You have been added to our list.
By practicing good security habits, consumers and merchants can help minimize the risks from fraudulent activity.
It seems as if every day reveals another cyber or transaction security incident. Reports of skimmers collecting information from fuel pumps or malicious hackers stealing personal information from Equifax leads to one conclusion—threats are everywhere.
“The challenge will be to address not only the fraud scenarios that we saw in the past but also the growing number of fraud scenarios we see with the eCommerce and mCommerce channel,” says Francis Limousy, principal advisor in UL’s Transaction Security division.
Identity fraud increased 16 percent in 2016, with 15.4 million people affected in the U.S. according to a 2017 Javelin Strategy and Research study. This increase was driven by growth in existing card fraud, which saw a significant spike in card-not-present (CNP) transactions.
CNP fraud involves the use of card-account information obtained from skimming and phishing scams or card breaches. Fraudsters use the information to make purchases online, over the phone or by mail.
Related | How to Spot a Credit Card Skimmer
As Limousy points out, it has become more difficult for fraudsters to physically duplicate credit cards due to the widespread adoption and activation of EMV technology.
And when fraudsters try, the transaction is being caught more often at the payment terminal as shown by the real-life story of a UL employee whose credit card had recently been cloned. When the fraudster attempted to purchase an item in-store, the credit card issuer denied the transaction because they knew the real card issued contained an EMV chip.
Safeguards such as EMV technology do not exist in the virtual world though. A consumer’s card may have been registered on multiple websites, along with poor password control, and the information could be easily acquired by a fraudster.
Called card-not-present (CNP) fraud, these incidents increased 40 percent in 2016. Account takeovers (ATO) also rose significantly in 2016 with a total ATO loss of $2.3 billion reported. (note: 2017 data should be available 1Q18.)
Related | I’m EMV Compliant…Now, What’s Next?
Merchants can also protect themselves by monitoring sales transactions. Tools can be used to check IP addresses and filter out countries known for fraudulent activities. Scrutinize inconsistent shipping addresses and billing information before products are mailed.
The Address Verification System (AVS) is one tool you can use to verify the address of the person claiming to own the credit card. AVS compares the numeric portion of the shipping address with the address on file through the credit card company.
Additionally, a merchant should ask for the Card Verification Code (CVC) as part of every transaction. The Payment Card Industry Data Security Standard (PCI DSS) prohibits the storing of CVC, so the chances of virtually obtaining the code are practically zero, making it a smart requirement for most eCommerce and mCommerce sites.
Finally, keep software and platforms up to date as software vulnerabilities are continuously being found and security patches issued to prevent fraud and protect customers from malware and viruses.
By practicing good security habits like monitoring accounts and updating software plus utilizing available tools such as instant alerts and AVS, both consumers and merchants can help minimize the risks from fraudulent activity.
Never miss an article | Subscribe Today!