Jackie Barwell, director of fraud product management, ACI Worldwide, comments on the effect of the recent and ongoing EMV migration in the US and its impact on online fraud both in the US and in Europe. What can retailers do and how prepared were they?
How aware were the retailers in the increase in online fraud in each of the US and Europe- have they anticipated it well or are they scrambling to address the issue now?
The retailers, for the most part, anticipated, and prepared well for an increase in online fraud attempts. In the US in particular, there has been messaging in the press urging for them to be well prepared for the likely spike in ecommerce fraud attempts following the progression of EMV compliance across the country – so as much as this is an unwanted trend, it should not have come as total a surprise to the retailers there. In addition, the fast growth of ecommerce as a whole has focused the minds of anti-fraud teams within these retailers to concentrate on shoring up resilience against the online fraudster.
The migration of fraud onto the ecommerce channel for merchants in Europe has been something that these retailers have had experience of over the past few years, not just because of their own country-wide migration to EMV compliance, but also due to the ever expanding thirst for ecommerce by consumers. The removal of the US as a location to successfully spend on counterfeit cards (due to its migration to EMV compliance) may be the cause of a faster increase in card-not-present fraud in Europe, so extra dedication to curb this rise needs to be practiced here.
Is it mainly down to US EMV migration or also the overall uptake in mobile commerce?
It’s definitely a combination of the US EMV migration and the overall uptake in ecommerce popularity. Card-not-present purchases either online, or via the mobile/smartphone channels is growing at an unprecedented rate – and the removal of the US, being one of the last locations where fraud spend using counterfeit cards could be successful, has coincided with an increase in fraud in the ecommerce channels, a growth in social engineering attacks, a growth in data breaches, and a growth in account take-overs and identity theft attempts. Coincidence? Maybe, but likely not.
How well do you really know your competitors?
Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.
Thank you!
Your download email will arrive shortly
Not ready to buy yet? Download a free sample
We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form
By GlobalDataCan you compare uptick in fraud in Europe compared to US as a result of US EMV migration?
It is most likely linked only because some of the fraudsters who have newly moved to conducting fraud in a card-not-present environment could have been ones who found fraud using counterfeit (in the US) yesterday’s preference – until the US began closing that door…..
What can retailers do? Can the re-running of cards be implemented even if not required, as an easy combat measure?
If ‘re-running of cards’ relates to those ‘buy-online, pick-up in-store’ situations, it makes absolute sense to require the person picking up the goods to bring their card with them, with a view to confirming it’s a genuine card. If that means running the card through an EMV pin pad/terminal, so-be-it… This would prove a turn-off for the fraudster, and potentially a welcome measure, if communicated properly, to the retailer’s consumer!
How will retailers accommodate/offset the cost of extra security measures?
Retailers need to continuously look at their fraud teams as ‘business enablers’…. If you can increase your technology and capability and accuracy in the anti-fraud activities, the uptick is that more good transactions are accepted in real time, even those that appear risky. A strong, proven, accurate fraud strategy enables retailers to offer ever-riskier products online, offer ever-shrinking and imaginative fulfilment choices to their consumers, and expand into previously assumed too-risky geographies safely – to remain ahead of their competitors. Retails have to stop looking at their fraud teams as simply ‘a cost of doing business’.
What can card issuers do?
Card issuers should continue to be extremely vigilant for signs of possible account take-over attempts. The removal of an ability to spend on counterfeited cards will result in a more concerted effort to obtain ‘genuine cards’ – so account takeover attempts is likely to rise. Similarly, with the uptick in social engineering scams and data theft, the potential for identify theft (opening banking and credit relationships in other peoples’ names) will likely rise, so anti-fraud and authentication strategies here need to remain strong. Finally, continued use of sophisticated anti-fraud solutions that have the ability to profile their cardholders individually, should be practiced.
Is it more of an increase than expected?
No, the increase was anticipated in light of patterns of fraud migration due to these two phenomenon combining in other geographies – i.e. the growth in ecommerce popularity, and the migration to EMV compliance.
Do you expect it to get worse in 2016, with the rise of e-commerce?
Yes.