The latest figures for the first six months of the year are in from industry body Financial Fraud Action UK and they’re not pretty. So-called “remote purchase fraud” including e-commerce, mail order and telephone-based fraud was up by 23% between 1H 2013 and the first half of this year. The online element was by far the largest, accounting for £110 million, up from £89.5m in the first six months of 2013.
We shouldn’t be surprised. The advent of Chip and PIN in the UK several years ago was great news for bricks and mortar retailers, helping them slash in-store card fraud. In fact, Financial Fraud Action UK said it recorded a 72% decline in high street fraud losses between 2004 and 2013.
Adapt and repeat
What this has meant is an explosion in phishing attacks, where unsuspecting users are tricked into giving away their personal and card details so that cybercriminals can crack online accounts and make fraudulent purchases. It’s no surprise that the Anti-Phishing Working Group recorded the second highest ever number of phishing sites in Q2 2014 at 128,378 – with over 530 brands targeted.
There are other means to get these card details, of course, such as inserting keylogging or other malware onto a targeted machine to harvest card and personal details as they’re typed in by a user. Then there’s the more radical solution: hit the retailers and payment processors at source with massive data breach attacks.
From bad to worse
Card fraud is not just bad for the customer but can be crippling for the retailer, which is liable via chargebacks to reimburse the bank, which has in turn refunded the customer’s money. It’s not just the cost of this that the retailer must absorb, however. There could be additional administrative or legal charges for one thing, and then there’s the unquantifiable damage to brand value. With competition so fierce on the cyber high street, it only takes one missed fraudulent transaction or data breach for customers to flee to your competitors, and tell the internet all about their bad experience.
So where does the solution lie? When it comes to data security, the balance between usability and fraud prevention is often too heavily weighted in favour of the latter, which can cause customers to abandon their shopping carts and disappear to a competitor. The answer lies with intelligent, multi-layered fraud prevention platforms using device, identity and behavioural metrics to identify whether the person at the other end of the internet is who they say they are. Easy to implement, completely passive for the consumer and based on global intelligence which improves in accuracy as the customer base grows – this is the future of fraud prevention. And it’s here today.
ThreatMetrix builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions. These solutions authenticate consumer and workforce access to mission critical applications using real-time identity and access analytics that leverage the world’s largest trusted identity network.
ThreatMetrix secures enterprise applications against account takeover, payment fraud, fraudulent account registrations, malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes over 850 million monthly transactions and protects more than 210 million active user accounts across 3,000 customers and 15,000 websites.
The ThreatMetrix solution is deployed across a variety of industries, including financial services, enterprise, e-commerce, payments, social networks, government and insurance.
For more information, visit www.threatmetrix.com or call 1-408-200-5755.