How the Grinch Stole Your Customers’ Credit Card Information
A new report from Adobe shows that sales this holiday season are expected to reach $83 billion, an 18 percent increase from last year, while purchases via mobile device are forecasted to exceed half of all sales during this time period. As expected, mobile is continuing to dominate, yet many retailers still aren’t prepared to handle the influx of sales and the fraud issues that come along with card-not-present (CNP) transactions conducted online or via mobile, leading to problems that are nastier than the Grinch on Christmas Eve.
We know that retailers are already behind when it comes to fully protecting their mobile offerings. In addition, large-scale data breaches against retailers are becoming more and more commonplace. Factor in the additional risk that we’re expecting to see with the shift to EMV, which will drive criminals away from point-of-sales (POS) crime right to cybercrime, and the stage is set for merchants to be as vulnerable as Whoville this holiday season.
Unfortunately, compromised and stolen data is available more than ever before. Recent reports showed that in 2014, over 1,500 breaches compromised over a billion records. Like the Grinch, fraudsters are so smart and so slick, but staying a few steps ahead will save you from falling prey to their tricks. Retailers can prevent being susceptible to data breaches by adopting solutions, such as tokenization, that evolve faster than fraudsters.
Retailers can combat the risk of fraud in several ways. First, they must ensure they can identify the avenue through which payments are being made. Businesses should implement a thorough fraud strategy that is tailored to their own specific needs, which also uses multiple real-time monitoring tactics, including analytics, scoring, device data, product based rules, behavioral monitoring, and geographic analysis. Using a combination of both machine-learning and rules-based systems will provide the most value to merchants, while allowing them to remain in control.
Once a fraud system is chosen, retailers should be aware of common schemes implemented by criminals. One of these methods is “card testing,” which is when a fraudster runs multiple transactions on one card as they try to validate stolen cards. Another sign that fraudulent transactions may be in progress is if multiple transactions from different cards are coming from one single IP address. Having a fraud strategy in place will help merchants gain access to all of these data points and make it easy to identify and prevent risky transactions.
Mobile adoption, as well as the technologies designed to keep pace with increased mobile use, will continue to evolve, constantly creating new weaknesses on which fraudsters can prey. Along with conducting reviews of your payment and fraud systems regularly, merchants need to make it a priority to have the right tools in place that can detect and predict fraud before it happens, allowing more legitimate transactions to go through, and stopping fraudulent ones in their tracks. If you neglect planning for a new level of fraud, don't expect a happy ending with a plate full of Who ham.
Don’t count on fraudsters’ hearts to suddenly grow three times larger. Increased awareness and protection this holiday retail season will go a long way.