Before the EMV Standard Goes into Effect in 2015, Hackers Are Going All Out to Cash in on U.S. Legacy Mag-Stripe Plastic
For fraud and fraud-related losses, this past year could turn out to be the worst ever recorded. In his article on paymentweek.com (link to article), Kevin Xu cites the LexisNexis True Cost of Fraud study and finds that the numbers bear out that projection.
Fraud numbers up
According to the study, merchants suffered 133 successful fraudulent transactions per month this year, which is up a whopping 46 percent over last year. And, in 2014, merchants are losing a higher percentage of revenue to fraud — 0.68 percent compared to 0.51 percent in 2013. Plus, they’re paying more per dollar of fraud. In 2013, it was $2.79. That increased to $3.08 in 2014. The study attributed the increase in mobile-channel fraud to the fact that more physical-goods retailers have begun accepting mobile payments.
Mobile, online, mail and phone losses
Mobile-channel frauds cost retailers $3.34 per dollar of fraud losses. Online channel losses are $2.69 per dollar of fraud while other channels, which include mail and telephone, cost $3.29 per dollar of fraud losses.
Hackers gettin’ while the gettin’s good
Aaron Press, LexisNexis Director of ecommerce and payments, says that while EMV may cut down on fraud at the point of sale, “EMV may actually increase fraud. Because fraudulent card credentials will no longer be useful at POS, fraudsters are likely to turn to the online channel.”
And Xu writes, “It appears that 2015′s upcoming EMV upgrade has stirred up hackers into a feeding frenzy, hoping to take advantage of the U.S.’s legacy mag-stripe vulnerabilities before [they’re] gone for good.”
Press calls for tokenization to make EMV work
“If tokenization [the process of breaking a stream of text up into words, phrases, symbols] is widely adopted, it can help alleviate both POS and ecommerce payment fraud by reducing the volume of payment credentials available to fraudsters. “
ThreatMetrix builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions. These solutions authenticate consumer and workforce access to mission critical applications using real-time identity and access analytics that leverage the world’s largest trusted identity network.
ThreatMetrix secures enterprise applications against account takeover, payment fraud, fraudulent account registrations, malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes over 850 million monthly transactions and protects more than 210 million active user accounts across 3,000 customers and 15,000 websites.
The ThreatMetrix solution is deployed across a variety of industries, including financial services, enterprise, e-commerce, payments, social networks, government and insurance.
For more information, visit www.threatmetrix.com or call 1-408-200-5755.