July 16, 2019
ThreatMetrix Alerts eCommerce Merchants to Cybersecurity Threats Leading up to the Holiday Shopping Season
Posted September 5, 2013
Payment Fraud and Account Takeover Attempts Have More Than Doubled and Show No Signs of Slowing Down During the Holidays
San Jose, Calif. – September 5, 2013 – ThreatMetrix™, the fastest-growing provider of integrated cybercrime solutions, today announces data from the ThreatMetrix Digital Identity Network showing that payment fraud and account takeover attempts have increased in frequency and will continue to pose a risk to e-commerce merchants during the holiday shopping season.
In a recent six-month snapshot, The Network, the most comprehensive repository of information available for screening prior transactions and site visitors, found that account takeover and payment fraud attempts nearly doubled. Recently, e-commerce merchants have become prime targets of such threats, which are particularly risky during heavy spending periods such as the holidays.
According to comScore, last year’s holiday eCommerce sales grew 14 percent to $42.3 billion in total revenue. As this number is expected to rise once again this holiday season, increased spending makes eCommerce merchants attractive targets to cybercriminals.
“Ahead of the holiday rush, retailers must have preventative cybercrime measures in place to protect against account takeover, payment fraud and other risks,” said Dr. Stephen Topliss, vice president of services and support, ThreatMetrix. “By preparing now, retailers can focus more on helping authentic customers have a frictionless shopping experience during the holidays, while stopping cybercriminals in their tracks.”
As retailers prepare for the holiday shopping surge, they should be particularly cautious of account takeover, payment fraud and IP address risks associated with the busy shopping season.
• Account takeover – While account takeover has traditionally targeted banking websites, it has recently made a shift to eCommerce. During the busy holiday season, retailers must look out for red flags of account takeover such as users accessing their accounts from different devices than usual or changing account details such as the shipping address or cell number.
• Payment fraud – During the holidays, eCommerce merchants have less time to screen individual transactions for fraud due to the high volume of orders. One option is to implement additional verification technologies such as Verified by Visa. It is important to implement this in a dynamic way, based on the risk associated with each transaction, so that authentic customers are not inconvenienced by this extra security measure.
• IP address risks – Not only do consumers spend more during the holidays, but many travel to see family and friends, meaning transactions initiate from different locations (IP addresses). eCommerce merchants must build a history of customers with positive scores based on prior transactions. That way, e-retailers can assess the device, account and associated address to assure authentic customers are not flagged for fraudulent transactions even if they are in an unusual location.
By leveraging collective data from a global intelligence network, eCommerce merchants can protect their users better than ever this holiday shopping season. Specifically, retailers can link customer accounts to their devices, addresses and previous transactions to build a history of legitimate customers and suspicious accounts. Doing so can prevent eCommerce merchants from losing up to five percent of total orders due to incorrectly labeling transactions as fraudulent.
“A collective approach to cybersecurity enables eCommerce merchants and customers to have an all-around jolly holiday shopping experience,” said Topliss. “Differentiating between authentic and fraudulent transactions helps determine which customers deserve a visit from Santa this holiday season and which cybercriminals receive coal in their stocking – meaning in this sense additional fraud screening.”
ThreatMetrix is the fastest-growing provider of integrated web fraud and cybersecurity solutions. The ThreatMetrix Platform helps companies prevent unauthorized access to web and mobile applications, protect sensitive data, and secure transactions against account takeover, payment fraud, identity spoofing, malware, and data breaches. ThreatMetrix protects more than 1,900 customers and 9,000 websites across a variety of industries, including financial services, enterprise, e-commerce, payments, social networks, government, and insurance. For more information, visit www.threatmetrix.com or call 1-408-200-5755.
To join in the cybersecurity conversation, follow us on Twitter @ThreatMetrix.
© 2013 ThreatMetrix. All rights reserved. ThreatMetrix, TrustDefender ID, TrustDefender Cloud, TrustDefender Mobile, TrustDefender Client, the TrustDefender Cybercrime Protection Platform, ThreatMetrix Labs, and the ThreatMetrix logo are trademarks or registered trademarks of ThreatMetrix in the United States and other countries. All other brand, service or product names are trademarks or registered trademarks of their respective companies or owners.