ITProPortal: How to protect yourself against the upcoming “perfect storm of fraud”06-Oct-2015
Kount, a leading supplier of fraud protection and sales boosting technology, has revealed three current tends converging to create the perfect storm of fraud, along with tips that both vendors and consumers can use to protect themselves.
Kount’s “Perfect Storm of Fraud” eBook takes a look at how new, emerging technologies that claim to make transactions safer and protect consumer information can actually have the adverse effect, putting businesses and consumers alike at even greater risk. Recent large-scale data breaches, the shift to EMV in the US market, and the massive move by consumers to mobile channels and payments have created the perfect storm of fraud affecting consumers, retailers, merchants, and payment processors.
“New technologies and solutions aimed at decreasing fraud have created a false premise that transactions are becoming more secure than they are in reality,” said Don Bush, Vice President of Marketing, Kount. “For instance, while it’s true that EMV may decrease fraud for in person transactions, its increasing prevalence is driving fraudsters to adjust their tactics to focus on card-not-present transactions, where the EMV chip is almost irrelevant. Fraud has risen dramatically in every market that EMV has been implemented, and as the US undergoes this shift as one of the largest e-commerce economies in the world, fraudsters’ movement to online will have a global effect.”
What’s more, recent data breaches combined with increasing use of new mobile payment solutions make it easier for thieves to obtain and use stolen data, leaving merchants and consumers extremely vulnerable to fraud.
“Recent trends are creating an environment that makes it easier for fraudsters and more difficult for merchants. But it is possible for businesses to weather the storm and protect themselves – and their customers – from fraud,” continued Bush. “The solution is not just to acknowledge that the current environment is making it easier for fraudsters to organise and attack your business. With that knowledge, merchants must employ multiple, real-time techniques to better understand their good customers and work in the context of an order to block truly fraudulent transactions while also protecting the legitimate ones.”
So how can vendors and consumers alike protect themselves against fraud? Kount offers the following tips:
- Employ a comprehensive fraud strategy. A modern fraud strategy is tailored to your business strategy and uses multiple techniques in real time. These techniques include: analytics, scoring, device data, product based rules, link analysis, data validation, payment information, behavioral monitoring, and geographic analysis. The best possible implementation will use this data in both a machine-learning environment and a rules-based system. This maximises the value of the data while giving the merchant complete control. This sort of system will make doing the following steps very easy.
- Scrutinise big ticket items. Stolen cards or account details will have a short lifespan as the real owner realises their card has been stolen. Fraudsters seek to maximise their profits by purchasing big ticket items such as jewelry, TVs, and technology, and are likely to order those items multiple times to maximise profits.
- Always verify elements of the order. By verifying the elements of the transaction – such as geolocation and shopping cart data – merchants can see issues as they arise.
- Ensure IP location, billing information, and shipping information are in sync. Not every order will line up nicely, but fraudsters often try to fool your payment system or ship to locations that are not close to the person making the order. This can be a sign of fraud.
- Beware of “Running a Card.” Fraudsters will run multiple transactions on one card, or multiple cards on one or several transactions. This is also known as “card testing” Fraudsters are trying to validate stolen cards and leave merchants with chargebacks and upset customers.
- Investigate multiple cards coming from a single IP address or email. Multiple transactions from different cards coming from a single IP address is a strong indication of fraud. Likewise, use of the same card with different email addresses is an additional strategy used by fraudsters to mask their identities.
- Strengthen your password protection. 12345 and qwerty are short, simple passwords that make your account a target for fraud. Make sure you choose a password that’s a mix of numbers, letters (both capital and lowercase) and symbols. However, a difficult password alone is not enough. Having different strong passwords for each of your accounts can help protect you against multiple breaches if a fraudster were to access one password.
- Use caution when it comes to free Wi-Fi. Always think twice before joining a free Wi-Fi network. Scammers will create fake networks with the same name as legitimate public venues in the area (think: coffee shops, airports etc.), which contain malware. Once victims join the network, the criminal has access to all of their online accounts and personal information.
- Educate yourself. Knowledge is power. Understanding the current landscape will help you protect yourself against loses. It can also be fascinating to learn about the way organised fraudsters attack. A few terrific resources are the Internet Retailer, Krebs on Security and CardNotPresent.com.
- Know the rules. Debit and credit cards operated by the large card associations offer very low liability for consumers. This means complete protection in many cases. Responsible use of credit and debit cards from brands like Visa, MasterCard, Discover and Amex provides consumers with easy, low cost transactions and protection from fraud.
- Regularly review your accounts. Reviewing your online statements often — at least monthly — can help you keep track of your purchases and make sure arbitrary charges have not been made. If a suspicious charge appears, call the merchant first.
- Keep personal information close to the chest. It may seem obvious, but be careful where, when, and how you share your birthday, social security number, or credit card information. Fraudsters go to extreme lengths, including posing as official census takers who go door to door or as customer service representatives over the phone to offer special deals or discounts, to get you to give up private information willingly.
Source: Written by Lara Lackie for ITProPortal.com.