A Thing
The Green SheetGreen Sheet

Thursday, June 9, 2016

Data breaches, EMV advance new fraud trends

Fraud is a multibillion-dollar drain on card payment systems that seemingly defies containment. Growth in online and mobile access, coupled with the ramping up of EMV security, now has U.S. card issuers bracing for an onslaught of fraud, especially new account fraud. This is according to a report just released by LexisNexis Risk Solutions titled Issuers Confront Application Fraud and Account Takeover in a Post-EMV U.S.

"EMV chip technology represents the strongest anti-fraud protection at the POS terminal," said Kim Little Sutherland, Senior Director of Identity Management at LexisNexis. However, it is not a panacea, and certain types of fraud are certain rise. "Notably, with the window closing on easily replicable mag-stripe cards, we forecast a shift and bump in identity schemes – characterized by the use of synthetic identities and the misuse of true identities," Sutherland added.

Since the United States began implementing EMV (Europay, MasterCard and Visa) security, most discussions about card fraud have centered on card-not-present (CNP) fraud increases. Among card issuers surveyed by LexisNexis for its report, however, fraudsters are not turning en masse to CNP scams.

CNP fraud not the only concern

"Fraudsters that have found success in POS card fraud are unlikely to immediately give up what may represent an enterprise with years invested in its success," the report stated. In fact, as has been widely reported, that's what happened when EMV was implemented in the United Kingdom.

U.S. card issuers lose $10.8 billion to card fraud each year, with credit card fraud leading the pack, according to the report. LexisNexis found that the majority of card fraud ($7.6 billion or 71 percent of total card losses) involve credit cards; $2.7 billion (25 percent) are the result of debit card fraud. Prepaid cards contributed just $500 million to the total. LexisNexis noted that while the numbers of credit and debit cards in the United States are comparable, fraud losses are significantly greater for credit cards: $9 per card for credit compared with $2 per card for debit cards.

The LexisNexis report draws from a survey of 100 risk and fraud officers at card-issuing U.S. organizations of varying size. The report focuses on what emerged as two of the most troublesome types of fraud: application fraud and account takeovers, each of which accounts for 20 percent of total annual card fraud losses.

Counterfeit fraud represents 16 percent of total card fraud losses, and is being fueled by a vast array of compromised personally identifiable information available on the black market. Nearly 62 million Americans were affected by card data breaches in 2014, for example. And much of that information "will remain useful for the entire life of the victim," the report noted.

Investing in detection, mitigation

The pervasiveness of card fraud has resulted in a lot of time and money being invested in fraud detection and mitigation, and issuers are no exception. Among those surveyed for the LexisNexis report, 78 percent plan to make significant investments in fraud mitigation over the next 12 months. Dynamic and static knowledge-based authentication lead the list of tools targeted for additional investment, followed by mobile carrier identity verification and manual reviews.

"Companies can prepare for the fraud impact of EMV adoption especially by bolstering their application fraud and account takeover prevention capabilities, enhancing their identity verification platforms, and keeping open lines of communication with affiliates who may have shared fraud threats," Sutherland said. "It only takes one major loss to feel the impact of a weak, simplistic, ineffective approach." end of article

Editor's Note:

The Green Sheet Inc. is now a proud affiliate of Bankcard Life, a premier community that provides industry-leading training and resources for payment professionals. Click here for more information.

Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.

Facebook
Twitter
LinkedIn
2019 2018 2017 2016 2015 2014 2013 2012 2011 2010 2009 2008 2007
A Thing