Hacked this season - How to avoid becoming another retail fraud statistic.
At this time of year, hackers and the holiday season go together hand-in-hand, like whipped cream and hot cocoa. Hackers and hot cocoa…most people cannot escape a holiday season without either one.
I noticed several unexplainable charges and the ‘amount owed’ scared me even more than usual. By the time I had realized that my new chip-enabled credit card number was hacked, presumably on-line and used overseas, my hot cocoa had gone cold!
I was hacked!
Working in the payments industry, I am well aware of fraud prevention strategies. But, nothing makes you appreciate the harsh reality of fraud more than a personal experience. The new benchmark data from ACI Worldwide shows that top retailers have experienced a recent surge in “card-not-present” fraud activity, along with the most popular pathways to fraud in an EMV environment.
The pathway found me when I discovered that my credit card number was used in a foreign country to purchase luggage and apparel. I asked my husband if he was planning a surprise vacation to a warm, exotic location. I envisioned him calling a few retailers to purchase high-branded apparel, buying luggage to store it all in, and having it wait for us at a hotel.
Seriously, stop daydreaming…my credit card data had been compromised. No second honeymoon! No expensive luggage!
Fraudsters targeting eCommerce channels
Did I really have to be an unwilling participant in a card-not-present fraud scheme? As the ACI data shows, the shift to more secure EMV chip cards has now tightened controls on card present transactions, leaving fraudsters to target eCommerce channels. Hackers made me a relevant statistic this holiday season.
To that end, you cannot ignore how this data has impacted the card-not-present channels and also its long-term effects on the omni-channel ecosystem. Having a secure omni-channel strategy to address this risk is critical for any retailer this holiday season.
Just as letters to Santa give parents’ an insight to their kids’ wishes, today’s mobile usage can enlighten retailers, as shoppers frequently consult their phones on purchases they are about to make in-store.
In fact, mobile has encouraged retailers to change their omni-channel strategy and provide layers of defense mechanisms for their security infrastructure. Although EMV helps to fight fraud for card present, we still have to remain vigilant as additional benchmark data findings tell us:
• First, fraud attempt rates have increased by 33% compared to the same period in 2014.
Many recent data breaches and online shopping hacks show the need for more secure measures between the attacker and the merchant. One layer of security is not enough and perhaps an augmented security effort is best, with several layers of defense.
• Secondly, another interesting finding is that the fraud average ticket value (ATV) has decreased by $9.00 over the past year from $282 to $273.
I experienced this lower fraudulent spend amounts trend with my own compromised card situation. Each of the fraudulent items on my bill was less than $200, but totaled a lot more than I would typically pay. (All those vacation outfits I had coordinated in my head!)
What can merchants do during peak holiday periods to minimize risk and fraud?
Is there one solution to minimize the effects of these findings, or a combination of them to curtail fraud? Secure elements? Tokenization? End-to-end encryption?
No single tactic diminishes all threats, but with a comprehensive payment security strategy in place, a retailer can help prevent the uptick in fraud during the holiday season, especially in card-not-present channels. No single security measure is impermeable on its own, but implemented collectively, more aggressive controls can lessen the chance of you or your customers becoming a fraud statistic.
All the “merchant Santas” out there should include a real-time fraud solution as part of an omni-channel strategy which continuously monitors fraud behavior across all channels, online and store.
Our findings show that merchants must be even more careful and implement effective eCommerce fraud protocols during the holiday season. “Hacked this season” has a terrible ring to it.
Related Blog Posts
How Italian Banks and Processors Can Capitalize on Digital Transformation
The European payments landscape is in an era of significant change thanks to PSD2 and other macro factors, but there is more than one way to deliver real-time and open payments to meet PSD2 requirements and its technical standards. Banks and processors must manage this alongside their own set of domestic challenges and opportunities.
Overcoming Cyber Threats to Payments Security
Recently, Gene Scriven, chief information security officer at ACI, spoke at NACHA Payments 2019 on the ever-changing landscape of cybersecurity. Here are a few highlights from his session, including the impacts of cybersecurity breaches, today’s emerging threats and the new strategies to keep your organization safe.
Removing Gender Bias and Enabling Women to Succeed in Leadership Roles
The recent UK Women in Payments (WIP) Symposium 2019 took place in London, recognizing unique leaders who help uplift women in the payments industry. Among those recognized was ACI’s Melissa McKendry, vice president, Retail Banking Implementation Services, who was honored by WIP as the 2019 Advocate for Women.
Regulating for Real-Time: The Role of Government in Payments Modernization
Dr. Leo Lipis and Craig Ramsey, Head of Real-Time Payments for ACI Worldwide, continue their discussion on real-time payments and the findings of the new white paper, Get More from Real-Time.
Payments and Fraud: The Paradox Twins
Digital commerce through web and mobile is where merchants predominantly experience shopper growth today. This has become a hugely important domain for their focus. It offers a means for international growth, new market penetration and a way to engage with shopper-hungry Millennials in their culture. Merchants frequently adopt a Digital-First, eCommerce-First or Mobile-First strategy to ensure full corporate buy-in to this strategy.
Open Payments Systems for Merchants: Don't Close Down Your Options
Remember “Open Systems”?
It was a big industry nom du jour in the 80s and 90s. Every IT system had to be open and therefore flexible and future-proof. Nobody can argue with the logic behind this; making systems easy to integrate with other systems, ensuring vendors could cooperate with one another; creating agility to improve time to market and drive down costs.
Issuing and Acquiring in a Real-Time and Open Payments Ecosystem – The Global Picture
Dr Leo Lipis and Craig Ramsey, Head of Real-Time Payments for ACI Worldwide, continue their discussion on real-time payments, stemming from the findings of the new white paper, Get More from Real-Time. See part one.
Why It’s Time for Women to Rise UP
As a senior software engineer at ACI Worldwide, Rawan Shawar helps to guide her team’s priorities and enhance processes at both the team and organizational level. Recently, Rawan was selected by the organizers of Money20/20 Asia to be part the Rise Up Class of 2019.
Can Digital Payments Be Kind?
There is no doubt that the era of less (or minimal) cash is truly upon us. According to the Access to Cash Review, cash could fall to just 10 percent of all payments in the UK within the next 15 years.
Other countries, such as Sweden, have already seen significant changes – cashless payments have grown so quickly that only 10 percent of the 20 SEB banks in Stockholm now hold cash. Beyond Europe, China is leading the way with USD$12.8 trillion in mobile payment transactions in 2018.