According to a recent study, eCommerce merchants in the US have experienced a 140 percent increase in fraud attacks relative to 2020, while every dollar associated with missed fraud costs organizations $3.60 on average, up 15 percent from before the pandemic.
Merchants are less likely to dispute chargebacks on transactions originating from mobile wallets and significantly less likely to win those they choose to represent. Consumers may be more prone to commit friendly fraud with mobile wallet transactions and the dishonest ones may already be exploiting this trend.
Card Not Present channel Merchants cite order rejection rates of nearly 3 percent for domestic transactions and nearly 7 percent for international orders. Meanwhile more than half of merchants depend on AVS and CVV checks, considering them to be effective fraud tools. While most merchants measure fraud rates and order rejection rates, far fewer take the next step to understand false positives.
According to the Merchant Risk Council (MRC) 2017 Global Fraud Survey, eCommerce merchants declined 2.6 percent of all orders for suspected fraud, and 3.1 percent of orders over $100. CyberSource found higher order rejection rates in their 2017 Fraud Benchmark Study: 2.9 percent for domestic orders and 6.8 percent for international ones. While merchants are declining 3 percent of more of their orders, not all of these are actually fraud attempts.
Financial Fraud Action (FFA) UK, a financial services industry research and reporting group, recently released their 2016 year-end payment card and banking fraud totals which showed an increase in card fraud overall, primarily led by card not present channel fraud. Changing trends include an increase in fraud attempts but targeting lower order amounts compared to last year, a shift from malware targeting banks to fraudsters directly targeting consumers and consumer account credentials, and mobile banking app fraud losses more than doubling from 2015.
The Financial Fraud Action UK organization is composed of major banks, payment acquirers and card issuers in the United Kingdom, and members report payment card, remote banking and check fraud losses each year. Over the years FFA UK has tracked significant increases in total payment card fraud against UK-issued cards, growing from £341 million in 2011 to £618 million in 2016. This marked a nearly 10 percent increase just from 2015, when the total fraud loss on UK-issued payment cards was £567 million.
If you are attending the CNP Expo May 18-21 then be sure to see The Fraud Practice at booth number 418 in the Exhibit Hall. For those who would like to find out more about our online training certification programs, we will be giving out free copies of David Montague’s Essentials of Online Payment Security and Fraud Prevention book with valuable online training discount coupons inside.
There are a limited number of books available, so be sure to stop by The Fraud Practice’s booth before we run out. In addition to visiting us at the booth, you may want to attend the May 20th breakout session titled Fraud on the Move, moderated by The Fraud Practice’s Justin McDonald, Sr. Risk Management Consultant.
If you’d like to schedule a time to meet with one of our consultants at the CNP Expo, or just be sure we hold you a copy of the book, please contact us today.
If you haven’t yet registered for the CNP Expo and would like to attend, you can use The Fraud Practice’s discount code below.
The Fraud Practice, Kount and CardNotPresent.com have once again teamed up to bring you the third annual Mobile Payments & Fraud Survey. The 2015 Survey Report is now available and David Montague, Founder of The Fraud Practice, will discuss key findings along with Rich Stuppy, COO of Kount, and Steve Casco, CEO of CardNotPresent.com, during a live webinar held later this month.
As the mobile channel continues to grow and mature it seems fraud is keeping pace with increasing mobile transaction volumes. Unfortunately, the 2015 Mobile Payments & Fraud Survey found that many organizations are not taking the necessary measures to understand and combat fraud in the mobile channel as less than 40 percent of merchants differentiate or track mobile from traditional eCommerce fraud losses. Many more survey findings are detailed in the third annual installment of the Mobile Payments and Fraud Survey, which continues to track and measure the priorities, obstacles and capabilities of many types of organizations operating in the mobile channel.
In addition to the annual survey report, The Fraud Practice, Kount and CardNotPresent.com will be hosting a webinar to discuss key survey findings and issues impacting the mobile channel. This webinar, titled Trends Shaping the Mobile Industry for 2015, will be held May 28th at 11 AM ET. All webinar attendees will be entered in a drawing to win one of 10 free online training courses from The Fraud Practice, a $120 value.
According to a recent study from LexisNexis mobile commerce represents 14 percent of all transactions, but 21 percent of fraudulent transactions are attributed to the mobile channel. Meanwhile the value of fraud losses for mobile channel merchants quickly grew from 0.8 percent of revenue in 2013 to 1.36 percent of revenue in 2014.
According to estimates from Forrester Research, mobile payments will account for $67 billion in U.S. transactions in 2015, up from $52 billion in 2014 and $32 billion in 2013. While mobile transaction volume grew by nearly 63 percent from 2013 to 2014, the value of fraud losses for mobile channel merchants increased by 70 percent, from 80 cents to $1.36 per $100 in revenue, during this same time frame.
Malware targeting mobile devices has increased for the fifth consecutive quarter and has increased 167 percent from Q1 2013 to Q1 2014, according to the latest McAfee Labs Threats Report.
Merchants aren’t the only ones putting more emphasis and importance on the mobile channel, fraudsters are as well. This is evidenced by the growth of new malware targeting consumers on mobile devices; McAfee catalogued 2.4 million new samples of mobile malware in 2013 and about 750,000 in just the first quarter of 2014.
A fraudster calling himself Oleg Pliss is targeting Apple iPhones and iPads with an attack that prevents the user from unlocking the phone and displaying a message of where to send $100 to have the device unlocked. Details about the exploit are still being investigated, but it seems to be targeting devices via compromised iCloud accounts.
Ransomware is a type of malware that attempts to take a device hostage and requires payment to give control of the device back to the user, although sending payment does not guarantee the malware will relinquish control. While this type of malware has targeted computers for several years and has also targeted Android mobile devices, this is the first reported incidence affecting iOS devices. These attacks were originally concentrated in Australia but have since spread to the U.S. and elsewhere.
While eCommerce and mobile payment volumes hit record levels on Black Friday and Cyber Monday, the fraudsters were seizing the opportunity to attack. This included increased fraud attempts from mobile devices and higher average order values for fraudulent purchase attempts.