Hacked this season - How to avoid becoming another retail fraud statistic.
At this time of year, hackers and the holiday season go together hand-in-hand, like whipped cream and hot cocoa. Hackers and hot cocoa…most people cannot escape a holiday season without either one.
I noticed several unexplainable charges and the ‘amount owed’ scared me even more than usual. By the time I had realized that my new chip-enabled credit card number was hacked, presumably on-line and used overseas, my hot cocoa had gone cold!
I was hacked!
Working in the payments industry, I am well aware of fraud prevention strategies. But, nothing makes you appreciate the harsh reality of fraud more than a personal experience. The new benchmark data from ACI Worldwide shows that top retailers have experienced a recent surge in “card-not-present” fraud activity, along with the most popular pathways to fraud in an EMV environment.
The pathway found me when I discovered that my credit card number was used in a foreign country to purchase luggage and apparel. I asked my husband if he was planning a surprise vacation to a warm, exotic location. I envisioned him calling a few retailers to purchase high-branded apparel, buying luggage to store it all in, and having it wait for us at a hotel.
Seriously, stop daydreaming…my credit card data had been compromised. No second honeymoon! No expensive luggage!
Fraudsters targeting eCommerce channels
Did I really have to be an unwilling participant in a card-not-present fraud scheme? As the ACI data shows, the shift to more secure EMV chip cards has now tightened controls on card present transactions, leaving fraudsters to target eCommerce channels. Hackers made me a relevant statistic this holiday season.
To that end, you cannot ignore how this data has impacted the card-not-present channels and also its long-term effects on the omni-channel ecosystem. Having a secure omni-channel strategy to address this risk is critical for any retailer this holiday season.
Just as letters to Santa give parents’ an insight to their kids’ wishes, today’s mobile usage can enlighten retailers, as shoppers frequently consult their phones on purchases they are about to make in-store.
In fact, mobile has encouraged retailers to change their omni-channel strategy and provide layers of defense mechanisms for their security infrastructure. Although EMV helps to fight fraud for card present, we still have to remain vigilant as additional benchmark data findings tell us:
• First, fraud attempt rates have increased by 33% compared to the same period in 2014.
Many recent data breaches and online shopping hacks show the need for more secure measures between the attacker and the merchant. One layer of security is not enough and perhaps an augmented security effort is best, with several layers of defense.
• Secondly, another interesting finding is that the fraud average ticket value (ATV) has decreased by $9.00 over the past year from $282 to $273.
I experienced this lower fraudulent spend amounts trend with my own compromised card situation. Each of the fraudulent items on my bill was less than $200, but totaled a lot more than I would typically pay. (All those vacation outfits I had coordinated in my head!)
What can merchants do during peak holiday periods to minimize risk and fraud?
Is there one solution to minimize the effects of these findings, or a combination of them to curtail fraud? Secure elements? Tokenization? End-to-end encryption?
No single tactic diminishes all threats, but with a comprehensive payment security strategy in place, a retailer can help prevent the uptick in fraud during the holiday season, especially in card-not-present channels. No single security measure is impermeable on its own, but implemented collectively, more aggressive controls can lessen the chance of you or your customers becoming a fraud statistic.
All the “merchant Santas” out there should include a real-time fraud solution as part of an omni-channel strategy which continuously monitors fraud behavior across all channels, online and store.
Our findings show that merchants must be even more careful and implement effective eCommerce fraud protocols during the holiday season. “Hacked this season” has a terrible ring to it.
Related Blog Posts
The EMV Deadline Has Been Extended for U.S. Fuel Merchants – Now What?
U.S. fuel stations were originally supposed to be EMV-compliant by October 2017, but due to complications and costs at the time, the deadline for EMV at the pump was extended for three years – and it has now been pushed out further to April 2021 due to the COVID-19 pandemic.
Merchant Fraud in the Age of COVID-19: We Need to Prepare Ourselves for a “Tidal Wave” of Attacks
With millions of consumers around the world self-quarantining at home, online shopping for goods, services and entertainment has become the new normal for many. A recent analysis of our own data has shown that average transaction volumes in the retail sector in March rose 74 percent compared to the same period last year.
Are Chargebacks Making a Comeback for U.S. Fuel Merchants?
With the planned EMV implementation date looming for U.S. fuel merchants, we’ll be spending some time ahead of the October 2020 deadline looking at the fraud issues affecting fuel merchants and how these might change through the final quarter of this year.
Rebirth of The High Street: An Unintended Consequence of COVID-19?
You don’t know what you’ve got until it’s gone. How true that is right now for the U.K.’s High Street (or for that matter local retailers in communities around the world) and our desire to shop.
Merchant Considerations for Protecting Payments During the COVID-19 Crisis
As the spread of COVID-19 continues to impact businesses of all shapes and sizes in unprecedented ways, the power of payments has never been clearer. Drastic increases in online transaction volume and the need for essential in-store payment processing create new challenges for online and brick-and-mortar retailers alike. Here are a few ways that merchants can protect their business – from the perspective of payment processing and fraud mitigation – during this uncertain time.
Positioning PSPs for Success in 2020: Scalability, Flexibility and Globality
We used to say that NFRs (non-functional requirements) such as scalability and availability didn’t really make for attention-grabbing headlines, but in fact, 2019 has shown us that these NFRs are often not far away from the biggest stories. A major outage or downtime – be it for bank or merchant – makes headlines in its own right, but we’re increasingly seeing a clear link between NFRs and a company’s growth trajectory. Those companies that are generating positive awareness from their ambitious global expansion plans, innovative customer experiences, or unique approach to fighting fraud – they are achieving this off the back of technology solutions that deliver world-class non-functional requirements. Scalability, flexibility and globality underpin these growth stories – and this message comes out clearly in speaking with some of our leading payment service providers (PSPs), which are supporting the growth of thousands of merchants around the world.
Three Merchant Payment Trends to Watch in 2020
In 2019, merchants everywhere were challenged by pressure from new entrants, the continued breakdown of traditional industry boundaries and growing customer preference for a digitally-led or digitally-influenced purchasing experience.
Learn How to Claim a Greater Slice of the Mobile Payments Pie
U.S. Wireless Players: $14.3B is at stake – are you in?
Mobile commerce is thriving as consumers seek out convenient, quick and secure shopping experiences. And transaction growth on mobile devices is outpacing traditional desktop and in-store channels, aided by click and collect and one-click purchasing trends. For U.S. telcos, the message is clear: proactively add value to the payments process, or risk missing out on increasing your portion of the growing mobile payments market.
How to Survive Black Friday and Cyber Monday… and Provide a Great Consumer Experience
As Black Friday and Cyber Monday approach, shoppers and merchants alike await amazing deals and a welcome boost in sales, respectively. I took a moment to speak with two of ACI’s merchant payments and fraud experts, Andrew Marshman (merchant payments lead, Europe) and Erika Dietrich (VP, Global Fraud Prevention Risk Services) about what merchants need to know as they head forth into one of the biggest shopping seasons of the year.
Strong Customer Authentication in Australia: Reducing CNP Fraud and Streamlining eCommerce Payments
Minimizing fraud without harming the customer experience can be done – using the right tools
In 2017-18, card-not-present (CNP) fraud cost Australian eCommerce AUD $478 million and accounted for some 85 percent of all fraud on Australian-issued cards1. In 2016, CNP fraud in Europe represented 70% of all card fraud2. Seriously uncomfortable numbers.