ThreatMetrix™ finds there’s been a dramatic growth in transactions originating from mobile devices and these could be the cause of major cybersecurity headaches for both retailers and consumers Black Friday, CyberMonday and the rest of the holiday season.
The ThreatMetrix Global Network profiles more than 40 million devices daily. Today mobile transactions, as a percentage of total transaction volume, have increased markedly from November 2011 to November 2012. While the iPhone continues to be the leader in mobile transactions, Palm transactions have all but disappeared. The numbers break down this way over the past year. Mobile transactions have increased by 11 percent for the iPhone, 53 percent for Windows and 7 percent for Android. Conversely, mobile volume has decreased by 81 percent for the Blackberry. Combined, the iPhone and Android own 96.4 percent of market share in mobile transactions, leaving little room for other competitors.
“Mobile consumers typically store their credit card information in retail accounts, rather than entering the information during each transaction, making online retail account takeovers more profitable, and therefore, more attractive to fraudsters,” said Alisdair Faulkner, chief products officer, ThreatMetrix. “During the holiday season in particular, consumers find it much more convenient to keep credit card information stored online as they make such a high volume of purchases. This is especially risky if consumers use the same email address and password for several websites – doing so initiates a trail of destruction that is equivalent to unlocking every door in the house, easily allowing criminals to hack numerous accounts at once.”
It goes without saying that since the dawn of crime, criminals have been targeting banks and retailers. Cybercriminals are no exception. And, the use of mobile devices by consumers just whets the cybercriminal appetite for more stealing.
ThreatMetrix data shows that on average, consumers log into retail and banking accounts twice as much per month on their mobile devices than they do on their personal computers, and this number only multiplies during the holiday season. Since mobile transactions take place in real-time and most retailers do not have a system in place to manually accept or reject all suspicious transactions, the uptick of mobile usage increases the risk of fraud.
ThreatMetrix identified fraud concerns retailers should bear in mind for Black Friday and CyberMonday:
• Mobile transactions are projected to reach $1 trillion by 2017 according to a new report by market research firm IDC Financial Insights, making consumers more vulnerable to fraud and malware attacks on mobile devices. As consumers continue making large volumes of mobile purchases and retailers do not have the time to closely monitor every transaction for suspicious activity, mobile opens the door to cybercriminals during the holiday season now more than ever.
• Account takeover is a major concern because of the significant increase in mobile usage. Many retailers are not equipped to efficiently secure mobile transactions with an exponentially larger volume of transactions during Black Friday and CyberMonday. Naturally, this makes consumers’ account and credit card credentials vulnerable to cybercriminals if retailers don’t act fast and execute a mobile security strategy.
• Clean fraud passes a retailer’s typical security screens and appears to be a legitimate transaction, when in reality, the transaction may be fraudulent and the result of a cybercriminal hiding behind a virtual private network (VPN). During Black Friday, CyberMonday and the rest of the holiday season, many consumers travel with their mobile devices. Since cybercriminals hide behind an IP address to mask their true geographic location, it is more difficult for retailers to tell which transactions are authentic.
“Cybersecurity should be a top priority for retailers this Black Friday, CyberMonday and the rest of the holiday season,” said Faulkner. “Especially with so many consumers traveling at this time, retailers need to put forth extra effort to assure transactions are originating from authentic networks. The last thing retailers and consumers want is to wake up on Black Friday with a ‘turkey hangover’ and a compromised credit card.”