By Brandes Elitch
In May of this year, I attended the CNP Expo in San Francisco, and I will state flat out that this event should be mandatory attendance for every merchant with a significant online presence, as well as for payment professionals responsible for safeguarding card-not-present (CNP) transaction data. That's a bold statement, but don't take my word for it. Postpone finishing this article, if you like, and go to the Online FraudCast podcast hosted by anti-cybercrime experts Karisse Hendrick and Brett Johnson. I recommend these three podcast episodes:
The current headlines about fraud will be no surprise. Here are some examples:
You get the idea. One of the most pernicious types of assault is the Magecart "digital skimmer" attack. Fraudsters target Magento ecommerce software and plant malicious code inside the victims' websites. As one expert said, "It really shows that any ecommerce site is fair game" for an attacker. If you are selling in ecommerce ‒ and who isn't? ‒ this means you.
CardNotPresent.com was founded by Casco Media Corp. in 2011, an online publication that subsequently founded the CNP Expo, an annual conference that launched in 2012. In 2015, the organization and its expo were acquired by Reed Exhibitions, a member of RELX Group.
CNP's focus is on ecommerce fraud prevention and global payment acceptance. The show has achieved maturity, with approximately 500 attendees, more than 50 hours of educational offerings, and about 40 fraud-prevention providers and payment processing vendors in the tradeshow exhibit area.
Today, fraud is moving to the account level. Some retailers have gotten better at fraud detection and are now focused on false declines and improving revenue. I counted nine areas of concentration at the event. Those working in this space need to be familiar with all of them:
Serious fraud-management professionals could easily spend the better part of the day just speaking with vendors of these products and services.
Expo planners put significant thought into the sessions offered at the Expo, too. Several topics that resonated with me are: What is the true cost of fraud to your business? (benchmarking survey); Fake is the new fraud; Partnerships R Us: What is a fraud strategist and what do we do?; Compelling evidence: the key to winning first-party chargebacks; Managing your own career in payments and fraud; You've got to be shipping me (re-routes and re-shipping, and did-not-receive claims); and Know your frenemy" (fighting friendly fraud).
AI, behavioral biometrics and machine learning will play a greater role in this sphere as time goes by, but right now, there is an organized body of knowledge that fraud professionals and those tasked with safeguarding sensitive data need to master. That is what this annual show is all about. It is desperately needed, too, and not just because of data theft, but also for false declines and loss of revenue.
The most common attack is account takeover (ATO). Thieves steal legitimate payment credentials via data breaches or phishing. Then they use bots to verify user credentials and identify which ecommerce stores their victims use (this is called "credential stuffing"). Next, the thieves sell the credentials to other fraudsters on the Dark Web or commit ATOs themselves. When merchants think about this, they quickly come to the realization that they need help, and that's what is available in abundance at the Expo.
Talking to the vendors and learning what is going on in this space is a worthwhile use of time for any payments professional. The Expo helps clarify the factors at play, as well as enables potential partners to meet and find solutions that meet their specific needs. It is also useful to to meet leaders in the fraud-prevention world and hear what they are doing, as well as what keeps them up at night.
The next Expo will be held May 19 to 21, 2020, at the San Francisco Marriott Marquis hotel. You can pre-register for the event at www.cnpexpo.com.
Brandes Elitch, director of partner acquisition for CrossCheck Inc., has been a cash management practitioner for several Fortune 500 companies, sold cash management services for major banks and served as a consultant to bankcard acquirers. A certified cash manager and accredited ACH professional, Brandes has a Master's in Business Administration from New York University and a Juris Doctor from Santa Clara University. He can be reached at email@example.com.
Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.Prev Next