FraudBlog - protecting the bottomline

MasterCard Launches Identity Check App Supporting ‘Selfie’ Authentication for SecureCode

Published on October 10, 2016, by fraudpractice in Fraud Prevention, Industry News.

MasterCard released their Identity Check app in early October, which is now available in 12 countries across Europe and set to be released globally in 2017. While this app has gotten the most attention for it’s ‘selfie pay’ feature, supporting the use of facial recognition in place of a password, it additionally supports fingerprint biometrics as an authentication option with MasterCard SecureCode.

Following trials in the United States, Canada and the Netherlands, MasterCard has launched their Identity Check app which supports facial recognition and fingerprint biometrics as a means of completing authentication.

Tags: 3-D Secure, 3D Secure, 3DS, authentication, biometrics, cardholder authentication, consumer authentication, facial recognition, fingerprint, MasterCard, MasterCard SecureCode

Comments Off.

As SEC Investigates Yahoo Breach, FTC Reiterates Need for Federal Breach Notification Laws

Published on October 10, 2016, by fraudpractice in Data Breach, Industry News.

Following a data breach involving over 500 million accounts and a delay in notifying the public or impacted parties, the Securities and Exchange Commission (SEC) started an investigation into the Yahoo data breach at the request of a Senator. Later at a Senate Committee meeting the Federal Trade Commission (FTC) cited the Yahoo breach reiterating their support for federal data breach legislation.

Meanwhile as large-scale data breaches continue, so too does identity theft. The FTC received nearly 500,000 identity theft complaints in 2015, a 47 percent increase from the year before.

Tags: data breach, data breach notification, FTC, identity fraud, identity theft, Legislation, PII, SEC, Yahoo

Comments Off.

Loyalty Fraud: Over 3 Billion Accounts and $48 Billion at Stake

Published on August 18, 2016, by fraudpractice in Case Studies, Fraud Prevention.

Whether making fraudulent purchases to accrue loyalty points and rewards, or taking over legitimate customer accounts to steal and spend the loyalty balances they’ve built up, loyalty fraud is damaging with both financial and brand risks. Despite the growth of loyalty-based fraud in recent years, this is still a vulnerability point for many organizations that offer such reward programs. Recent statistics and case studies involving loyalty fraud are discussed in this FraudBlog post.

According to a 2015 survey conducted by Ipsos Public Affairs for Connexions Loyalty, 72 percent of loyalty program managers had experienced fraud related to their programs, while one-in-three said it is a fast growing concern. There is plenty of meat on the bone for fraudsters to go after, as the 2015 COLLOQUY Loyalty Census tallied 3.3 billion loyalty memberships in the United States with points, rewards cash and miles worth an estimated $48 billion.

Tags: account takeover, case study, identity fraud, loyalty, loyalty fraud, loyalty programs

Comments Off.

LinkedIn Files Lawsuit to Battle Profile Scraping Bots

Published on August 18, 2016, by fraudpractice in Industry News.

Citing the Computer Fraud and Abuse Act (CFAA) and Digital Millennium Copyright Act, the professional social network filed suit against 100 individuals for the use of bots that intentionally violate their terms of service and, as LinkedIn claims, multiple state and federal laws. The publicly available court filing document includes some information about how the organization combats bots and profile scraping, as well as some measures the alleged abusers are taking.

Filed in early August, LinkedIn is seeking to identify 100 “Doe Defendants,” or currently unknown parties, that have been using automated software programs to extract or scrape data from LinkedIn pages since December 2015. The case accuses these persons or entities of utilizing a massive botnet to avoid their abuse and bot detection systems, claiming that this activity constitutes “unauthorized access” under the Computer Fraud and Abuse Act (CFAA).

Tags: bot attacks, bots, CFAA, Computer Fraud and Abuse Act, Digital Millennium Copyright Act, LinkedIn, web scraping

Comments Off.

Black Market Prices for Variety of Login Credentials Show that Fraud Goes Well Beyond the Payment Card

Published on August 18, 2016, by fraudpractice in Industry News.

A recent study cataloging prices across English- and Russian-language fraudster forums examined 320 purchases for stolen payment, identity and log-in information earning hackers between $1 million and $2 million, while the fraudsters using this information from less than half of these transactions were able to steal between $1.7 million and $3.4 million.

These estimates came from a study conducted by a criminal justice professor at Michigan State University, analyzing posts from the dark web on ten Russian and three English-language fraudster forums. The report detailed the marketplace nature of these sites, where fraudsters posted dumps for sale and buyers rated sellers on product quality.

Tags: account takeover, ATO, consumer authentication, data breach, identity fraud, identity theft

Comments Off.

Wal-Mart’s $3.3 Billion Acquisition of Jet.com Signifies the Importance of eCommerce

Published on August 18, 2016, by fraudpractice in Merger & Acquisitions.

Already an eCommerce, as well as brick-and-mortar, giant, Wal-Mart upped the ante on their digital commerce bet acquiring an online retailer that focuses on an optimal user experience and offers a different customer base. Many analysts say the Jet.com acquisition was geared at competing with Amazon, although it may just be part of a long-term growth strategy that relies more on eCommerce retail while physical retail sales stay stagnate or decline.

