customers – And How Shared Data Helps in Fighting Fraud
As the eCommerce industry continues its rapid growth, the lines between physical and digital shopping are becoming increasingly blurred. These changes are creating a number of challenges for merchants, not least around customer visibility and fraud prevention.