August 14, 2018
Christmas in July – ThreatMetrix Announces Several Cybersecurity Strategies for Retailers to Prepare Now for Holiday E-Commerce Boom
Posted July 23, 2015
E-Commerce Merchants Without a Layered Security Strategy Must Brace Themselves for the Holiday Shopping Surge
San Jose, CA – July 23, 2015 – ThreatMetrix®, the fastest-growing provider of context-based security and advanced fraud prevention solutions, today announces several cybersecurity strategies for e-commerce merchants to prepare now for the upcoming holiday online shopping boom. As holiday shopping continues to evolve and spending grows each year, ThreatMetrix recommends e-retailers have a strong security strategy with shared threat intelligence in place prior to this holiday season.
Total holiday retail sales from November and December 2014 showed a four percent increase from 2013. During this time, ThreatMetrix prevented more than 11.4 million attempted fraudulent transactions during the 2014 holiday shopping season. If holiday sales continue to grow at a similar rate, cybercriminals will determine new strategies to cash in on the profits.
The height of the 2015 holiday shopping season comes immediately following the EMV chip deadline of October 1. While the adoption of EMV will make it more difficult for cybercriminals to copy account numbers and security codes associated with antiquated magnetic stripe cards, fraudsters will turn to different channels now that it’s more difficult to steal information in store which will ultimately lead to a rise in fraud in the U.S.—both online and via mobile devices.
“Generally, as retailers prepare for the holiday season, they tend to put off ramping up fraud prevention until it’s too close to the holidays—this should be done and mitigated in July or August to be prepared as soon as possible and work out any kinks in the cybersecurity system,” said Stephen Topliss, vice president services and support at ThreatMetrix. “The ultimate puzzle e-commerce merchants are trying to solve is what kind of effect integrated cybersecurity will have on their revenue, and whether or not the good customers will get caught up in these prevention measures.”
Top trends for the 2015 holiday shopping season will include an uptick in mobile fraud and high volume shopping days well in advance of the November and December timeframe. This year, Amazon Prime launched Prime Day in July, for which it claimed to offer better deals than Black Friday. Another significant shopping day early on is Alibaba’s Singles Day, which takes place on November 11 each year in China and surpassed U.S. Black Friday in 2014 with more than $9 billion in sales. With this in mind, consumers are thinking about holiday shopping well before the surge kicks off in November—which means fraudsters are as well.
During Cyber Week 2014 (Thanksgiving through Cyber Monday), ThreatMetrix found that 39 percent of transactions originated from mobile devices, with 80 percent of those transactions originating from iOS devices. Over the week of Christmas, that shift toward mobile continued, with a peak in mobile transactions taking place on Christmas Day, at about 35 percent. Additionally, iPhones alone drove almost three-quarters of all mobile e-commerce transactions during Christmas Week, up from 65 percent on Cyber Monday.
“As usage increases, retailers need to identify new strategies to mitigate mobile,” said Topliss. “Although mobile is quickly spreading across the e-commerce space, some retailers are very new to this concept and with this brings the possibility that they’re not aware of the fraud risks associated with mobile shopping. Mobile is the big unknown—the unquantifiable risk factor, and should be seen as a top target in the upcoming holiday season.”
To help retailers maintain a positive customer experience during the holidays without sacrificing security, ThreatMetrix has outlined several holiday shopping tips retailers can leverage to stay one step ahead of fraudsters. These include:
- Profile Existing Customer Base – Retailers should ask themselves how well they know their customers and their behavior. In doing so, they can leverage rules within their existing fraud systems to identify good transactions as opposed to bad ones so risks can be recognized and mitigated as they arise.
- Review 2014 Holiday Season – Holiday shopping in 2014 saw an uptick in e-commerce sales and with that the greater potential for fraud. Retailers should understand that initial reviews and recommended security strategies from last year don’t necessarily get taken into account right away. Now is the perfect time to take a look at last year and to use those practices to prepare for this upcoming holiday season before the shopping rush begins.
- Create a Holiday Policy – From a rules point of view, consider defining a policy specific for the holiday season that can be switched in and out after the holiday shopping season has passed. Make clear the specific components of the holiday policy that can be kept in place the rest of the year. For example, retailers should get a handle on profiling the good customers and raise the threshold for them to order online in a safe, secure manner.
- Monitor Analysis – Retailers should take a moment to think about how they currently monitor and analyze all transactions that come in each day. During the holiday season, transactions will be significantly higher, so retailers should make their fraud analysis as close to real-time as possible, rather than reviewing a few times a day or week. Retailers should also go beyond viewing each individual event and instead look at trends in particular areas, such as mobile. Identifying trends in real-time enables retailers to take immediate, preventative action if necessary during the holiday season.
- Tighten up Existing Anomaly Rule – It’s never a bad idea to check for loose nuts and bolts to see what parts of your security platform can be vamped up. Retailers should proactively identify new cybersecurity functionalities released in the past twelve months that can be added to existing portfolios. This might include new types of functionality or new rules that can be built upon to improve performance and prevent fraud.
“When it comes to holiday shopping season, all bets are off—for fraudsters and for businesses alike—so being prepared and staying one step ahead of fraudsters is the best way to avoid a disaster from happening that’ll likely ruin everyone’s holiday cheer,” said Topliss. “With the ever-changing realm of online fraud, retailers have an advantage when it comes to safety—being prepared and proactive in their fraud prevention efforts can go a long way not only for their customers, but for their businesses as well.”
To help retailers accurately identify good customers while keeping cybercriminals at bay during the holiday shopping season, the ThreatMetrix® Digital Identity Network brings together all aspects of a person’s online devices and behavior into one unique digital identity – including email addresses, geo-locations, devices and both personal and business personas. The unique identity combines the specific device and persona each individual is using at any given time, at any place to accurately authenticate users in real time. This enables retailers to protect against fraud while reducing customer friction.
- Press Release: ThreatMetrix Announces World’s Largest Digital Identity Network At RSA Conference
- Press Release: ThreatMetrix Helped Stop More Than 11.4 Million Attempted Fraudulent Transactions During The Holiday Shopping Season
- eBook: ThreatMetrix Cybercrime Report: Q1 2015
ThreatMetrix builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions leveraging a global shared digital identity network and real-time, customer-driven analytics platform. These solutions help customers differentiate between trusted users and potential fraud resulting in reduced friction, incremental revenue and lower fraud and operational costs.
ThreatMetrix secures customers against account takeover, payment fraud, fraudulent account registrations resulting from malware, and data breaches. Underpinning the solution is the ThreatMetrix Digital Identity Network, which analyzes more than one billion monthly transactions and protects more than 250 million active user accounts across 3,000 customers and 15,000 websites and mobile applications. ThreatMetrix is deployed by industry leaders across financial services, e-commerce, payments, social networks, government and insurance.
For more information, visit www.threatmetrix.com or call 1-408-200-5755.
© 2015 ThreatMetrix. All rights reserved. ThreatMetrix, TrustDefender ID, TrustDefender Cloud, TrustDefender Mobile, TrustDefender Client, the TrustDefender Cybercrime Protection Platform, ThreatMetrix Labs, and the ThreatMetrix logo are trademarks or registered trademarks of ThreatMetrix in the United States and other countries. All other brand, service or product names are trademarks or registered trademarks of their respective companies or owners.
Walker Sands Communications