Amazon grossed $88 billion in online sales in 2015, according to Internet Retailer, and has been first place on the Top 500 list for many years. Walmart, however, isn’t too many places behind, coming in at fourth on Internet Retailers list of the 500 largest e-retailers based on U.S. sales. Immediately after Walmart’s $3.3 billion investment in Jet.com was announced, many retail analysts voiced their opinion that this acquisition was made so the nation’s largest brick-and-mortar retailer could keep up with the largest online retailer, Amazon. But there’s more to the story than that.

Tags: acquisition, amazon, ecommerce, merger, Walmart

Comments Off.

SWIFT Signs on 73 Banks to Participate in Cross-Border Payments Initiative

Published on June 29, 2016, by fraudpractice in Industry News, Payments.

SWIFT, the financial messaging and payment company based in Belgium, is developing a global network for facilitating cross-border bank account based payments with 73 financial institutions already on board. Trials for B2B payments are already underway, including a portal for tracking when payments are confirmed and cleared. The participating banks account for 75 percent of cross-border payments on the SWIFT network.

Barclays, Bank of America, Bank of China, RBC, JPMorgan Chase and Wells Fargo are just a handful of the major banks onboard with SWIFT’s global payment initiative.

Tags: ACH, bank account, bank transfer payments

No Comments.

Visa and American Express Temporarily Ease EMV Chargeback Liability for Merchants

Published on June 29, 2016, by fraudpractice in Fraud Prevention, Industry News, Payments.

Announcements from three of the major card associations in June describe different approaches for reducing merchant liability and losses with counterfeit card fraud through April 2018 as the U.S. transitions to EMV. Visa estimates their changes will lead to 40 percent fewer chargebacks and 15 percent fewer dollars being charged back to merchants related to counterfeit card fraud.

All of the card associations have recently announced measures to speed up and ease the transition to EMV or Chip cards. This includes “Quick Chip” programs from Discover and American Express to not require consumers keep their cards in the readers for an extended period of time, as well as accelerated and streamlined implementation procedures for merchants and acquirers to certify with Visa and MasterCard. Additionally, to ease the burden of fraud losses from merchants during this transition, some of the card associations are changing chargeback liability rules, at least temporarily.

Tags: American Express, counterfeit, counterfeit card fraud, EMV, liability shift, MasterCard, Visa

No Comments.

Mobile Wallets are Moving to the Web Browser with Implications for eCommerce and mCommerce

Published on June 29, 2016, by fraudpractice in Industry News, Payments.

Both Apple Pay and Android Pay are bringing their mobile wallets to the web browser, adding both security and convenience to mCommerce and even computer-based eCommerce transactions. Consumers will be able to use Apple Pay within the Safari web browser this year, while Google recently released their PaymentRequest API for initiating payments completed via Android Pay in the Chrome web browser.

Apple Pay continues to grow by 1 million users per month as an in-store and in-app mobile wallet payment method, and soon supporting mobile and eCommerce web browser payments will expand its applicability to many more merchants and transactions. Apple officially announced and previewed a “Pay with Apple Pay” feature in the Safari web browser at their Worldwide Developers Conference (WWDC) in June.

Tags: Android Pay, Apple Pay, mCommerce, mobile payments, mobile web browser

No Comments.

Average Cost of Data Breach Grows to $4M Globally, $7M in the U.S.

Published on June 29, 2016, by fraudpractice in Data Breach, Industry News.

IBM and the Ponemon Institute recently published the latest results of their global study measuring the financial impact of data breaches to the victim companies. While the global average increased to $4 million, up from $3.8 million last year, organizations in the United States, Germany and Canada incur $5 million or more in losses per data breach on average, while certain industries, like healthcare and financial services, tend to have a higher cost per compromised record.

The average cost of a data breach has risen 29 percent since 2013 globally, now at $4 million. This is based on a survey of nearly 400 data breaches that occurred worldwide, including 88 in the U.S. and Canada. Of all nations, the United States had the highest average cost per data breach at $7.01 million. Germany and Canada had the next highest average cost at about $5 million each.

Tags: cost of data breach, data breach, IBM

No Comments.

Page 5 of 43‹ Previous 1 2 3 456 7 8 9 Next ›Last »

MasterCard Launches Identity Check App Supporting ‘Selfie’ Authentication for SecureCode

As SEC Investigates Yahoo Breach, FTC Reiterates Need for Federal Breach Notification Laws

Loyalty Fraud: Over 3 Billion Accounts and $48 Billion at Stake

LinkedIn Files Lawsuit to Battle Profile Scraping Bots

Black Market Prices for Variety of Login Credentials Show that Fraud Goes Well Beyond the Payment Card

Wal-Mart’s $3.3 Billion Acquisition of Jet.com Signifies the Importance of eCommerce

SWIFT Signs on 73 Banks to Participate in Cross-Border Payments Initiative

Visa and American Express Temporarily Ease EMV Chargeback Liability for Merchants

Mobile Wallets are Moving to the Web Browser with Implications for eCommerce and mCommerce

Average Cost of Data Breach Grows to $4M Globally, $7M in the U.S.

Categories

Recent Posts

Archives

Subscribe to FraudBlog Notifications

Meta

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Categories

Recent Posts

Popular Tags

Archives

Subscribe to FraudBlog Notifications

Meta